[ubuntu/bionic-security] cgit 1.1+git2.10.2-3ubuntu0.1 (Accepted)
Steve Beattie
sbeattie at ubuntu.com
Thu Aug 16 18:25:44 UTC 2018
cgit (1.1+git2.10.2-3ubuntu0.1) bionic-security; urgency=high
* SECURITY UPDATE: Directory traversal vulnerability.
- d/p/clone-fix-directory-traversal.patch:
This fixes a directory traversal vulnerability in CGit
before 1.2.1 when `enable-http-clone=1` is not turned off,
as demonstrated by a cgit/cgit.cgi/git/objects/?path=../ request.
- CVE-2018-14912 (LP: #1787021)
Date: 2018-08-15 23:49:12.707986+00:00
Changed-By: Unit 193 <unit193 at gmail.com>
Signed-By: Steve Beattie <sbeattie at ubuntu.com>
https://launchpad.net/ubuntu/+source/cgit/1.1+git2.10.2-3ubuntu0.1
-------------- next part --------------
Sorry, changesfile not available.
More information about the Bionic-changes
mailing list