News for package cgit

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 3.0 (quilt)
Source: cgit
Binary: cgit
Architecture: any
Version: 1.1+git2.10.2-3+deb9u1
Maintainer: Debian Cgit Packaging Team <pkg-cgit-devel@lists.alioth.debian.org>
Uploaders: Alexander Wirt <formorer@debian.org>, Peter Colberg <peter@colberg.org>
Homepage: https://git.zx2c4.com/cgit/
Standards-Version: 3.9.8
Vcs-Browser: https://anonscm.debian.org/git/pkg-cgit/pkg-cgit.git
Vcs-Git: https://anonscm.debian.org/git/pkg-cgit/pkg-cgit.git
Build-Depends: asciidoc-base | asciidoc, debhelper (>= 10), dh-apache2, docbook-xsl, liblua5.1-0-dev, libssl-dev, libxml2-utils, pkg-config, strace [linux-any], tidy, unzip, xmlto, zlib1g-dev
Package-List:
 cgit deb net extra arch=any
Checksums-Sha1:
 37d74a9266a995c4fc53bd78a5affdf8d214e174 6118627 cgit_1.1+git2.10.2.orig.tar.gz
 2c5292295fcc0f1e081e7812d569fa271e1bc8d2 11508 cgit_1.1+git2.10.2-3+deb9u1.debian.tar.xz
Checksums-Sha256:
 ca271d2cd188bd8a1d9a103c3d5e889ac67169bd2b9b554fbdaa98cf76e8a2bb 6118627 cgit_1.1+git2.10.2.orig.tar.gz
 2768eec1f9bc23d762276ce45732bd844ee7835893d898be06094606506cd8c0 11508 cgit_1.1+git2.10.2-3+deb9u1.debian.tar.xz
Files:
 ed3b45ecf5b8bc4afe92ace523548b26 6118627 cgit_1.1+git2.10.2.orig.tar.gz
 a422ce22211961179d0efabafad6d3d4 11508 cgit_1.1+git2.10.2-3+deb9u1.debian.tar.xz

-----BEGIN PGP SIGNATURE-----

iQKmBAEBCgCQFiEERkRAmAjBceBVMd3uBUy48xNDz0QFAltlgdVfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQSHGNhcm5pbEBk
ZWJpYW4ub3JnAAoJEAVMuPMTQ89EoqAP/RMV12828EU9TmPxL/85AZ8lAUv4br66
AtKT5WqfXb/p3yQVnwNFZk4ycyGNz8MwPVX1aAXJ4FznBIeksqxL4N9B9VwKWiWL
I+3rbdQREsslFC43AvstECx7aEBoB4Z3O6+EYLRVIqBk+m1fH4dGQtlE28d+l7SR
c1FBaC5BNBl/6uqA3UCaGbeOPaxdKkPnfjpaX3rxRqi+Q00u2+gUFtjZlF1mY2FW
3FLlcu9bzjOtnqSQXQLiLb+AV2y2qndTKsfs+TkbJ5TxMirJPlcqARi41VuxVxbG
CTNhb1S8LBfiKD0zDWK+nQjkVc0cKb4eMKnTNRDZ02GVFhMWHaeUCo7ZQ+i9zuIA
0LO0YoR90DLUomDdv+mtO5d+BjrzUuEOgVxJ98tjva3riemmjNUwf69l10MjRaP7
ShiwsPLfkhfs2pUvAFPb86iNWKIbukUUcDpuEUM8fYwCma8A8r8wNWT5Xpx2unVI
fSAucrYI0iIkvDd+/0XaYWgHBct2RZXJ5fKwW617Kc8gHuX251afgCWCvcphSFar
Lk0tUqZ3cbEBA/Uid7IL2ldVmUMyeVq4Slrhe2g7ClakEPX/kdQS4X4SCGPfORud
E5vIyC+eqYc/zuhpffidKEpe0cA/ua4uc4myaRIKadvzF/SkTxTRv7Yhltn902vR
UIrQGtk05yGA
=VeXB
-----END PGP SIGNATURE-----

<span id="changes">Changes:</span>
cgit (1.1+git2.10.2-3+deb9u1) stretch-security; urgency=high

  * Non-maintainer upload by the Security Team.
  * clone: fix directory traversal (CVE-2018-14912) (Closes: #905382)

 -- Salvatore Bonaccorso <carnil@debian.org>  Sat, 04 Aug 2018 12:27:48 +0200