Hello community, here is the log from the commit of package patchinfo.3843 for openSUSE:13.1:Update checked in at 2015-06-22 13:21:36 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:13.1:Update/patchinfo.3843 (Old) and /work/SRC/openSUSE:13.1:Update/.patchinfo.3843.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "patchinfo.3843" Changes: -------- New Changes file: NO CHANGES FILE!!! New: ---- _patchinfo ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ _patchinfo ++++++ <patchinfo incident="3843"> <packager>jengelh</packager> <issue tracker="bnc" id="910756">VUL-0: CVE-2014-9390: git: arbitrary command execution vulnerability on case-insensitive file systems</issue> <issue tracker="cve" id="CVE-2014-9390"></issue> <category>security</category> <rating>moderate</rating> <summary>Security update for cgit</summary> <description>The git web frontend cgit was updated to 0.11.2 to fix security issues and bugs. The following vulnerabilities were fixed: * CVE-2014-9390: arbitrary command execution vulnerability on case-insensitive file systems in git. Malicious commits could affect client users on all platforms using case-insensitive file systems when using vulnerable git versions. In addition cgit was updated to 0.11.2 with minor improvements and bug fixes. The embedded git version was updated to 2.4.3.</description> </patchinfo>
