Hello community, here is the log from the commit of package git for openSUSE:Factory checked in at Tue Aug 9 10:56:12 CEST 2011.
-------- --- git/cgit.changes 2011-06-27 18:22:26.000000000 +0200 +++ /mounts/work_src_done/STABLE/git/cgit.changes 2011-08-05 15:14:39.000000000 +0200 @@ -1,0 +2,6 @@ +Fri Aug 5 15:13:43 CEST 2011 - [email protected] + +- Fix VUL-0: cgit: XSS flaw in rename hint (CVE-2011-2711, + bnc#707929) + +------------------------------------------------------------------- calling whatdependson for head-i586 New: ---- cgit-CVE-2011-2711-fix.diff ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ cgit.spec ++++++ --- /var/tmp/diff_new_pack.x1E2Ph/_old 2011-08-09 10:55:40.000000000 +0200 +++ /var/tmp/diff_new_pack.x1E2Ph/_new 2011-08-09 10:55:40.000000000 +0200 @@ -25,13 +25,14 @@ Group: Development/Libraries/C and C++ AutoReqProv: on Version: 0.9 -Release: 7 +Release: 8 Summary: A web frontend for git repositories Source0: %{name}-%{version}.tar.bz2 Source1: git-%{git_version}.tar.bz2 Source2: cgitrc Patch: cgit-optflags.diff Patch1: cgit-git-1.7.5.x-build-fix.diff +Patch2: cgit-CVE-2011-2711-fix.diff # Requirements for cgit BuildRequires: gnu-crypto libopenssl-devel libzip-devel # Requirements for cgitrc man page generation @@ -51,6 +52,7 @@ %setup -q -T -D -a 1 %patch -p1 %patch1 -p1 +%patch2 -p1 rm -rf git mv git-%{git_version} git ++++++ git.spec ++++++ --- /var/tmp/diff_new_pack.x1E2Ph/_old 2011-08-09 10:55:40.000000000 +0200 +++ /var/tmp/diff_new_pack.x1E2Ph/_new 2011-08-09 10:55:40.000000000 +0200 @@ -40,7 +40,7 @@ BuildRequires: python BuildRequires: perl-Error Version: 1.7.6 -Release: 3 +Release: 5 Summary: Fast, scalable, distributed revision control system License: GPLv2+ Group: Development/Tools/Version Control ++++++ cgit-CVE-2011-2711-fix.diff ++++++ >From bebe89d7c11a92bf206bf6e528c51ffa8ecbc0d5 Mon Sep 17 00:00:00 2001 From: Lukas Fleischer <[email protected]> Date: Fri, 22 Jul 2011 11:47:19 +0000 Subject: Fix potential XSS vulnerability in rename hint The file name displayed in the rename hint should be escaped to avoid XSS. Note that this vulnerability is only applicable when an attacker has gained push access to the repository. Signed-off-by: Lukas Fleischer <[email protected]> Signed-off-by: Lars Hjemli <[email protected]> --- --- ui-diff.c | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) --- a/ui-diff.c +++ b/ui-diff.c @@ -97,10 +97,12 @@ htmlf("</td><td class='%s'>", class); cgit_diff_link(info->new_path, NULL, NULL, ctx.qry.head, ctx.qry.sha1, ctx.qry.sha2, info->new_path, 0); - if (info->status == DIFF_STATUS_COPIED || info->status == DIFF_STATUS_RENAMED) - htmlf(" (%s from %s)", - info->status == DIFF_STATUS_COPIED ? "copied" : "renamed", - info->old_path); + if (info->status == DIFF_STATUS_COPIED || info->status == DIFF_STATUS_RENAMED) { + htmlf(" (%s from ", + info->status == DIFF_STATUS_COPIED ? "copied" : "renamed"); + html_txt(info->old_path); + html(")"); + } html("</td><td class='right'>"); if (info->binary) { htmlf("bin</td><td class='graph'>%ld -> %ld bytes", ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Remember to have fun... -- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
