Hello community,
here is the log from the commit of package git for openSUSE:11.4
checked in at Tue Jun 21 18:45:48 CEST 2011.
--------
--- old-versions/11.4/all/git/git.changes 2010-12-17 17:53:01.000000000 +0100
+++ 11.4/git/git.changes 2011-06-17 12:09:30.000000000 +0200
@@ -1,0 +2,5 @@
+Fri Jun 17 12:07:08 CEST 2011 - tiwai@suse.de
+
+- Fix VUL-1: git-web xss (CVE-2011-2186, bnc#698456)
+
+-------------------------------------------------------------------
Package does not exist at destination yet. Using Fallback old-versions/11.4/all/git
Destination is old-versions/11.4/UPDATES/all/git
calling whatdependson for 11.4-i586
New:
----
git-prevent_xss-default.diff
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ cgit.spec ++++++
--- /var/tmp/diff_new_pack.xa1bRV/_old 2011-06-21 18:45:15.000000000 +0200
+++ /var/tmp/diff_new_pack.xa1bRV/_new 2011-06-21 18:45:15.000000000 +0200
@@ -1,7 +1,7 @@
#
-# spec file for package cgit (Version 0.8.3.3)
+# spec file for package cgit
#
-# Copyright (c) 2010 SUSE LINUX Products GmbH, Nuernberg, Germany.
+# Copyright (c) 2011 SUSE LINUX Products GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -25,7 +25,7 @@
Group: Development/Libraries/C and C++
AutoReqProv: on
Version: 0.8.3.3
-Release: 4
+Release: 5.<RELEASE2>
Summary: A web frontend for git repositories
Source0: %{name}-%{version}.tar.bz2
Source1: git-%{git_version}.tar.bz2
++++++ git.spec ++++++
--- /var/tmp/diff_new_pack.xa1bRV/_old 2011-06-21 18:45:15.000000000 +0200
+++ /var/tmp/diff_new_pack.xa1bRV/_new 2011-06-21 18:45:15.000000000 +0200
@@ -1,7 +1,7 @@
#
-# spec file for package git (Version 1.7.3.4)
+# spec file for package git
#
-# Copyright (c) 2010 SUSE LINUX Products GmbH, Nuernberg, Germany.
+# Copyright (c) 2011 SUSE LINUX Products GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -39,7 +39,7 @@
BuildRequires: python
BuildRequires: perl-Error
Version: 1.7.3.4
-Release: 1
+Release: 4.<RELEASE5>
Summary: Fast, scalable, distributed revision control system
License: GPLv2+
Group: Development/Tools/Version Control
@@ -53,6 +53,8 @@
Patch1: git-nohardlink.diff
Patch2: git-python-install-fix.diff
Patch3: completion-wordbreaks.diff
+# CVE-2011-2186, bnc#698456
+Patch4: git-prevent_xss-default.diff
BuildRoot: %{_tmppath}/%{name}-%{version}-build
Requires: git-core = %{version}
Recommends: git-svn git-cvs git-email gitk git-gui git-web
@@ -262,6 +264,7 @@
%patch1 -p1
%patch2 -p1
%patch3 -p1
+%patch4 -p1
%build
cat > .make <<'EOF'
++++++ git-prevent_xss-default.diff ++++++
From: Jakub Narebski