[Pkg-cgit-devel] Bug#827405: cgit: update to version 1.0 fixes CVE-2016-2315 and CVE-2016-2324

Peter Colberg peter at colberg.org
Thu Jun 16 16:47:41 UTC 2016

Previous message: [Pkg-cgit-devel] cgit_1.0+git2.8.3-1_amd64.changes ACCEPTED into unstable
Next message: [Pkg-cgit-devel] Processed: Re: cgit: update to version 1.0 fixes CVE-2016-2315
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Dear Debian Security Team,

I believe that cgit versions before 1.0 are affected by both
CVE-2016-2315 and CVE-2016-2324. I did not include the latter
when reporting this bug initially since it was not mentioned
in the release announcement for cgit 1.0.

Regards,
Peter

Previous message: [Pkg-cgit-devel] cgit_1.0+git2.8.3-1_amd64.changes ACCEPTED into unstable
Next message: [Pkg-cgit-devel] Processed: Re: cgit: update to version 1.0 fixes CVE-2016-2315
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Pkg-cgit-devel mailing list