openSUSE: Security Advisory for cgit (openSUSE-SU-2016:0829-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security update for cgit (important)

This update for cgit fixes a buffer overflow issue that had the potential to be abused for remote execution of arbitrary code CVE-2016-2315, CVE-2016-2324, bsc971328...

Security update for cgit (important)

This update for cgit fixes a buffer overflow issue that had the potential to be abused for remote execution of arbitrary code CVE-2016-2315, CVE-2016-2324, bsc971328...

openSUSE Security Update : cgit (openSUSE-2016-356)

This update for cgit fixes a buffer overflow issue that had the potential to be abused for remote execution of arbitrary code CVE-2016-2315, CVE-2016-2324, bsc971328. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from...

openSUSE: Security Advisory for cgit (openSUSE-SU-2016:0803-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security update for cgit (important)

This update for cgit fixes a buffer overflow issue that had the potential to be abused for remote execution of arbitrary code CVE-2016-2315, CVE-2016-2324, bsc971328...

Fedora 22 : cgit-0.12-1.fc22 (2016-215b507409)

Update to 0.12. Fixes bug 1298912 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 ...

Fedora 23 : cgit-0.12-1.fc23 (2016-e5a5fb196f)

Update to 0.12. Fixes bug 1298912 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 ...

Mageia: Security Advisory (MGASA-2016-0047)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Updated cgit packages fix security vulnerability

Reflected Cross Site Scripting and Header Injection in Mimetype Query String in cgit before 0.12 CVE-2016-1899. Stored Cross Site Scripting and Header Injection in Filename Parameter in cgit before 0.12 CVE-2016-1900. Integer Overflow resulting in Buffer Overflow in cgit before 0.12 CVE-2016-1901...

MGASA-2016-0047 Updated cgit packages fix security vulnerability

Reflected Cross Site Scripting and Header Injection in Mimetype Query String in cgit before 0.12 CVE-2016-1899. Stored Cross Site Scripting and Header Injection in Filename Parameter in cgit before 0.12 CVE-2016-1900. Integer Overflow resulting in Buffer Overflow in cgit before 0.12 CVE-2016-1901...

openSUSE Security Update : cgit (openSUSE-2016-86)

This update to cgit 0.12 fixes the following issues : - CVE-2016-1899: Reflected Cross Site Scripting and Header Injection in Mimetype Query String - CVE-2016-1900: Stored Cross Site Scripting and Header Injection in Filename Parameter - CVE-2016-1901: Integer Overflow resulting in Buffer Overflo...

[SECURITY] Fedora 23 Update: cgit-0.12-1.fc23

Cgit is a fast web interface for git. It uses caching to increase performa nce...

[SECURITY] Fedora 22 Update: cgit-0.12-1.fc22

Cgit is a fast web interface for git. It uses caching to increase performa nce...

Fedora Update for cgit FEDORA-2016-215

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE Security Update : cgit (openSUSE-2016-69)

This update to cgit 0.12 fixes the following issues : - CVE-2016-1899: Reflected Cross Site Scripting and Header Injection in Mimetype Query String - CVE-2016-1900: Stored Cross Site Scripting and Header Injection in Filename Parameter - CVE-2016-1901: Integer Overflow resulting in Buffer Overflo...

FreeBSD : cgit -- multiple vulnerabilities (62c0dbbd-bfce-11e5-b5fe-002590263bf5)

Jason A. Donenfeld reports : Reflected Cross Site Scripting and Header Injection in Mimetype Query String. Stored Cross Site Scripting and Header Injection in Filename Parameter. Integer Overflow resulting in Buffer Overflow. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive te...

CGit Integer Overflow Vulnerability

cgit is a web front-end for git repositories written in C . An integer overflow vulnerability exists in the 'authenticatepost' function in cgit versions prior to 0.12. A remote attacker could exploit this vulnerability to cause a denial of service buffer overflow via a larger value in the...

CGit CRLF Injection Vulnerability

Cgit is the web front end for git repositories. Versions of CGit prior to 0.12 suffer from a CRLF injection vulnerability that allows remote attackers to inject arbitrary HTTP headers and perform HTTP response splitting attacks or execute cross-site scripting attacks via a CRLF sequence in the...

CVE-2016-1901

Integer overflow in the authenticatepost function in CGit before 0.12 allows remote attackers to have unspecified impact via a large value in the Content-Length HTTP header, which triggers a buffer overflow...