diff --git a/cgit-1.1.tar.xz b/cgit-1.1.tar.xz deleted file mode 100644 index ec94151..0000000 --- a/cgit-1.1.tar.xz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:0889af29be15fc981481caa09579f982b9740fe9fd2860ab87dff286f4635890 -size 86268 diff --git a/cgit-1.2.1.tar.xz b/cgit-1.2.1.tar.xz new file mode 100644 index 0000000..b89e98e --- /dev/null +++ b/cgit-1.2.1.tar.xz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:3c547c146340fb16d4134326e7524bfb28ffa681284f1e3914bde1c27a9182bf +size 89648 diff --git a/cgit-built-with-git-v2.11.0.patch b/cgit-built-with-git-v2.11.0.patch deleted file mode 100644 index 01a2309..0000000 --- a/cgit-built-with-git-v2.11.0.patch +++ /dev/null @@ -1,27 +0,0 @@ -From 91153fd02e62f2eaca8e6c140baa4f2abf39c40e Mon Sep 17 00:00:00 2001 -From: Christian Hesse -Date: Wed, 30 Nov 2016 10:43:08 +0100 -Subject: git: update to v2.11.0 - -Update to git version v2.11.0. Function write_archive() -dropped argument (int setup_prefix). ---- - - ui-snapshot.c | 2 +- - 3 files changed, 3 insertions(+), 3 deletions(-) - -diff --git a/ui-snapshot.c b/ui-snapshot.c -index 08c6e80..9b8cddd 100644 ---- a/ui-snapshot.c -+++ b/ui-snapshot.c -@@ -37,7 +37,7 @@ static int write_archive_type(const char *format, const char *hex, const char *p - /* argv_array guarantees a trailing NULL entry. */ - memcpy(nargv, argv.argv, sizeof(char *) * (argv.argc + 1)); - -- result = write_archive(argv.argc, nargv, NULL, 1, NULL, 0); -+ result = write_archive(argv.argc, nargv, NULL, NULL, 0); - argv_array_clear(&argv); - free(nargv); - return result; --- -cgit v1.1-3-g9641 diff --git a/cgit.changes b/cgit.changes index c7dd6ee..817f17b 100644 --- a/cgit.changes +++ b/cgit.changes @@ -1,3 +1,14 @@ +------------------------------------------------------------------- +Sun Aug 5 16:24:56 UTC 2018 - jengelh@inai.de + +- Update to new upstream release 1.2.1 + * fixes CVE-2018-14912 directory traversal vulnerability + [boo#1103799] + * syntax-highlighting: replace invalid unicode with '?' + * ui-repolist: properly sort by age + * ui-patch: fix crash when using path limit +- Remove cgit-built-with-git-v2.11.0.patch (merged upstream) + ------------------------------------------------------------------- Sat Feb 11 17:56:42 UTC 2017 - jengelh@inai.de diff --git a/cgit.spec b/cgit.spec index 383589a..f01ac7a 100644 --- a/cgit.spec +++ b/cgit.spec @@ -16,9 +16,9 @@ # -%define git_version 2.11.1 +%define git_version 2.18.0 Name: cgit -Version: 1.1 +Version: 1.2.1 Release: 0 Summary: A web frontend for git repositories License: GPL-2.0 @@ -30,8 +30,7 @@ Source2: https://www.kernel.org/pub/software/scm/git/git-%git_version.tar Source3: https://www.kernel.org/pub/software/scm/git/git-%git_version.tar.sign Source4: %name.keyring Source9: cgitrc -Patch0: cgit-optflags.diff -Patch1: cgit-built-with-git-v2.11.0.patch +Patch1: cgit-optflags.diff # Requirements for cgitrc man page generation BuildRequires: asciidoc # Requirements for cgit @@ -42,26 +41,25 @@ BuildRequires: xz BuildRoot: %_tmppath/%name-%version-build %description -This is an attempt to create a fast web interface for the Git SCM, using a -builtin cache to decrease server I/O pressure. +A web interface for the Git SCM, using a built-in cache to decrease server +I/O pressure. %prep %setup -qa2 -%patch0 -p1 -%patch1 -p1 +%patch -P 1 -p1 rm -rf git ln -s git-%git_version git %build +perl -i -pe 's{^#!/usr/bin/env }{#!/usr/bin/}g' filters/email-gravatar.py \ + filters/html-converters/md2html filters/syntax-highlighting.py make V=1 prefix="%_prefix" %{?_smp_mflags} %install -make install install-man DESTDIR=%buildroot prefix="%_prefix" \ +%make_install install-man prefix="%_prefix" \ CGIT_SCRIPT_PATH="/srv/www/htdocs/cgit" - mkdir -p "%buildroot/srv/www/cgi-bin/cgit/" mv %buildroot/srv/www/{htdocs,cgi-bin}/cgit/cgit.cgi - mkdir -p "%buildroot/%_sysconfdir" cp %SOURCE9 "%buildroot/%_sysconfdir/cgitrc" diff --git a/git-2.11.1.tar.sign b/git-2.11.1.tar.sign deleted file mode 100644 index 1229d02..0000000 Binary files a/git-2.11.1.tar.sign and /dev/null differ diff --git a/git-2.11.1.tar.xz b/git-2.11.1.tar.xz deleted file mode 100644 index 6607692..0000000 --- a/git-2.11.1.tar.xz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:c0a779cae325d48a1d5ba08b6ee1febcc31d0657a6da01fd1dec1c6e10976415 -size 4208132 diff --git a/git-2.18.0.tar.sign b/git-2.18.0.tar.sign new file mode 100644 index 0000000..d51b1f9 Binary files /dev/null and b/git-2.18.0.tar.sign differ diff --git a/git-2.18.0.tar.xz b/git-2.18.0.tar.xz new file mode 100644 index 0000000..cac1dc7 --- /dev/null +++ b/git-2.18.0.tar.xz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:8b40be383a603147ae29337136c00d1c634bdfdc169a30924a024596a7e30e92 +size 5102264