diff --git a/0001-Fix-potential-XSS-vulnerability-in-rename-hint.patch b/0001-Fix-potential-XSS-vulnerability-in-rename-hint.patch deleted file mode 100644 index 9344e77..0000000 --- a/0001-Fix-potential-XSS-vulnerability-in-rename-hint.patch +++ /dev/null @@ -1,39 +0,0 @@ -From bebe89d7c11a92bf206bf6e528c51ffa8ecbc0d5 Mon Sep 17 00:00:00 2001 -From: Lukas Fleischer -Date: Fri, 22 Jul 2011 13:47:19 +0200 -Subject: [PATCH] Fix potential XSS vulnerability in rename hint - -The file name displayed in the rename hint should be escaped to avoid -XSS. Note that this vulnerability is only applicable when an attacker -has gained push access to the repository. - -Signed-off-by: Lukas Fleischer -Signed-off-by: Lars Hjemli ---- - ui-diff.c | 10 ++++++---- - 1 files changed, 6 insertions(+), 4 deletions(-) - -diff --git a/ui-diff.c b/ui-diff.c -index d21541b..383a534 100644 ---- a/ui-diff.c -+++ b/ui-diff.c -@@ -97,10 +97,12 @@ static void print_fileinfo(struct fileinfo *info) - htmlf("", class); - cgit_diff_link(info->new_path, NULL, NULL, ctx.qry.head, ctx.qry.sha1, - ctx.qry.sha2, info->new_path, 0); -- if (info->status == DIFF_STATUS_COPIED || info->status == DIFF_STATUS_RENAMED) -- htmlf(" (%s from %s)", -- info->status == DIFF_STATUS_COPIED ? "copied" : "renamed", -- info->old_path); -+ if (info->status == DIFF_STATUS_COPIED || info->status == DIFF_STATUS_RENAMED) { -+ htmlf(" (%s from ", -+ info->status == DIFF_STATUS_COPIED ? "copied" : "renamed"); -+ html_txt(info->old_path); -+ html(")"); -+ } - html(""); - if (info->binary) { - htmlf("bin%ld -> %ld bytes", --- -1.7.6.rc1 - diff --git a/cgit.spec b/cgit.spec index c28d192..a5143ab 100644 --- a/cgit.spec +++ b/cgit.spec @@ -1,6 +1,6 @@ # Review bug: https://bugzilla.redhat.com/479723 -%global gitver 1.8.3 +%global gitver 1.8.5 %global cachedir %{_localstatedir}/cache/%{name} %global filterdir %{_libexecdir}/%{name}/filters %global scriptdir %{_localstatedir}/www/cgi-bin @@ -17,11 +17,12 @@ make V=1 %{?_smp_mflags} \\\ CGIT_SCRIPT_NAME=cgit \\\ CGIT_DATA_PATH=%{cgitdata} \\\ docdir=%{docdir} \\\ - filterdir=%{filterdir} + filterdir=%{filterdir} \\\ + prefix=%{_prefix} Name: cgit -Version: 0.9.2 -Release: 2%{?dist} +Version: 0.10 +Release: 1%{?dist} Summary: A fast web interface for git Group: Development/Tools @@ -31,7 +32,6 @@ Source0: http://git.zx2c4.com/cgit/snapshot/%{name}-%{version}.tar.xz Source1: http://git-core.googlecode.com/files/git-%{gitver}.tar.gz Source2: cgitrc Source3: cgit.httpd -Source4: README.SELinux # On all but RHEL5 highlight is version 3. %if 0%{?fedora} || 0%{?rhel} >= 6 Patch1: cgit-0.9.1-highlightv3.patch @@ -65,10 +65,6 @@ rm -rf git mv git-%{gitver} git sed -i 's/^\(CFLAGS = \).*/\1%{optflags}/' git/Makefile -# add README.SELinux -cp -p %{SOURCE4} . - - %build %{make_cgit} @@ -102,6 +98,9 @@ rm -rf %{buildroot} %changelog +* Wed Feb 19 2014 Kevin Fenzi 0.10-1 +- Update to 0.10 + * Sat Aug 03 2013 Fedora Release Engineering - 0.9.2-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild diff --git a/sources b/sources index e141ea4..7b55382 100644 --- a/sources +++ b/sources @@ -1,2 +1,2 @@ -fe11018eff8d79caad112f4fac64b90f cgit-0.9.2.tar.xz -d91b6099fb6763cf92c696977a247060 git-1.8.3.tar.gz +16448b1cfd62fcbe738729edc6279e14 git-1.8.5.tar.gz +19944c17ecea1b1d1944718ce8ce6b61 cgit-0.10.tar.xz