Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Leap:15.2:Update
cgit
cgit.changes
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File cgit.changes of Package cgit
------------------------------------------------------------------- Mon May 20 13:15:12 UTC 2019 - Christophe Giboudeaux <christophe@krop.fr> - Add the missing zlib requirement. ------------------------------------------------------------------- Thu Dec 6 09:21:03 UTC 2018 - Jan Engelhardt <jengelh@inai.de> - Create a /var/cache/cgit [boo#1116567] - Update bundled git to 2.18.1 - Remove cgit-optflags.diff ------------------------------------------------------------------- Sun Aug 5 16:24:56 UTC 2018 - jengelh@inai.de - Update to new upstream release 1.2.1 * fixes CVE-2018-14912 directory traversal vulnerability [boo#1103799] * syntax-highlighting: replace invalid unicode with '?' * ui-repolist: properly sort by age * ui-patch: fix crash when using path limit - Remove cgit-built-with-git-v2.11.0.patch (merged upstream) ------------------------------------------------------------------- Sat Feb 11 17:56:42 UTC 2017 - jengelh@inai.de - Update bundled git to 2.11.1 ------------------------------------------------------------------- Thu Jan 19 15:20:32 UTC 2017 - vsvecova@suse.com - Version bump to v1.1: * For more information see complete changelog at https://git.zx2c4.com/cgit/log/ - Add cgit-built-with-git-v2.11.0.patch ------------------------------------------------------------------- Thu Jan 5 16:20:44 UTC 2017 - vcizek@suse.com - remove redundant gnu-crypto BuildRequires ------------------------------------------------------------------- Mon Jun 13 22:29:05 UTC 2016 - astieger@suse.com - cgit 1.0: * Add repo.homepage/gitweb.homepage setting and homepage tab. * Considerable internal cleanups. * Show reverse paths in title bar so that browser tab shows filename. * Add syntax highlighting to md2html. * Allow redirects even when caching is turned on. * Fix empty PATH_INFO on redirect. * Better HTML5 compliance. * Simplified decorations. * Show repo's root directory in plain view. * Date printing and timezone normalization. * Unicode issues in syntax highlighting. * Account for caches with empty key. * Use size_t for all lengths. * More gracefully deal with unparsable commits. - with git 2.8.3 - the following patches are now included upstream git 2.8.3: 0012-http-push-stop-using-name_path.patch 0013-show_object_with_name-simplify-by-using-path_name.patch 0014-list-objects-convert-name_path-to-a-strbuf.patch 0015-list-objects-drop-name_path-entirely.patch 0016-list-objects-pass-full-pathname-to-callbacks.patch ------------------------------------------------------------------- Wed Mar 16 16:12:46 CET 2016 - tiwai@suse.de - Fix remote code execution via buffer overflow (CVE-2016-2315, CVE-2016-2324, bsc#971328): 0012-http-push-stop-using-name_path.patch 0013-show_object_with_name-simplify-by-using-path_name.patch 0014-list-objects-convert-name_path-to-a-strbuf.patch 0015-list-objects-drop-name_path-entirely.patch 0016-list-objects-pass-full-pathname-to-callbacks.patch ------------------------------------------------------------------- Thu Jan 14 15:25:28 UTC 2016 - jengelh@inai.de - Update to new upstream release 0.12 * Show remote refs in branch switcher combobox. * Add sample post-receive hook in /contrib. * Add HTML escaping to filters. * Add "enable-follow-links" option to have the log UI behave the same way as "git log --follow", as well as updating the diffand commit UIs. * Errors are now cached under the dynamic-ttl setting. * Simplified filters and converters. * Add "enable-html-serving" to turn on serving of HTML mimetypes from the /plain handler, to prevent against stored XSS. * /blob no longer takes a mimetype query string parameter. - Resolve: Reflected Cross Site Scripting & Header Injection in Mimetype Query String; Stored Cross Site Scripting & Header Injection in Filename Parameter; Stored Cross Site Scripting in Git Repo Files; Integer Overflow resulting in Buffer Overflow [boo#961916 CVE-2016-1899 CVE-2016-1900 CVE-2016-1901] - Update bundled git tarball to 2.7.0 (build-time requirement) ------------------------------------------------------------------- Tue Oct 6 09:59:22 UTC 2015 - jengelh@inai.de - Update bundled git tarball to 2.6.1 [bnc#948969] ------------------------------------------------------------------- Thu Sep 24 14:47:29 UTC 2015 - jengelh@inai.de - Update bundled git tarball to 2.5.3 ------------------------------------------------------------------- Tue Jun 9 16:30:13 UTC 2015 - jengelh@inai.de - Update bundled git tarball to 2.4.3 ------------------------------------------------------------------- Mon May 4 08:56:39 UTC 2015 - jengelh@inai.de - Update to new upstream release 0.11.2 * addition of a Lua scripting engine * fine-grained authentication support through the new Lua scripting system * support for the "rawdiff" command was added * sendfile() is now used when available (Linux systems) instead of a loop of read() and write(). This should significantly increase performance for high volume sites which make heavy use of the caching feature, as it saves copies to and from user-space. * Caching granularity is now improved with the introduction of the cache-snapshot-ttl option, which allows configuration of the ttl for tarball and zip snapshots of repositories. * When filtering in the index, make the sorting links point to the same filtered page of results * Take into account leading slashes when comptuing links - Avoid double %setup (messes with quilt). Simplify filelist. %doc for man is implicit. - Drop cgit-git-1.7.6_build_fix.patch, cgit-fix-print-tree.diff, cgit-fix-more-read_tree_recursive-invocations.diff, cgit-CVE-2013-2117-disallow-directory-traversal.patch - Add signature for the git core tarball. ------------------------------------------------------------------- Mon Nov 24 13:10:34 UTC 2014 - guillaume@opensuse.org - Fix css and logo path in cgitrc file (replace /git by /cgit) ------------------------------------------------------------------- Mon Oct 6 21:16:48 UTC 2014 - jengelh@inai.de - Remove ancient specfile tags/sections - Enable parallel build ------------------------------------------------------------------- Fri Jul 5 17:05:04 CEST 2013 - tiwai@suse.de - Fix VUL-0: cgit: remote file disclosure flaw (CVE-2013-2117, bnc#822166) ------------------------------------------------------------------- Tue Nov 20 13:51:05 UTC 2012 - vjt@openssl.it - BuildRequire xz ------------------------------------------------------------------- Tue Nov 20 12:04:15 CET 2012 - tiwai@suse.de - updated to cgit-0.9.1: Enhancements: - path-selected submodule links - intelligent default branch guessing - /etc/mime.types lookup - gitweb.* and cgit.* git-config support - case insensitive sorting and age sorting - commit, repository, and section sorting - bold currently viewed page in pagination - support BSDs in makefile Security: - CVE-2012-4465: heap-buffer overflow in parsing.c - CVE-2012-4548: syntax highlighting command injection Bug Fixes: - transition maintainer to Jason Donenfeld (zx2c4) - download git snapshot from github instead of Lars' old server - css fixes - stablization of tests - more compatible default highlight script - suppress gzip timestamp so that tarballs only use tar timestamps - treat ctags as target in makefile - do not let global variables override certain local repo settings - print ampersand as proper html entity - use placeholder for empty commit subject - format diff view for addition and removal of files - point links at correct blob from ssdiff - drop obsoleted patches cgit-CVE-2011-2711-fix.diff cgit-CVE-2012-4465-fix.diff cgit-CVE-2012-4548-fix.diff ------------------------------------------------------------------- Mon Oct 29 11:45:50 CET 2012 - tiwai@suse.de - cgit-CVE-2012-4548-fix.diff: Fix VUL-0: cgit: arbitrary code / command execution via improperly quoted arguments (CVE-2012-4548, bnc#787074) ------------------------------------------------------------------- Wed Oct 10 15:22:03 CEST 2012 - tiwai@suse.de - Fix VUL-0: specially-crafted commits can trigger a heap-based buffer overflow (CVE-2012-4465, bnc#783012) ------------------------------------------------------------------- Mon Feb 13 10:44:54 UTC 2012 - coolo@suse.com - patch license to follow spdx.org standard ------------------------------------------------------------------- Mon Nov 28 14:04:00 CET 2011 - zooey@hirschkaefer.de - Add patch cgit-fix-more-read_tree_recursive-invocations.diff: There are more incorrect invocations of read_tree_recursive(), one example can be seen when visiting one of the 'plain' links in the tree view (contents of the wrong file are shown). This time I did what I should have done last time and checked and adjusted all invocations of read_tree_recursive(). ------------------------------------------------------------------- Tue Nov 22 09:24:35 UTC 2011 - saschpe@suse.de - Add patch cgit-fix-print-tree.diff: The cgit build fix with respect to git-1.7.6 is incomplete: in the file ui-tree.c ls_tree() has been patched to use pathspec when invoking read_tree_recursive(), but cgit_print_tree() has no t been touched. The resulting problem can be seen when browsing the tree of a cgit repository: when you "drill down" into subfolders, parts of the parent folder's contents will appear in the listing. This patch adjusts cgit_print_tree() accordingly, which fixes the problem. ------------------------------------------------------------------- Fri Oct 14 10:13:03 CEST 2011 - tiwai@suse.de - split from OBS git repo to an individual repo (since cgit-0.9 doesn't build with git-1.7.7) - merged fixes in git repo back to cgit repo - updated to git 1.7.6.4 ------------------------------------------------------------------- Wed Aug 3 21:35:48 UTC 2011 - asn@cryptomilk.org - updated to cgit 0.9.0.2 - fixed potential XSS vulnerability in rename hint - fixed a segfault with git 1.7.6 ------------------------------------------------------------------- Mon Jun 27 18:22:11 CEST 2011 - tiwai@suse.de - updated to git 1.7.6: see git changelog for more details ------------------------------------------------------------------- Mon Jun 6 16:03:34 CEST 2011 - tiwai@suse.de - updated to git 1.7.5.4: see git changelog for more details ------------------------------------------------------------------- Mon Jun 6 12:24:02 CEST 2011 - tiwai@suse.de - Fix incompatibilies with git 1.7.5.x to build cgit again ------------------------------------------------------------------- Wed Jun 1 12:41:12 UTC 2011 - mmarek@novell.com - Do not buildrequire git, the package builds it's own git and the buildrequires line only makes backporting harder. ------------------------------------------------------------------- Fri May 27 11:54:43 CEST 2011 - tiwai@suse.de - updated git 1.7.5.3: See git changelog for more details ------------------------------------------------------------------- Mon Mar 28 18:26:17 CEST 2011 - tiwai@suse.de - updated to git 1.7.4.2: documentation updates, small bug fixes; see included Documentation/RelNotes/1.7.4.2.txt - updated to cgit 0.9: major updates; using git-1.7.4.x ------------------------------------------------------------------- Fri Dec 17 17:51:32 CET 2010 - tiwai@suse.de - updated to git 1.7.3.3: In addition to the usual fixes, this release also includes support for the new "add.ignoreErrors" name given to the existing "add.ignore-errors" configuration variable. - updated to git 1.7.3.4: Among many fixes since v1.7.3.3, it contains a fix to a recently discovered XSS vulnerability in Gitweb (CVE 2010-3906) ------------------------------------------------------------------- Thu Sep 30 08:21:27 CEST 2010 - tiwai@suse.de - updated to git 1.7.3: major version update; new options and behavior for git-rebase, git-clean, git-checkout, git-gui. See release note: http://www.kernel.org/pub/software/scm/git/docs/RelNotes-1.7.3.txt - updated to git 1.7.3.1: fix git-stash breakages - Set NO_CROSS_DIRECTORY_HARDLINKS=1 to satisfy BS ------------------------------------------------------------------- Fri Aug 20 17:41:32 CEST 2010 - anschneider@exsuse.de - fixed more segfaults in cgit. ------------------------------------------------------------------- Fri Aug 20 16:29:03 CEST 2010 - anschneider@exsuse.de - fix cgit segfault when using git > 1.7 - update to version 0.8.3.3 - get debuginfo working, don't strip binaries. ------------------------------------------------------------------- Fri Aug 20 10:02:44 CEST 2010 - tiwai@suse.de - updated to git 1.7.2.2 ------------------------------------------------------------------- Thu Jul 29 13:52:36 CEST 2010 - tiwai@suse.de - fix missing link with libpthread ------------------------------------------------------------------- Thu Jul 29 13:43:28 CEST 2010 - tiwai@suse.de - updated to git 1.7.2.1: minor fixes for git-instaweb, git-web, git-config. See release note: http://www.kernel.org/pub/software/scm/git/docs/RelNotes-1.7.2.1.txt ------------------------------------------------------------------- Thu Jul 22 12:19:02 CEST 2010 - tiwai@suse.de - updated to git 1.7.2: mostly bug fixes and small enhancements; see the release note: http://www.kernel.org/pub/software/scm/git/docs/RelNotes-1.7.2.txt - gitweb stuff is moved to /usr/share/gitweb ------------------------------------------------------------------- Sun Apr 25 18:29:34 UTC 2010 - poletti.marco@gmail.com - Build against version 1.7.0.3 of git instead of 1.6.4.3. ------------------------------------------------------------------- Fri Feb 5 16:37:58 UTC 2010 - poletti.marco@gmail.com - Initial release, version 0.8.3.1
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor