]> git.vanrenterghem.biz Git - git.ikiwiki.info.git/blobdiff - doc/security.mdwn
projects / git.ikiwiki.info.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Rebuild for jessie-backports
[git.ikiwiki.info.git] / doc / security.mdwn
diff --git a/doc/security.mdwn b/doc/security.mdwn
index c08d658c84b0cc0bee96d0343a04d0ce2eead690..317a534cad8aad4f13485bc59435eeabc7672b85 100644 (file)
--- a/doc/security.mdwn
+++ b/doc/security.mdwn
@@ -566,7 +566,8 @@ This bug was reported on 2016-12-17. A partially fixed version
 version was not effective with git versions older than 2.8.0.
 
 ([[!cve CVE-2016-10026]] represents the original vulnerability.
-OVE-20161226-0002 represents the incomplete fix in 3.20161219.)
+[[!cve CVE-2016-9645]]/OVE-20161226-0002 represents the vulnerability
+in 3.20161219 caused by the incomplete fix.)
 
 ## Commit metadata forgery via CGI::FormBuilder context-dependent APIs
 
@@ -588,4 +589,4 @@ of them relatively minor:
   could potentially forge commit authorship (attribute their edit to
   someone else) by crafting multiple values for the rcsinfo field
 
-(OVE-20161226-0001)
+([[!cve CVE-2016-9646]]/OVE-20161226-0001)
Unnamed repository; edit this file 'description' to name the repository.