-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2010-15534 2010-09-30 10:02:31 --------------------------------------------------------------------------------
Name : cgit Product : Fedora 13 Version : 0.8.2.1 Release : 4.fc13 URL : http://hjemli.net/git/cgit/ Summary : A fast webinterface for git Description : This is an attempt to create a fast web interface for the git scm, using a builtin cache to decrease server io-pressure. -------------------------------------------------------------------------------- Update Information: This fixes a security issue where a special crafted .git file could cause arbitrary code execution (CVE-2010-2542). -------------------------------------------------------------------------------- ChangeLog: * Mon Sep 27 2010 Todd Zullinger <[email protected]> - 0.8.2.1-4 - Appy upstream git patch for CVE-2010-2542 (#618108) -------------------------------------------------------------------------------- References: [ 1 ] Bug #618108 - CVE-2010-2542 Git: Arbitrary code execution via specially-crafted .git file https://bugzilla.redhat.com/show_bug.cgi?id=618108 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update cgit' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list [email protected] https://admin.fedoraproject.org/mailman/listinfo/package-announce
