You are here
Home > Preporuke > Sigurnosni nedostaci programskog paketa cgit

Sigurnosni nedostaci programskog paketa cgit

  • Detalji os-a: WN7
  • Važnost: IMP
  • Operativni sustavi: L
  • Kategorije: LFE

Fedora Update Notification
2016-01-26 14:49:54.835691

Name : cgit
Product : Fedora 23
Version : 0.12
Release : 1.fc23
Summary : A fast web interface for git
Description :
Cgit is a fast web interface for git. It uses caching to increase performance.

Update Information:

Update to 0.12. Fixes bug #1298912

[ 1 ] Bug #1298851 – CVE-2016-1899 cgit: Reflected XSS and header injection in mimetype query string
[ 2 ] Bug #1298854 – CVE-2016-1900 cgit: Stored Cross Site Scripting & Header Injection in Filename Parameter
[ 3 ] Bug #1298860 – CVE-2016-1901 cgit: Integer Overflow resulting in Buffer Overflow

This update can be installed with the “yum” update program. Use
su -c ‘yum update cgit’ at the command line.
For more information, refer to “Managing Software with yum”,
available at

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
package-announce mailing list

AutorMarijo Plepelic
Cert idNCERT-REF-2016-01-0006-ADV
More in Preporuke
Ranjivosti programskog paketa firefox

Otkrivene su ranjivosti u programskom paketu firefox za RHEL 5, 6 i 7. Ranjivosti su posljedica neodgovarajuće obrade posebno oblikovanog...