[cgit] Fix potential XSS vulnerability in rename hint
Todd Zullinger
tmz at fedoraproject.org
Fri Jul 22 13:39:36 UTC 2011
commit e92f1273b50942b4c92c7367921f3fe8783ae78d
Author: Todd Zullinger <tmz at pobox.com>
Date: Fri Jul 22 09:37:19 2011 -0400
Fix potential XSS vulnerability in rename hint
cgit.spec | 9 ++++++++-
1 files changed, 8 insertions(+), 1 deletions(-)
---
diff --git a/cgit.spec b/cgit.spec
index cfba28d..23c0b9d 100644
--- a/cgit.spec
+++ b/cgit.spec
@@ -20,7 +20,7 @@ make V=1 %{?_smp_mflags} \\\
Name: cgit
Version: 0.9.0.2
-Release: 1%{?dist}
+Release: 2%{?dist}
Summary: A fast web interface for git
Group: Development/Tools
@@ -31,6 +31,9 @@ Source1: http://www.kernel.org/pub/software/scm/git/git-%{gitver}.tar.bz2
Source2: cgitrc
Source3: cgit.httpd
Source4: README.SELinux
+# http://hjemli.net/pipermail/cgit/2011-July/000276.html
+# http://hjemli.net/git/cgit/commit/?h=stable&id=bebe89d
+Patch0: 0001-Fix-potential-XSS-vulnerability-in-rename-hint.patch
BuildRoot: %(mktemp -ud %{_tmppath}/%{name}-%{version}-%{release}-XXXXXX)
BuildRequires: asciidoc
@@ -51,6 +54,7 @@ Cgit is a fast web interface for git. It uses caching to increase performance.
%prep
%setup -q -a 1
+%patch0 -p1
# setup the git dir
rm -rf git
@@ -94,6 +98,9 @@ rm -rf %{buildroot}
%changelog
+* Fri Jul 22 2011 Todd Zullinger <tmz at pobox.com> - 0.9.0.2-2
+- Fix potential XSS vulnerability in rename hint
+
* Thu Jul 21 2011 Todd Zullinger <tmz at pobox.com> - 0.9.0.2-1
- Update to 0.9.0.2
More information about the scm-commits
mailing list