Back to cgit PTS page

Accepted cgit 0.10.2.git2.0.1-3+deb8u1 (source) into proposed-updates->stable-new, proposed-updates

To: debian-changes@lists.debian.org
Subject: Accepted cgit 0.10.2.git2.0.1-3+deb8u1 (source) into proposed-updates->stable-new, proposed-updates
From: Salvatore Bonaccorso <carnil@debian.org>
Date: Fri, 08 Apr 2016 09:47:08 +0000
Mail-followup-to: debian-devel@lists.debian.org
Message-id: <E1aoT0O-0004OQ-Se@franck.debian.org>
Reply-to: debian-devel@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Mon, 04 Apr 2016 08:41:52 +0200
Source: cgit
Binary: cgit
Architecture: source
Version: 0.10.2.git2.0.1-3+deb8u1
Distribution: jessie-security
Urgency: high
Maintainer: Alexander Wirt <formorer@debian.org>
Changed-By: Salvatore Bonaccorso <carnil@debian.org>
Closes: 812411
Description: 
 cgit       - hyperfast web frontend for git repositories written in C
Changes:
 cgit (0.10.2.git2.0.1-3+deb8u1) jessie-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * CVE-2016-1899: Reflected XSS and header injection in mimetype query
     string (Closes: #812411)
   * CVE-2016-1900: Stored cross site scripting and header injection in
     filename parameter (Closes: #812411)
   * CVE-2016-1901: Integer overflow resulting in buffer overflow
     (Closes: #812411)
   * filters: apply HTML escaping.
     Addresses cross-site scripting vulnerability in via the
     txt2html filter.
Checksums-Sha1: 
 742128a3bb0907f167a9b53ad9b649573e61084f 1867 cgit_0.10.2.git2.0.1-3+deb8u1.dsc
 d0fccec308fdaeb9471a9cbebdf8b4f23527fd58 5157263 cgit_0.10.2.git2.0.1.orig.tar.gz
 0dc7bb7a32f21f382eb112739f2bac7177987d6e 11064 cgit_0.10.2.git2.0.1-3+deb8u1.debian.tar.xz
Checksums-Sha256: 
 923e36322a6b87505ec2dd335cf72e0f8399eb98e75923079430d46d237d679d 1867 cgit_0.10.2.git2.0.1-3+deb8u1.dsc
 9e4070ad5a2fda0375b92df4805f861da9022bbd861ee2d402fc8c39e2dbf681 5157263 cgit_0.10.2.git2.0.1.orig.tar.gz
 f1e7cbb1c2808a3c1340bac1da6b5ae3ac6bb55bc53e54c8f43358b5da9cf31a 11064 cgit_0.10.2.git2.0.1-3+deb8u1.debian.tar.xz
Files: 
 cc750bebebc7d79cf768e7a63ecd6117 1867 net extra cgit_0.10.2.git2.0.1-3+deb8u1.dsc
 15c7bc81344eb0e20875d24342f47e0a 5157263 net extra cgit_0.10.2.git2.0.1.orig.tar.gz
 fc01c33627fa1a83ede1634719f1665d 11064 net extra cgit_0.10.2.git2.0.1-3+deb8u1.debian.tar.xz

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCgAGBQJXAhGCAAoJEAVMuPMTQ89EgyAP+gKtET8UQ2lbbAEj3Tff3+wb
w9BHlwpRkw3ru28mCmd0YlJ7vBtuNurWPaRz9Q1Q38G39ilGI+K1dDxVPCXEd8FV
4HfnGd1J2U6MApYBJS1uphCcMUfbSazqhS9CUsGqCrcSjJNwKFosUFShuHRQlLvn
UGnzYBag109XQkFfsPlY4oySt6VkBVtz1KsySthR06Ha+QnpUWCeBYydqpPuk2Bw
vaJVwzfNGF0ZIEsfl+zbQnuGUv9MGz/wF+Iu5glPfc6ABXlr4rqY1SKJWNA8Bdce
nmHZuNYiyV0B7DJzboIo+f8VeCFr0UW0+MyVKqCbXZ3u9RF0dqlN0o5NiYuEM6Fr
CEt6i8j1pNDLNQj8kM7IRB0gxakI3jbDdU4gN//Ul2OEatARcSSqMvmcQqQ8ByTE
06SgQfAnlv5fV8DlapovSkVvXbgq72Tv1oc7r8DwDSIbtLQ1oYutO8S4vmtH5GrY
gWltCFcXJN013WqFrqFb5jPFwFJ8EAJiZEuYs6KBGkiHyXbVPh12aQCF1P994VEi
bnQr11tnJc1n7vYFlcxpZF+B6Pw4dRZcw1XclgcE3pdzqP7EeppE5ebYSoiIma4K
0YMIXW/X339Pxu+1PcddQVPgjbU4asAdynh1mV0adEJPVZT2nWA+Y5utOuxv5DEf
qC1KlCi3lfIwrVxPudWZ
=n+9t
-----END PGP SIGNATURE-----