Hello community,
here is the log from the commit of package git for openSUSE:Factory
checked in at Tue Jun 21 09:27:56 CEST 2011.
--------
--- git/git.changes 2011-06-06 16:11:47.000000000 +0200
+++ /mounts/work_src_done/STABLE/git/git.changes 2011-06-17 11:54:35.000000000 +0200
@@ -1,0 +2,5 @@
+Fri Jun 17 11:53:21 CEST 2011 - tiwai@suse.de
+
+- Fix VUL-1: git-web xss (CVE-2011-2186, bnc#698456)
+
+-------------------------------------------------------------------
calling whatdependson for head-i586
New:
----
git-prevent_xss-default.diff
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ cgit.spec ++++++
--- /var/tmp/diff_new_pack.sSYK1l/_old 2011-06-21 09:24:17.000000000 +0200
+++ /var/tmp/diff_new_pack.sSYK1l/_new 2011-06-21 09:24:17.000000000 +0200
@@ -25,7 +25,7 @@
Group: Development/Libraries/C and C++
AutoReqProv: on
Version: 0.9
-Release: 3
+Release: 4
Summary: A web frontend for git repositories
Source0: %{name}-%{version}.tar.bz2
Source1: git-%{git_version}.tar.bz2
++++++ git.spec ++++++
--- /var/tmp/diff_new_pack.sSYK1l/_old 2011-06-21 09:24:17.000000000 +0200
+++ /var/tmp/diff_new_pack.sSYK1l/_new 2011-06-21 09:24:17.000000000 +0200
@@ -39,7 +39,7 @@
BuildRequires: python
BuildRequires: perl-Error
Version: 1.7.5.4
-Release: 1
+Release: 3
Summary: Fast, scalable, distributed revision control system
License: GPLv2+
Group: Development/Tools/Version Control
@@ -53,6 +53,8 @@
Patch1: git-nohardlink.diff
Patch2: git-python-install-fix.diff
Patch3: completion-wordbreaks.diff
+# CVE-2011-2186, bnc#698456
+Patch4: git-prevent_xss-default.diff
BuildRoot: %{_tmppath}/%{name}-%{version}-build
Requires: git-core = %{version}
Recommends: git-svn git-cvs git-email gitk git-gui git-web
@@ -262,6 +264,7 @@
%patch1 -p1
%patch2 -p1
%patch3 -p1
+%patch4 -p1
%build
cat > .make <<'EOF'
++++++ git-prevent_xss-default.diff ++++++
From: Jakub Narebski