openSUSE: 2018:2308-1: moderate: cgit
Description
This update for cgit fixes the following issues: The following security vulnerability was addressed: - CVE-2018-14912: Fixed a directory traversal vulnerability, when enable-http-clone=1 is not turned off (boo#1103799) The following other changes were made: - Update to upstream release 1.2.1 * syntax-highlighting: replace invalid unicode with '?' * ui-repolist: properly sort by age * ui-patch: fix crash when using path limit
Patch
Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.0: zypper in -t patch openSUSE-2018-863=1
Package List
- openSUSE Leap 15.0 (x86_64): cgit-1.2.1-lp150.2.3.1 cgit-debuginfo-1.2.1-lp150.2.3.1 cgit-debugsource-1.2.1-lp150.2.3.1
References
https://www.suse.com/security/cve/CVE-2018-14912.html https://bugzilla.suse.com/1103799--