| Index | index by Group | index by Distribution | index by Vendor | index by creation date | index by Name | Mirrors | Help | Search |
| Name: cgit | Distribution: openSUSE Leap 16.0 |
| Version: 1.2.3 | Vendor: openSUSE |
| Release: lp160.1.1 | Build date: Wed Sep 25 20:18:12 2024 |
| Group: Development/Tools/Version Control | Build host: reproducible |
| Size: 1475452 | Source RPM: cgit-1.2.3-lp160.1.1.src.rpm |
| Packager: https://bugs.opensuse.org | |
| Url: http://git.zx2c4.com/cgit/ | |
| Summary: A web frontend for git repositories | |
A web interface for the Git SCM, using a built-in cache to decrease server I/O pressure.
GPL-2.0-only
* Wed Sep 25 2024 Thorsten Kukuk <kukuk@suse.com>
- Add /srv/www directories to filelist [bsc#1231027]
* Tue Mar 17 2020 Paolo Stivanin <info@paolostivanin.com>
- Update to new upstream release 1.2.3
* Offer lzip and zstd as compression methods through the webui.
* ui-tree: allow per repository override for enable-blame.
- Bump git to latest upstream release 2.25.1
* Mon May 20 2019 Christophe Giboudeaux <christophe@krop.fr>
- Add the missing zlib requirement.
* Thu Dec 06 2018 Jan Engelhardt <jengelh@inai.de>
- Create a /var/cache/cgit [boo#1116567]
- Update bundled git to 2.18.1
- Remove cgit-optflags.diff
* Sun Aug 05 2018 jengelh@inai.de
- Update to new upstream release 1.2.1
* fixes CVE-2018-14912 directory traversal vulnerability
[boo#1103799]
* syntax-highlighting: replace invalid unicode with '?'
* ui-repolist: properly sort by age
* ui-patch: fix crash when using path limit
- Remove cgit-built-with-git-v2.11.0.patch (merged upstream)
* Sat Feb 11 2017 jengelh@inai.de
- Update bundled git to 2.11.1
* Thu Jan 19 2017 vsvecova@suse.com
- Version bump to v1.1:
* For more information see complete changelog at
https://git.zx2c4.com/cgit/log/
- Add cgit-built-with-git-v2.11.0.patch
* Thu Jan 05 2017 vcizek@suse.com
- remove redundant gnu-crypto BuildRequires
* Mon Jun 13 2016 astieger@suse.com
- cgit 1.0:
* Add repo.homepage/gitweb.homepage setting and homepage tab.
* Considerable internal cleanups.
* Show reverse paths in title bar so that browser tab shows
filename.
* Add syntax highlighting to md2html.
* Allow redirects even when caching is turned on.
* Fix empty PATH_INFO on redirect.
* Better HTML5 compliance.
* Simplified decorations.
* Show repo's root directory in plain view.
* Date printing and timezone normalization.
* Unicode issues in syntax highlighting.
* Account for caches with empty key.
* Use size_t for all lengths.
* More gracefully deal with unparsable commits.
- with git 2.8.3
- the following patches are now included upstream git 2.8.3:
0012-http-push-stop-using-name_path.patch
0013-show_object_with_name-simplify-by-using-path_name.patch
0014-list-objects-convert-name_path-to-a-strbuf.patch
0015-list-objects-drop-name_path-entirely.patch
0016-list-objects-pass-full-pathname-to-callbacks.patch
* Wed Mar 16 2016 tiwai@suse.de
- Fix remote code execution via buffer overflow (CVE-2016-2315,
CVE-2016-2324, bsc#971328):
0012-http-push-stop-using-name_path.patch
0013-show_object_with_name-simplify-by-using-path_name.patch
0014-list-objects-convert-name_path-to-a-strbuf.patch
0015-list-objects-drop-name_path-entirely.patch
0016-list-objects-pass-full-pathname-to-callbacks.patch
* Thu Jan 14 2016 jengelh@inai.de
- Update to new upstream release 0.12
* Show remote refs in branch switcher combobox.
* Add sample post-receive hook in /contrib.
* Add HTML escaping to filters.
* Add "enable-follow-links" option to have the log UI
behave the same way as "git log --follow", as well
as updating the diffand commit UIs.
* Errors are now cached under the dynamic-ttl setting.
* Simplified filters and converters.
* Add "enable-html-serving" to turn on serving of HTML mimetypes
from the /plain handler, to prevent against stored XSS.
* /blob no longer takes a mimetype query string parameter.
- Resolve: Reflected Cross Site Scripting & Header Injection in
Mimetype Query String; Stored Cross Site Scripting & Header
Injection in Filename Parameter; Stored Cross Site Scripting in
Git Repo Files; Integer Overflow resulting in Buffer Overflow
[boo#961916 CVE-2016-1899 CVE-2016-1900 CVE-2016-1901]
- Update bundled git tarball to 2.7.0 (build-time requirement)
* Tue Oct 06 2015 jengelh@inai.de
- Update bundled git tarball to 2.6.1 [bnc#948969]
* Thu Sep 24 2015 jengelh@inai.de
- Update bundled git tarball to 2.5.3
* Tue Jun 09 2015 jengelh@inai.de
- Update bundled git tarball to 2.4.3
* Mon May 04 2015 jengelh@inai.de
- Update to new upstream release 0.11.2
* addition of a Lua scripting engine
* fine-grained authentication support through the new Lua
scripting system
* support for the "rawdiff" command was added
* sendfile() is now used when available (Linux systems) instead
of a loop of read() and write(). This should significantly
increase performance for high volume sites which make heavy use
of the caching feature, as it saves copies to and from
user-space.
* Caching granularity is now improved with the introduction of
the cache-snapshot-ttl option, which allows configuration of
the ttl for tarball and zip snapshots of repositories.
* When filtering in the index, make the sorting links point to
the same filtered page of results
* Take into account leading slashes when comptuing links
- Avoid double %setup (messes with quilt). Simplify filelist.
%doc for man is implicit.
- Drop cgit-git-1.7.6_build_fix.patch,
cgit-fix-print-tree.diff,
cgit-fix-more-read_tree_recursive-invocations.diff,
cgit-CVE-2013-2117-disallow-directory-traversal.patch
- Add signature for the git core tarball.
* Mon Nov 24 2014 guillaume@opensuse.org
- Fix css and logo path in cgitrc file (replace /git by /cgit)
* Mon Oct 06 2014 jengelh@inai.de
- Remove ancient specfile tags/sections
- Enable parallel build
* Fri Jul 05 2013 tiwai@suse.de
- Fix VUL-0: cgit: remote file disclosure flaw (CVE-2013-2117,
bnc#822166)
* Tue Nov 20 2012 vjt@openssl.it
- BuildRequire xz
* Tue Nov 20 2012 tiwai@suse.de
- updated to cgit-0.9.1:
Enhancements:
- path-selected submodule links
- intelligent default branch guessing
- /etc/mime.types lookup
- gitweb.* and cgit.* git-config support
- case insensitive sorting and age sorting
- commit, repository, and section sorting
- bold currently viewed page in pagination
- support BSDs in makefile
Security:
- CVE-2012-4465: heap-buffer overflow in parsing.c
- CVE-2012-4548: syntax highlighting command injection
Bug Fixes:
- transition maintainer to Jason Donenfeld (zx2c4)
- download git snapshot from github instead of Lars' old server
- css fixes
- stablization of tests
- more compatible default highlight script
- suppress gzip timestamp so that tarballs only use tar timestamps
- treat ctags as target in makefile
- do not let global variables override certain local repo settings
- print ampersand as proper html entity
- use placeholder for empty commit subject
- format diff view for addition and removal of files
- point links at correct blob from ssdiff
- drop obsoleted patches
cgit-CVE-2011-2711-fix.diff
cgit-CVE-2012-4465-fix.diff
cgit-CVE-2012-4548-fix.diff
* Mon Oct 29 2012 tiwai@suse.de
- cgit-CVE-2012-4548-fix.diff:
Fix VUL-0: cgit: arbitrary code / command execution via
improperly quoted arguments (CVE-2012-4548, bnc#787074)
* Wed Oct 10 2012 tiwai@suse.de
- Fix VUL-0: specially-crafted commits can trigger a heap-based
buffer overflow (CVE-2012-4465, bnc#783012)
* Mon Feb 13 2012 coolo@suse.com
- patch license to follow spdx.org standard
* Mon Nov 28 2011 zooey@hirschkaefer.de
- Add patch cgit-fix-more-read_tree_recursive-invocations.diff:
There are more incorrect invocations of read_tree_recursive(),
one example can be seen when visiting one of the 'plain' links
in the tree view (contents of the wrong file are shown).
This time I did what I should have done last time and checked
and adjusted all invocations of read_tree_recursive().
* Tue Nov 22 2011 saschpe@suse.de
- Add patch cgit-fix-print-tree.diff:
The cgit build fix with respect to git-1.7.6 is incomplete: in
the file ui-tree.c ls_tree() has been patched to use pathspec
when invoking read_tree_recursive(), but cgit_print_tree() has
no t been touched.
The resulting problem can be seen when browsing the tree of a cgit
repository: when you "drill down" into subfolders, parts of the
parent folder's contents will appear in the listing.
This patch adjusts cgit_print_tree() accordingly, which fixes the problem.
* Fri Oct 14 2011 tiwai@suse.de
- split from OBS git repo to an individual repo (since cgit-0.9
doesn't build with git-1.7.7)
- merged fixes in git repo back to cgit repo
- updated to git 1.7.6.4
* Wed Aug 03 2011 asn@cryptomilk.org
- updated to cgit 0.9.0.2
- fixed potential XSS vulnerability in rename hint
- fixed a segfault with git 1.7.6
* Mon Jun 27 2011 tiwai@suse.de
- updated to git 1.7.6: see git changelog for more details
* Mon Jun 06 2011 tiwai@suse.de
- updated to git 1.7.5.4: see git changelog for more details
* Mon Jun 06 2011 tiwai@suse.de
- Fix incompatibilies with git 1.7.5.x to build cgit again
* Wed Jun 01 2011 mmarek@novell.com
- Do not buildrequire git, the package builds it's own git and the
buildrequires line only makes backporting harder.
* Fri May 27 2011 tiwai@suse.de
- updated git 1.7.5.3:
See git changelog for more details
* Mon Mar 28 2011 tiwai@suse.de
- updated to git 1.7.4.2:
documentation updates, small bug fixes;
see included Documentation/RelNotes/1.7.4.2.txt
- updated to cgit 0.9:
major updates; using git-1.7.4.x
* Fri Dec 17 2010 tiwai@suse.de
- updated to git 1.7.3.3:
In addition to the usual fixes, this release also includes
support for the new "add.ignoreErrors" name given to the
existing "add.ignore-errors" configuration variable.
- updated to git 1.7.3.4:
Among many fixes since v1.7.3.3, it contains a fix to a recently
discovered XSS vulnerability in Gitweb (CVE 2010-3906)
* Thu Sep 30 2010 tiwai@suse.de
- updated to git 1.7.3:
major version update; new options and behavior for git-rebase,
git-clean, git-checkout, git-gui.
See release note:
http://www.kernel.org/pub/software/scm/git/docs/RelNotes-1.7.3.txt
- updated to git 1.7.3.1:
fix git-stash breakages
- Set NO_CROSS_DIRECTORY_HARDLINKS=1 to satisfy BS
* Fri Aug 20 2010 anschneider@exsuse.de
- fixed more segfaults in cgit.
* Fri Aug 20 2010 anschneider@exsuse.de
- fix cgit segfault when using git > 1.7
- update to version 0.8.3.3
- get debuginfo working, don't strip binaries.
* Fri Aug 20 2010 tiwai@suse.de
- updated to git 1.7.2.2
* Thu Jul 29 2010 tiwai@suse.de
- fix missing link with libpthread
* Thu Jul 29 2010 tiwai@suse.de
- updated to git 1.7.2.1: minor fixes for git-instaweb, git-web,
git-config. See release note:
http://www.kernel.org/pub/software/scm/git/docs/RelNotes-1.7.2.1.txt
* Thu Jul 22 2010 tiwai@suse.de
- updated to git 1.7.2: mostly bug fixes and small enhancements;
see the release note:
http://www.kernel.org/pub/software/scm/git/docs/RelNotes-1.7.2.txt
- gitweb stuff is moved to /usr/share/gitweb
* Sun Apr 25 2010 poletti.marco@gmail.com
- Build against version 1.7.0.3 of git instead of 1.6.4.3.
* Fri Feb 05 2010 poletti.marco@gmail.com
- Initial release, version 0.8.3.1
/etc/cgitrc /srv/www /srv/www/cgi-bin /srv/www/cgi-bin/cgit /srv/www/cgi-bin/cgit/cgit.cgi /srv/www/htdocs /srv/www/htdocs/cgit /srv/www/htdocs/cgit/cgit.css /srv/www/htdocs/cgit/cgit.png /srv/www/htdocs/cgit/favicon.ico /srv/www/htdocs/cgit/robots.txt /usr/lib/cgit /usr/lib/cgit/filters /usr/lib/cgit/filters/about-formatting.sh /usr/lib/cgit/filters/commit-links.sh /usr/lib/cgit/filters/email-gravatar.lua /usr/lib/cgit/filters/email-gravatar.py /usr/lib/cgit/filters/email-libravatar.lua /usr/lib/cgit/filters/file-authentication.lua /usr/lib/cgit/filters/gentoo-ldap-authentication.lua /usr/lib/cgit/filters/html-converters /usr/lib/cgit/filters/html-converters/man2html /usr/lib/cgit/filters/html-converters/md2html /usr/lib/cgit/filters/html-converters/rst2html /usr/lib/cgit/filters/html-converters/txt2html /usr/lib/cgit/filters/owner-example.lua /usr/lib/cgit/filters/simple-authentication.lua /usr/lib/cgit/filters/syntax-highlighting.py /usr/lib/cgit/filters/syntax-highlighting.sh /usr/share/doc/packages/cgit /usr/share/doc/packages/cgit/COPYING /usr/share/doc/packages/cgit/README /usr/share/man/man5/cgitrc.5.gz /var/cache/cgit
Generated by rpm2html 1.8.1
Fabrice Bellet, Sat Nov 16 00:16:38 2024