------------------------------------------------------------------- Mon Oct 29 11:45:50 CET 2012 - tiwai@suse.de - cgit-CVE-2012-4548-fix.diff: Fix VUL-0: cgit: arbitrary code / command execution via improperly quoted arguments (CVE-2012-4548, bnc#787074) ------------------------------------------------------------------- Wed Oct 10 15:22:03 CEST 2012 - tiwai@suse.de - Fix VUL-0: specially-crafted commits can trigger a heap-based buffer overflow (CVE-2012-4465, bnc#783012) ------------------------------------------------------------------- Mon Feb 13 10:44:54 UTC 2012 - coolo@suse.com - patch license to follow spdx.org standard ------------------------------------------------------------------- Mon Nov 28 14:04:00 CET 2011 - zooey@hirschkaefer.de - Add patch cgit-fix-more-read_tree_recursive-invocations.diff: There are more incorrect invocations of read_tree_recursive(), one example can be seen when visiting one of the 'plain' links in the tree view (contents of the wrong file are shown). This time I did what I should have done last time and checked and adjusted all invocations of read_tree_recursive(). ------------------------------------------------------------------- Tue Nov 22 09:24:35 UTC 2011 - saschpe@suse.de - Add patch cgit-fix-print-tree.diff: The cgit build fix with respect to git-1.7.6 is incomplete: in the file ui-tree.c ls_tree() has been patched to use pathspec when invoking read_tree_recursive(), but cgit_print_tree() has no t been touched. The resulting problem can be seen when browsing the tree of a cgit repository: when you "drill down" into subfolders, parts of the parent folder's contents will appear in the listing. This patch adjusts cgit_print_tree() accordingly, which fixes the problem. ------------------------------------------------------------------- Fri Oct 14 10:13:03 CEST 2011 - tiwai@suse.de - split from OBS git repo to an individual repo (since cgit-0.9 doesn't build with git-1.7.7) - merged fixes in git repo back to cgit repo - updated to git 1.7.6.4 ------------------------------------------------------------------- Wed Aug 3 21:35:48 UTC 2011 - asn@cryptomilk.org - updated to cgit 0.9.0.2 - fixed potential XSS vulnerability in rename hint - fixed a segfault with git 1.7.6 ------------------------------------------------------------------- Mon Jun 27 18:22:11 CEST 2011 - tiwai@suse.de - updated to git 1.7.6: see git changelog for more details ------------------------------------------------------------------- Mon Jun 6 16:03:34 CEST 2011 - tiwai@suse.de - updated to git 1.7.5.4: see git changelog for more details ------------------------------------------------------------------- Mon Jun 6 12:24:02 CEST 2011 - tiwai@suse.de - Fix incompatibilies with git 1.7.5.x to build cgit again ------------------------------------------------------------------- Wed Jun 1 12:41:12 UTC 2011 - mmarek@novell.com - Do not buildrequire git, the package builds it's own git and the buildrequires line only makes backporting harder. ------------------------------------------------------------------- Fri May 27 11:54:43 CEST 2011 - tiwai@suse.de - updated git 1.7.5.3: See git changelog for more details ------------------------------------------------------------------- Mon Mar 28 18:26:17 CEST 2011 - tiwai@suse.de - updated to git 1.7.4.2: documentation updates, small bug fixes; see included Documentation/RelNotes/1.7.4.2.txt - updated to cgit 0.9: major updates; using git-1.7.4.x ------------------------------------------------------------------- Fri Dec 17 17:51:32 CET 2010 - tiwai@suse.de - updated to git 1.7.3.3: In addition to the usual fixes, this release also includes support for the new "add.ignoreErrors" name given to the existing "add.ignore-errors" configuration variable. - updated to git 1.7.3.4: Among many fixes since v1.7.3.3, it contains a fix to a recently discovered XSS vulnerability in Gitweb (CVE 2010-3906) ------------------------------------------------------------------- Thu Sep 30 08:21:27 CEST 2010 - tiwai@suse.de - updated to git 1.7.3: major version update; new options and behavior for git-rebase, git-clean, git-checkout, git-gui. See release note: http://www.kernel.org/pub/software/scm/git/docs/RelNotes-1.7.3.txt - updated to git 1.7.3.1: fix git-stash breakages - Set NO_CROSS_DIRECTORY_HARDLINKS=1 to satisfy BS ------------------------------------------------------------------- Fri Aug 20 17:41:32 CEST 2010 - anschneider@exsuse.de - fixed more segfaults in cgit. ------------------------------------------------------------------- Fri Aug 20 16:29:03 CEST 2010 - anschneider@exsuse.de - fix cgit segfault when using git > 1.7 - update to version 0.8.3.3 - get debuginfo working, don't strip binaries. ------------------------------------------------------------------- Fri Aug 20 10:02:44 CEST 2010 - tiwai@suse.de - updated to git 1.7.2.2 ------------------------------------------------------------------- Thu Jul 29 13:52:36 CEST 2010 - tiwai@suse.de - fix missing link with libpthread ------------------------------------------------------------------- Thu Jul 29 13:43:28 CEST 2010 - tiwai@suse.de - updated to git 1.7.2.1: minor fixes for git-instaweb, git-web, git-config. See release note: http://www.kernel.org/pub/software/scm/git/docs/RelNotes-1.7.2.1.txt ------------------------------------------------------------------- Thu Jul 22 12:19:02 CEST 2010 - tiwai@suse.de - updated to git 1.7.2: mostly bug fixes and small enhancements; see the release note: http://www.kernel.org/pub/software/scm/git/docs/RelNotes-1.7.2.txt - gitweb stuff is moved to /usr/share/gitweb ------------------------------------------------------------------- Sun Apr 25 18:29:34 UTC 2010 - poletti.marco@gmail.com - Build against version 1.7.0.3 of git instead of 1.6.4.3. ------------------------------------------------------------------- Fri Feb 5 16:37:58 UTC 2010 - poletti.marco@gmail.com - Initial release, version 0.8.3.1