Lucene search
SuseOPENSUSE-SU-2018:2313-1HistoryAug 13, 2018 - 6:09 p.m.
Security update for cgit (moderate)
2018-08-1318:09:24
lists.opensuse.org
67
0.963 High
EPSS
Percentile
99.5%
This update for cgit to version 1.2.1 fixes the following issues:
The following security vulnerability was addressed:
- CVE-2018-14912: Fixed a directory traversal vulnerability, when
enable-http-clone=1 is not turned off (boo#1103799)
The following other changes were made:
-
Update to upstream release 1.2.1:
- syntax-highlighting: replace invalid unicode with ‘?’
- ui-repolist: properly sort by age
- ui-patch: fix crash when using path limit
-
Update bundled git to 2.11.1
-
Update to upstream release 1.0:
- Add repo.homepage/gitweb.homepage setting and homepage tab.
- Show reverse paths in title bar so that browser tab shows filename.
- Allow redirects even when caching is turned on.
- More gracefully deal with unparsable commits.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| openSUSE Leap | 42.3 | i586 | cgit | < 1.2.1-13.3.1 | cgit-1.2.1-13.3.1.i586.rpm |
| openSUSE Leap | 42.3 | i586 | cgit-debugsource | < 1.2.1-13.3.1 | cgit-debugsource-1.2.1-13.3.1.i586.rpm |
| openSUSE Leap | 42.3 | x86_64 | cgit-debuginfo | < 1.2.1-13.3.1 | cgit-debuginfo-1.2.1-13.3.1.x86_64.rpm |
| openSUSE Leap | 42.3 | i586 | cgit-debuginfo | < 1.2.1-13.3.1 | cgit-debuginfo-1.2.1-13.3.1.i586.rpm |
| openSUSE Leap | 42.3 | x86_64 | cgit-debugsource | < 1.2.1-13.3.1 | cgit-debugsource-1.2.1-13.3.1.x86_64.rpm |
| openSUSE Leap | 42.3 | x86_64 | cgit | < 1.2.1-13.3.1 | cgit-1.2.1-13.3.1.x86_64.rpm |
References
Related
packetstorm
packetstorm
cgit cgit_clone_objects() Directory Traversal
2018-08-06 00:00:00
cgit Directory Traversal
2018-08-14 00:00:00
openvas
openvas
openSUSE: Security Advisory for cgit (openSUSE-SU-2018:2313-1)
2018-08-14 00:00:00
openSUSE: Security Advisory for cgit (openSUSE-SU-2018:2308-1)
2018-10-26 00:00:00
Mageia: Security Advisory (MGASA-2018-0351)
2022-01-28 00:00:00
alpinelinux
alpinelinux
CVE-2018-14912
2018-08-03 19:29:00
zdt
zdt
cgit 1.2.1 - Directory Traversal Exploit
2018-08-14 00:00:00
nessus
nessus
Debian DLA-1459-1 : cgit security update
2018-08-07 00:00:00
Debian DSA-4263-1 : cgit - security update
2018-08-06 00:00:00
exploitpack
exploitpack
cgit 1.2.1 - Directory Traversal (Metasploit)
2018-08-14 00:00:00
redhatcve
redhatcve
CVE-2018-14912
2019-10-05 04:55:06
osv
osv
cgit - security update
2018-08-06 00:00:00
cgit - security update
2018-08-04 00:00:00
CVE-2018-14912
2018-08-03 19:29:00
archlinux
archlinux
[ASA-201808-2] cgit: directory traversal
2018-08-03 00:00:00
nvd
nvd
CVE-2018-14912
2018-08-03 19:29:00
debian
debian
[SECURITY] [DLA-1459-1] cgit security update
2018-08-06 07:07:06
[SECURITY] [DSA 4263-1] cgit security update
2018-08-04 12:05:47
[SECURITY] [DSA 4263-1] cgit security update
2018-08-04 12:05:47
debiancve
debiancve
CVE-2018-14912
2018-08-03 19:29:00
nuclei
nuclei
cgit < 1.2.1 - Directory Traversal
2021-12-23 23:58:51
cve
cve
CVE-2018-14912
2018-08-03 19:29:00
suse
suse
Security update for cgit (moderate)
2018-08-13 15:07:39
veracode
veracode
Directory Traversal
2020-09-21 06:28:26
prion
prion
Directory traversal
2018-08-03 19:29:00
ubuntucve
ubuntucve
CVE-2018-14912
2018-08-03 00:00:00
freebsd
freebsd
cgit -- directory traversal vulnerability
2018-08-03 00:00:00
mageia
mageia
Updated cgit packages fix security vulnerability
2018-08-24 02:35:07
cvelist
cvelist
CVE-2018-14912
2018-08-03 19:00:00
exploitdb
exploitdb
cgit 1.2.1 - Directory Traversal (Metasploit)
2018-08-14 00:00:00