openSUSE Build Service

Overview Repositories Revisions Requests Users Attributes Meta

File cgit.changes of Package cgit

-------------------------------------------------------------------
Tue Mar 17 08:30:09 UTC 2020 - Paolo Stivanin <info@paolostivanin.com>

- Update to new upstream release 1.2.3
  * Offer lzip and zstd as compression methods through the webui.
  * ui-tree: allow per repository override for enable-blame.
- Bump git to latest upstream release 2.25.1

-------------------------------------------------------------------
Mon May 20 13:15:12 UTC 2019 - Christophe Giboudeaux <christophe@krop.fr>

- Add the missing zlib requirement.

-------------------------------------------------------------------
Thu Dec  6 09:21:03 UTC 2018 - Jan Engelhardt <jengelh@inai.de>

- Create a /var/cache/cgit [boo#1116567]
- Update bundled git to 2.18.1
- Remove cgit-optflags.diff

-------------------------------------------------------------------
Sun Aug  5 16:24:56 UTC 2018 - jengelh@inai.de

- Update to new upstream release 1.2.1
  * fixes CVE-2018-14912 directory traversal vulnerability
    [boo#1103799]
  * syntax-highlighting: replace invalid unicode with '?'
  * ui-repolist: properly sort by age
  * ui-patch: fix crash when using path limit
- Remove cgit-built-with-git-v2.11.0.patch (merged upstream)

-------------------------------------------------------------------
Sat Feb 11 17:56:42 UTC 2017 - jengelh@inai.de

- Update bundled git to 2.11.1

-------------------------------------------------------------------
Thu Jan 19 15:20:32 UTC 2017 - vsvecova@suse.com

- Version bump to v1.1:
  * For more information see complete changelog at
    https://git.zx2c4.com/cgit/log/
- Add cgit-built-with-git-v2.11.0.patch

-------------------------------------------------------------------
Thu Jan  5 16:20:44 UTC 2017 - vcizek@suse.com

- remove redundant gnu-crypto BuildRequires

-------------------------------------------------------------------
Mon Jun 13 22:29:05 UTC 2016 - astieger@suse.com

- cgit 1.0:
  * Add repo.homepage/gitweb.homepage setting and homepage tab.
  * Considerable internal cleanups.
  * Show reverse paths in title bar so that browser tab shows
    filename.
  * Add syntax highlighting to md2html.
  * Allow redirects even when caching is turned on.
  * Fix empty PATH_INFO on redirect.
  * Better HTML5 compliance.
  * Simplified decorations.
  * Show repo's root directory in plain view.
  * Date printing and timezone normalization.
  * Unicode issues in syntax highlighting.
  * Account for caches with empty key.
  * Use size_t for all lengths.
  * More gracefully deal with unparsable commits.
- with git 2.8.3
- the following patches are now included upstream git 2.8.3:
  0012-http-push-stop-using-name_path.patch
  0013-show_object_with_name-simplify-by-using-path_name.patch
  0014-list-objects-convert-name_path-to-a-strbuf.patch
  0015-list-objects-drop-name_path-entirely.patch
  0016-list-objects-pass-full-pathname-to-callbacks.patch

-------------------------------------------------------------------
Wed Mar 16 16:12:46 CET 2016 - tiwai@suse.de

- Fix remote code execution via buffer overflow (CVE-2016-2315,
  CVE-2016-2324, bsc#971328):
  0012-http-push-stop-using-name_path.patch
  0013-show_object_with_name-simplify-by-using-path_name.patch
  0014-list-objects-convert-name_path-to-a-strbuf.patch
  0015-list-objects-drop-name_path-entirely.patch
  0016-list-objects-pass-full-pathname-to-callbacks.patch

-------------------------------------------------------------------
Thu Jan 14 15:25:28 UTC 2016 - jengelh@inai.de

- Update to new upstream release 0.12
* Show remote refs in branch switcher combobox.
* Add sample post-receive hook in /contrib.
* Add HTML escaping to filters.
* Add "enable-follow-links" option to have the log UI
  behave the same way as "git log --follow", as well
  as updating the diffand commit UIs.
* Errors are now cached under the dynamic-ttl setting.
* Simplified filters and converters.
* Add "enable-html-serving" to turn on serving of HTML mimetypes
  from the /plain handler, to prevent against stored XSS.
* /blob no longer takes a mimetype query string parameter.
- Resolve: Reflected Cross Site Scripting & Header Injection in
  Mimetype Query String; Stored Cross Site Scripting & Header
  Injection in Filename Parameter; Stored Cross Site Scripting in
  Git Repo Files; Integer Overflow resulting in Buffer Overflow
  [boo#961916 CVE-2016-1899 CVE-2016-1900 CVE-2016-1901]
- Update bundled git tarball to 2.7.0 (build-time requirement)

-------------------------------------------------------------------
Tue Oct  6 09:59:22 UTC 2015 - jengelh@inai.de

- Update bundled git tarball to 2.6.1 [bnc#948969]

-------------------------------------------------------------------
Thu Sep 24 14:47:29 UTC 2015 - jengelh@inai.de

- Update bundled git tarball to 2.5.3

-------------------------------------------------------------------
Tue Jun  9 16:30:13 UTC 2015 - jengelh@inai.de

- Update bundled git tarball to 2.4.3

-------------------------------------------------------------------
Mon May  4 08:56:39 UTC 2015 - jengelh@inai.de

- Update to new upstream release 0.11.2
* addition of a Lua scripting engine
* fine-grained authentication support through the new Lua
  scripting system
* support for the "rawdiff" command was added
* sendfile() is now used when available (Linux systems) instead
  of a loop of read() and write(). This should significantly
  increase performance for high volume sites which make heavy use
  of the caching feature, as it saves copies to and from
  user-space.
* Caching granularity is now improved with the introduction of
  the cache-snapshot-ttl option, which allows configuration of
  the ttl for tarball and zip snapshots of repositories.
* When filtering in the index, make the sorting links point to
  the same filtered page of results
* Take into account leading slashes when comptuing links
- Avoid double %setup (messes with quilt). Simplify filelist.
  %doc for man is implicit.
- Drop cgit-git-1.7.6_build_fix.patch,
  cgit-fix-print-tree.diff,
  cgit-fix-more-read_tree_recursive-invocations.diff,
  cgit-CVE-2013-2117-disallow-directory-traversal.patch
- Add signature for the git core tarball.

-------------------------------------------------------------------
Mon Nov 24 13:10:34 UTC 2014 - guillaume@opensuse.org

- Fix css and logo path in cgitrc file (replace /git by /cgit)

-------------------------------------------------------------------
Mon Oct  6 21:16:48 UTC 2014 - jengelh@inai.de

- Remove ancient specfile tags/sections
- Enable parallel build

-------------------------------------------------------------------
Fri Jul  5 17:05:04 CEST 2013 - tiwai@suse.de

- Fix VUL-0: cgit: remote file disclosure flaw (CVE-2013-2117,
  bnc#822166)

-------------------------------------------------------------------
Tue Nov 20 13:51:05 UTC 2012 - vjt@openssl.it

- BuildRequire xz

-------------------------------------------------------------------
Tue Nov 20 12:04:15 CET 2012 - tiwai@suse.de

- updated to cgit-0.9.1:
  Enhancements:
  - path-selected submodule links
  - intelligent default branch guessing
  - /etc/mime.types lookup
  - gitweb.* and cgit.* git-config support
  - case insensitive sorting and age sorting
  - commit, repository, and section sorting
  - bold currently viewed page in pagination
  - support BSDs in makefile
  Security:
  - CVE-2012-4465: heap-buffer overflow in parsing.c
  - CVE-2012-4548: syntax highlighting command injection
  Bug Fixes:
  - transition maintainer to Jason Donenfeld (zx2c4)
  - download git snapshot from github instead of Lars' old server
  - css fixes
  - stablization of tests
  - more compatible default highlight script
  - suppress gzip timestamp so that tarballs only use tar timestamps
  - treat ctags as target in makefile
  - do not let global variables override certain local repo settings
  - print ampersand as proper html entity
  - use placeholder for empty commit subject
  - format diff view for addition and removal of files
  - point links at correct blob from ssdiff
- drop obsoleted patches
  cgit-CVE-2011-2711-fix.diff
  cgit-CVE-2012-4465-fix.diff
  cgit-CVE-2012-4548-fix.diff

-------------------------------------------------------------------
Mon Oct 29 11:45:50 CET 2012 - tiwai@suse.de

- cgit-CVE-2012-4548-fix.diff:
  Fix VUL-0: cgit: arbitrary code / command execution via
  improperly quoted arguments (CVE-2012-4548, bnc#787074)

-------------------------------------------------------------------
Wed Oct 10 15:22:03 CEST 2012 - tiwai@suse.de

- Fix VUL-0: specially-crafted commits can trigger a heap-based
  buffer overflow (CVE-2012-4465, bnc#783012)

-------------------------------------------------------------------
Mon Feb 13 10:44:54 UTC 2012 - coolo@suse.com

- patch license to follow spdx.org standard

-------------------------------------------------------------------
Mon Nov 28 14:04:00 CET 2011 - zooey@hirschkaefer.de

- Add patch cgit-fix-more-read_tree_recursive-invocations.diff:

There are more incorrect invocations of read_tree_recursive(),
    one example can be seen when visiting one of the 'plain' links
    in the tree view (contents of the wrong file are shown).

This time I did what I should have done last time and checked
    and adjusted all invocations of read_tree_recursive().

-------------------------------------------------------------------
Tue Nov 22 09:24:35 UTC 2011 - saschpe@suse.de

- Add patch cgit-fix-print-tree.diff:
    The cgit build fix with respect to git-1.7.6 is incomplete: in
    the file ui-tree.c ls_tree() has been patched to use pathspec
    when invoking read_tree_recursive(), but cgit_print_tree() has
    no t been touched.

The resulting problem can be seen when browsing the tree of a cgit
    repository: when you "drill down" into subfolders, parts of the
    parent folder's contents will appear in the listing.

This patch adjusts cgit_print_tree() accordingly, which fixes the problem.

-------------------------------------------------------------------
Fri Oct 14 10:13:03 CEST 2011 - tiwai@suse.de

- split from OBS git repo to an individual repo (since cgit-0.9
  doesn't build with git-1.7.7)
- merged fixes in git repo back to cgit repo
- updated to git 1.7.6.4

-------------------------------------------------------------------
Wed Aug  3 21:35:48 UTC 2011 - asn@cryptomilk.org

- updated to cgit 0.9.0.2
- fixed potential XSS vulnerability in rename hint
- fixed a segfault with git 1.7.6

-------------------------------------------------------------------
Mon Jun 27 18:22:11 CEST 2011 - tiwai@suse.de

- updated to git 1.7.6: see git changelog for more details

-------------------------------------------------------------------
Mon Jun  6 16:03:34 CEST 2011 - tiwai@suse.de

- updated to git 1.7.5.4: see git changelog for more details

-------------------------------------------------------------------
Mon Jun  6 12:24:02 CEST 2011 - tiwai@suse.de

- Fix incompatibilies with git 1.7.5.x to build cgit again

-------------------------------------------------------------------
Wed Jun  1 12:41:12 UTC 2011 - mmarek@novell.com

- Do not buildrequire git, the package builds it's own git and the
  buildrequires line only makes backporting harder.

-------------------------------------------------------------------
Fri May 27 11:54:43 CEST 2011 - tiwai@suse.de

- updated git 1.7.5.3:
  See git changelog for more details

-------------------------------------------------------------------
Mon Mar 28 18:26:17 CEST 2011 - tiwai@suse.de

- updated to git 1.7.4.2:
  documentation updates, small bug fixes;
  see included Documentation/RelNotes/1.7.4.2.txt
- updated to cgit 0.9:
  major updates; using git-1.7.4.x

-------------------------------------------------------------------
Fri Dec 17 17:51:32 CET 2010 - tiwai@suse.de

- updated to git 1.7.3.3:
  In addition to the usual fixes, this release also includes
  support for the new "add.ignoreErrors" name given to the
  existing "add.ignore-errors" configuration variable.
- updated to git 1.7.3.4:
  Among many fixes since v1.7.3.3, it contains a fix to a recently
  discovered XSS vulnerability in Gitweb (CVE 2010-3906)

-------------------------------------------------------------------
Thu Sep 30 08:21:27 CEST 2010 - tiwai@suse.de

- updated to git 1.7.3:
  major version update; new options and behavior for git-rebase,
  git-clean, git-checkout, git-gui.
  See release note:
  http://www.kernel.org/pub/software/scm/git/docs/RelNotes-1.7.3.txt
- updated to git 1.7.3.1:
  fix git-stash breakages
- Set NO_CROSS_DIRECTORY_HARDLINKS=1 to satisfy BS

-------------------------------------------------------------------
Fri Aug 20 17:41:32 CEST 2010 - anschneider@exsuse.de

- fixed more segfaults in cgit.

-------------------------------------------------------------------
Fri Aug 20 16:29:03 CEST 2010 - anschneider@exsuse.de

- fix cgit segfault when using git > 1.7
- update to version 0.8.3.3
- get debuginfo working, don't strip binaries.

-------------------------------------------------------------------
Fri Aug 20 10:02:44 CEST 2010 - tiwai@suse.de

- updated to git 1.7.2.2

-------------------------------------------------------------------
Thu Jul 29 13:52:36 CEST 2010 - tiwai@suse.de

- fix missing link with libpthread

-------------------------------------------------------------------
Thu Jul 29 13:43:28 CEST 2010 - tiwai@suse.de

- updated to git 1.7.2.1: minor fixes for git-instaweb, git-web,
  git-config.  See release note:
  http://www.kernel.org/pub/software/scm/git/docs/RelNotes-1.7.2.1.txt

-------------------------------------------------------------------
Thu Jul 22 12:19:02 CEST 2010 - tiwai@suse.de

- updated to git 1.7.2: mostly bug fixes and small enhancements;
  see the release note:
  http://www.kernel.org/pub/software/scm/git/docs/RelNotes-1.7.2.txt
- gitweb stuff is moved to /usr/share/gitweb

-------------------------------------------------------------------
Sun Apr 25 18:29:34 UTC 2010 - poletti.marco@gmail.com

- Build against version 1.7.0.3 of git instead of 1.6.4.3.

-------------------------------------------------------------------
Fri Feb  5 16:37:58 UTC 2010 - poletti.marco@gmail.com

- Initial release, version 0.8.3.1

Places

File cgit.changes of Package cgit

Places