FEDORA-EPEL-2013-5992 created by tmz 7 years ago for Fedora EPEL 6
stable

A directory traversal vulnerability was discovered in cgit. By default, cgit is not affected. However, if cgit is configured to use a readme file from a filesystem path instead of from the git repo itself then files outside of the repository can be read.

Refer to the discussion on oss-security for further details:

http://www.openwall.com/lists/oss-security/2013/05/25/3

This update has been submitted for testing by tmz.

7 years ago

This update is currently being pushed to the Fedora EPEL 6 testing updates repository.

7 years ago

This update has been pushed to testing

7 years ago

This update has reached 14 days in testing and can be pushed to stable now if the maintainer wishes

7 years ago

This update has been submitted for stable by tmz.

7 years ago

This update has been submitted for stable by tmz.

7 years ago

This update is currently being pushed to the Fedora EPEL 6 stable updates repository.

7 years ago

This update has been pushed to stable

7 years ago

Please login to add feedback.

Metadata
Type
security
Karma
0
Signed
Content Type
RPM
Test Gating
Settings
Unstable by Karma
-3
Stable by Karma
disabled
Stable by Time
disabled
Dates
submitted
7 years ago
in testing
7 years ago
in stable
7 years ago
BZ#967346 CVE-2013-2117 cgit: directory traversal
0
0
BZ#967662 CVE-2013-2117 cgit: directory traversal [epel-all]
0
0

Automated Test Results