drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Mehrere Probleme in cgit
Name: |
Mehrere Probleme in cgit |
|
ID: |
DSA-3545-1 |
|
Distribution: |
Debian |
|
Plattformen: |
Debian sid, Debian jessie, Debian stretch |
|
Datum: |
Do, 7. April 2016, 21:03 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1899
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1901
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1900 |
|
Applikationen: |
cgit |
|
Originalnachricht |
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512
- ------------------------------------------------------------------------- Debian Security Advisory DSA-3545-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso April 07, 2016 https://www.debian.org/security/faq - -------------------------------------------------------------------------
Package : cgit CVE ID : CVE-2016-1899 CVE-2016-1900 CVE-2016-1901 Debian Bug : 812411
Several vulnerabilities were discovered in cgit, a fast web frontend for git repositories written in C. A remote attacker can take advantage of these flaws to perform cross-site scripting, header injection or denial of service attacks.
For the stable distribution (jessie), these problems have been fixed in version 0.10.2.git2.0.1-3+deb8u1.
For the testing distribution (stretch), these problems have been fixed in version 0.12.0.git2.7.0-1 or earlier.
For the unstable distribution (sid), these problems have been fixed in version 0.12.0.git2.7.0-1 or earlier.
We recommend that you upgrade your cgit packages.
Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/
Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iQIcBAEBCgAGBQJXBpF+AAoJEAVMuPMTQ89EHj8P/RDL/nR9KN49THDLminmCWtI eFAUH1sG8lkQfwN4/kklwmjY5HEHY/1U+VnFY6tXxAzeidiLquZo06aT//rrtJ23 moQtPs+DzQ9etgllIHmNu8QgUplQDAl3IJxzJJTuwMnpJZc2gl242OLEvVfNE9aS azOfZLSNGqmR1+oqWyoyUwbbIn8Zn0kAOyPUhl65GqmwTGrmkyKRJMij+sf1VRQs jc3n7Tx8gAhsw2Ab7z+i2+d5LRzVEMu/ClfZgG75IS8LlSwOsbxM2jkHlylcsOYw mxccx4RbNQl0B7t1VxOClutrKCA8piVCAFCuLmw8XxXPC8KdBJwvKAS+foeRF2qF B6xBGAWhwHr49VrhG3YwAm4NYPjSjroMa+Cr+vFfRsA16txI+KCqjWv0XWXD6r8i U6YoBMxm254A1MIFMb0mJdyFcBvSs25gUwPcpapzwQ8oIm2J/MBX3cGTAQL5d0Vw 1vdVeirsVK0tEFwhWwOz7+4QwQLafWPQ+8kEPKmYZ4MyorK0UfOLZFCROpqmrFJu BjYgNuBYH4pEoNNvxupsAKQ5FBMhm9+2HV+oHD/D2OmdYyoHnqxFucUmRTQxlInG ZFng74svXklyoN/DNkpPrKD3mNYszdpNRmn1ZwtXyQCRv+8IBJ2FO3QdjqhrXWAE eBABs6+5Ilb2s8hxRfTi =nvIl -----END PGP SIGNATURE-----
|
|
|
|