-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Wed, 27 Jan 2016 20:54:12 +0100 Source: cgit Binary: cgit Architecture: source Version: 0.11.2.git2.3.2-1.1 Distribution: unstable Urgency: medium Maintainer: Alexander Wirt <formorer@debian.org> Changed-By: Salvatore Bonaccorso <carnil@debian.org> Closes: 812411 Description: cgit - hyperfast web frontend for git repositories written in C Changes: cgit (0.11.2.git2.3.2-1.1) unstable; urgency=medium . * Non-maintainer upload. * CVE-2016-1899: Reflected XSS and header injection in mimetype query string (Closes: #812411) * CVE-2016-1900: Stored cross site scripting and header injection in filename parameter (Closes: #812411) * CVE-2016-1901: Integer overflow resulting in buffer overflow (Closes: #812411) Checksums-Sha1: f5d9cd6be972bf1a5c56b866fc8e59f20a322e56 1847 cgit_0.11.2.git2.3.2-1.1.dsc f9733e84899aadfcfb941231304afe6fc1d37edf 11600 cgit_0.11.2.git2.3.2-1.1.debian.tar.xz Checksums-Sha256: ad502bb1d3afe57d7553ef4c8c46ec317a0f5f8d032ba278bfc210bbf5addfb0 1847 cgit_0.11.2.git2.3.2-1.1.dsc ec17cde4d4bf039c93f1f68d2c42305c24d3dc2afd0c195743fab8114aa49e7f 11600 cgit_0.11.2.git2.3.2-1.1.debian.tar.xz Files: 4c998878c49118401bcddc4e408b56c8 1847 net extra cgit_0.11.2.git2.3.2-1.1.dsc e4997c40d3834bc680df8c408a9b69a5 11600 net extra cgit_0.11.2.git2.3.2-1.1.debian.tar.xz -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBCgAGBQJWtt2fAAoJEAVMuPMTQ89EqG0P/2ZlyMK7cZVwL3qMDcnfIlOi jlDiiWd7cP3yPAVWdGZgqjr60wD4S4f6BBnxommRxXAowrI+XBR4UidvnDIx9ODm rud9dGBpGZHU3iz/xFaCc4MY4TDEJfCEn4WF11L16Hi0qHE4atic4fRdZrWxuWic Q9cvh6TRz3zwFrdsD3gfAu0ncQiXT1BRE+tm/QPFH3HY+dpOCsWLRVewk7a3fiCJ /kRkO0eeYul9Xjy2w3Ek/zmf/V+5PfVVdwcrcG0lQvklu23HzmD4BdIBmkVYHCNd cg++SZJEZrrDofv914QnbxZLl5NiF2Hh3Z/3WEXztW/uhYhAt/LgW/E6ydiLd2qz fPkRpItYEV+MxKGtkFEcQ8q4aJ6yLUDJ64unCSvy/4EVjgDarHmd7uJlXR4arxqA gOLQvrrhPgivk+lAbOF88nNE1UdETVKaQ9GIkPJimZd1j3pZBoJND1DVkj0zeA70 19pRL3sk7QAD0nyiwfC+zAMqSb0SxaBCKvOwLTKniHdF1lQVAQtv1PWPcT6Wx0MM Pn4MdxXY0xN96+J+7PzJVX/+dFUzhkZXLVydvS3wEgeDn72gfPL+t4CZKSz/2lbD MttYd75XrYNk2ND5vJx1F0UCxgevLerZdpgSFGCxqf/h67HSnNIJOKMVkQO53LMU 5VI/ku69NMthNzOh3cZE =H+qW -----END PGP SIGNATURE-----