oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

cgit convert_query_hexchar infinite loop (CVE-2011-1027)

From: Tomas Hoger <thoger () redhat com>
Date: Mon, 7 Mar 2011 09:07:38 +0100
Hi!

Jim Meyering discovered an infinite loop flaw in cgit.  The issue was
fixed upstream in 0.9 and 0.8.3.5.  Upstream commit has all the details:

http://hjemli.net/git/cgit/commit/?id=fc384b16fb9787380746000d3cea2d53fccc548e

-- 
Tomas Hoger / Red Hat Security Response Team
Previous By Date Next
Previous By Thread Next

Current thread: