Launchpad has imported 8 comments from the remote bug at
https://bugzilla.redhat.com/show_bug.cgi?id=479715.
If you reply to an imported comment from within Launchpad, your comment
will be sent to the remote bug automatically. Read more about
Launchpad's inter-bugtracker facilities at
** Branch linked: lp:ubuntu/gutsy-security/git-core
** Branch linked: lp:ubuntu/hardy-security/git-core
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/317052
Title:
gitweb multiple remote command
** Also affects: gitweb (Ubuntu Hardy)
Importance: Undecided
Status: New
** Changed in: gitweb (Ubuntu Hardy)
Status: New = Fix Released
--
gitweb multiple remote command injections (CVE-2008-5516 CVE-2008-5517)
https://bugs.launchpad.net/bugs/317052
You received this bug
An update for this was released.
Thanks for the diff, David!
http://www.ubuntu.com/usn/USN-723-1
** Changed in: gitweb (Ubuntu)
Status: In Progress = Fix Released
--
gitweb multiple remote command injections (CVE-2008-5516 CVE-2008-5517)
https://bugs.launchpad.net/bugs/317052
You
** Changed in: gitweb (Ubuntu)
Status: Confirmed = In Progress
--
gitweb multiple remote command injections (CVE-2008-5516 CVE-2008-5517)
https://bugs.launchpad.net/bugs/317052
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
Here's a patch for it in hardy, would be good to see this released..
** Attachment added: hardy-gitweb-cve2008-5516.diff
http://launchpadlibrarian.net/21551544/hardy-gitweb-cve2008-5516.diff
--
gitweb multiple remote command injections (CVE-2008-5516 CVE-2008-5517)
** Changed in: git (CentOS)
Status: Unknown = Confirmed
--
gitweb multiple remote command injections (CVE-2008-5516 CVE-2008-5517)
https://bugs.launchpad.net/bugs/317052
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
** Visibility changed to: Public
--
gitweb multiple remote command injections (CVE-2008-5516 CVE-2008-5517)
https://bugs.launchpad.net/bugs/317052
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs mailing list
Thank you for using Ubuntu and taking the time to report a bug. This
package is in universe and is community-supported. If you are able,
perhaps you could prepare debdiffs to fix this by following
https://wiki.ubuntu.com/SecurityUpdateProcedures.
** Changed in: gitweb (Ubuntu)
Status: New