From e92f1273b50942b4c92c7367921f3fe8783ae78d Mon Sep 17 00:00:00 2001 From: Todd Zullinger Date: Fri, 22 Jul 2011 09:37:19 -0400 Subject: Fix potential XSS vulnerability in rename hint --- cgit.spec | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/cgit.spec b/cgit.spec index cfba28d..23c0b9d 100644 --- a/cgit.spec +++ b/cgit.spec @@ -20,7 +20,7 @@ make V=1 %{?_smp_mflags} \\\ Name: cgit Version: 0.9.0.2 -Release: 1%{?dist} +Release: 2%{?dist} Summary: A fast web interface for git Group: Development/Tools @@ -31,6 +31,9 @@ Source1: http://www.kernel.org/pub/software/scm/git/git-%{gitver}.tar.bz2 Source2: cgitrc Source3: cgit.httpd Source4: README.SELinux +# http://hjemli.net/pipermail/cgit/2011-July/000276.html +# http://hjemli.net/git/cgit/commit/?h=stable&id=bebe89d +Patch0: 0001-Fix-potential-XSS-vulnerability-in-rename-hint.patch BuildRoot: %(mktemp -ud %{_tmppath}/%{name}-%{version}-%{release}-XXXXXX) BuildRequires: asciidoc @@ -51,6 +54,7 @@ Cgit is a fast web interface for git. It uses caching to increase performance. %prep %setup -q -a 1 +%patch0 -p1 # setup the git dir rm -rf git @@ -94,6 +98,9 @@ rm -rf %{buildroot} %changelog +* Fri Jul 22 2011 Todd Zullinger - 0.9.0.2-2 +- Fix potential XSS vulnerability in rename hint + * Thu Jul 21 2011 Todd Zullinger - 0.9.0.2-1 - Update to 0.9.0.2 -- cgit