Hello community, here is the log from the commit of package git for openSUSE:Factory checked in at Tue Aug 9 10:56:12 CEST 2011. -------- --- git/cgit.changes 2011-06-27 18:22:26.000000000 +0200 +++ /mounts/work_src_done/STABLE/git/cgit.changes 2011-08-05 15:14:39.000000000 +0200 @@ -1,0 +2,6 @@ +Fri Aug 5 15:13:43 CEST 2011 - tiwai@suse.de + +- Fix VUL-0: cgit: XSS flaw in rename hint (CVE-2011-2711, + bnc#707929) + +------------------------------------------------------------------- calling whatdependson for head-i586 New: ---- cgit-CVE-2011-2711-fix.diff ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ cgit.spec ++++++ --- /var/tmp/diff_new_pack.x1E2Ph/_old 2011-08-09 10:55:40.000000000 +0200 +++ /var/tmp/diff_new_pack.x1E2Ph/_new 2011-08-09 10:55:40.000000000 +0200 @@ -25,13 +25,14 @@ Group: Development/Libraries/C and C++ AutoReqProv: on Version: 0.9 -Release: 7 +Release: 8 Summary: A web frontend for git repositories Source0: %{name}-%{version}.tar.bz2 Source1: git-%{git_version}.tar.bz2 Source2: cgitrc Patch: cgit-optflags.diff Patch1: cgit-git-1.7.5.x-build-fix.diff +Patch2: cgit-CVE-2011-2711-fix.diff # Requirements for cgit BuildRequires: gnu-crypto libopenssl-devel libzip-devel # Requirements for cgitrc man page generation @@ -51,6 +52,7 @@ %setup -q -T -D -a 1 %patch -p1 %patch1 -p1 +%patch2 -p1 rm -rf git mv git-%{git_version} git ++++++ git.spec ++++++ --- /var/tmp/diff_new_pack.x1E2Ph/_old 2011-08-09 10:55:40.000000000 +0200 +++ /var/tmp/diff_new_pack.x1E2Ph/_new 2011-08-09 10:55:40.000000000 +0200 @@ -40,7 +40,7 @@ BuildRequires: python BuildRequires: perl-Error Version: 1.7.6 -Release: 3 +Release: 5 Summary: Fast, scalable, distributed revision control system License: GPLv2+ Group: Development/Tools/Version Control ++++++ cgit-CVE-2011-2711-fix.diff ++++++
From bebe89d7c11a92bf206bf6e528c51ffa8ecbc0d5 Mon Sep 17 00:00:00 2001 From: Lukas Fleischer <cgit@cryptocrack.de> Date: Fri, 22 Jul 2011 11:47:19 +0000 Subject: Fix potential XSS vulnerability in rename hint
The file name displayed in the rename hint should be escaped to avoid XSS. Note that this vulnerability is only applicable when an attacker has gained push access to the repository. Signed-off-by: Lukas Fleischer <cgit@cryptocrack.de> Signed-off-by: Lars Hjemli <hjemli@gmail.com> --- --- ui-diff.c | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) --- a/ui-diff.c +++ b/ui-diff.c @@ -97,10 +97,12 @@ htmlf("</td><td class='%s'>", class); cgit_diff_link(info->new_path, NULL, NULL, ctx.qry.head, ctx.qry.sha1, ctx.qry.sha2, info->new_path, 0); - if (info->status == DIFF_STATUS_COPIED || info->status == DIFF_STATUS_RENAMED) - htmlf(" (%s from %s)", - info->status == DIFF_STATUS_COPIED ? "copied" : "renamed", - info->old_path); + if (info->status == DIFF_STATUS_COPIED || info->status == DIFF_STATUS_RENAMED) { + htmlf(" (%s from ", + info->status == DIFF_STATUS_COPIED ? "copied" : "renamed"); + html_txt(info->old_path); + html(")"); + } html("</td><td class='right'>"); if (info->binary) { htmlf("bin</td><td class='graph'>%ld -> %ld bytes", ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Remember to have fun... -- To unsubscribe, e-mail: opensuse-commit+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-commit+help@opensuse.org