-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2011-2803 2011-03-07 20:38:05 --------------------------------------------------------------------------------
Name : cgit Product : Fedora 14 Version : 0.9 Release : 1.fc14 URL : http://hjemli.net/git/cgit/ Summary : A fast web interface for git Description : Cgit is a fast web interface for git. It uses caching to increase performance. -------------------------------------------------------------------------------- Update Information: In addition to closing a DOS vulnerability (thanks to Jim Meyering), this upstream feature release adds the following enhancements: * Support for side-by-side diffs * Support for repo content in "about" view * Improved integration with gitolite/gitweb * Support for git notes in commit/log view * Support for graph in log view (similar to 'git log --graph') * Improved handling/display of path filters * Clients can modify diff view parameters * Support for directory listings in plain view * Support for remote branches * Support for range searches in log view (like 'git log master ^stable) * Support for expansion of environment vars in certain cgitrc options, which can simplify virtual hosting The release announcement has a more complete changelog: http://article.gmane.org/gmane.comp.version-control.git/168496 -------------------------------------------------------------------------------- ChangeLog: * Sun Mar 6 2011 Todd Zullinger <[email protected]> - 0.9-1 - Update to 0.9 - Fixes: CVE-2011-1027 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1027 - Generate and install man page and html docs - Use libcurl-devel on RHEL >= 6 - Include example filter scripts - Update example cgitrc * Tue Feb 8 2011 Fedora Release Engineering <[email protected]> - 0.8.2.1-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #680905 - CVE-2011-1027 cgit: invalid hex escape (e.g., %GG) in query triggers infinite loop https://bugzilla.redhat.com/show_bug.cgi?id=680905 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update cgit' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list [email protected] https://admin.fedoraproject.org/mailman/listinfo/package-announce
