projects / git.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | combined (merge: 2850c1a 9db41eb)
Git 1.7.2.5 v1.7.2.5
authorJunio C Hamano <gitster@pobox.com>
Wed, 15 Dec 2010 19:45:36 +0000 (11:45 -0800)
committerJunio C Hamano <gitster@pobox.com>
Wed, 15 Dec 2010 19:45:36 +0000 (11:45 -0800)
Signed-off-by: Junio C Hamano <gitster@pobox.com>
1  2 
Documentation/RelNotes/1.7.2.5.txt patch | | | blob
GIT-VERSION-GEN patch | diff1 | diff2 | blob | history
RelNotes patch | diff1 | diff2 | blob | history
gitweb/gitweb.perl patch | diff1 | diff2 | blob | history

diff --cc Documentation/RelNotes/1.7.2.5.txt
index 0000000000000000000000000000000000000000,0000000000000000000000000000000000000000..bf976c40db7abd2fb4475e449e5d2194c4bc0cdc
new file mode 100644 (file)
--- /dev/null
--- /dev/null
+++ b/Documentation/RelNotes/1.7.2.5.txt
@@@ -1,0 -1,0 +1,8 @@@
++Git v1.7.2.5 Release Notes
++==========================
++
++Fixes since v1.7.2.4
++--------------------
++
++ * "gitweb" can sometimes be tricked into parrotting a filename argument
++   given in a request without properly quoting.
diff --cc GIT-VERSION-GEN
index 1c0f85c2bd459d384205222120286a554c9bd968,5e8077ebf47ebf749adbc63ee550028fb74d5378..ec4c49a90daacc11072f8285e5879378156c22a8
--- 1/GIT-VERSION-GEN
--- 2/GIT-VERSION-GEN
+++ b/GIT-VERSION-GEN
@@@ -1,7 -1,7 +1,7 @@@
  #!/bin/sh
  
  GVF=GIT-VERSION-FILE
- DEF_VER=v1.7.2.4
 -DEF_VER=v1.7.1.4
++DEF_VER=v1.7.2.5
  
  LF='
  '
diff --cc RelNotes
index c81a98e070a1d9e8ef2ca56e1b18fcbffba19cf7,86af99bd3774d6e35785c12725e1134da023a223..17d37af54951e3179282cad837ee0beb271eb4e9
--- 1/RelNotes
--- 2/RelNotes
+++ b/RelNotes
@@@ -1,1 -1,1 +1,1 @@@
- Documentation/RelNotes/1.7.2.4.txt
 -Documentation/RelNotes/1.7.1.4.txt
++Documentation/RelNotes/1.7.2.5.txt
diff --cc gitweb/gitweb.perl
index 84261bba34dcdf436bb3b87ab88c67353ea4f4dd,b51f5bfb2f3e1b440a1815ad6163441ba97c8c70..8b8ab2960793d591bcd8bf572e882339b9674a04
--- 1/gitweb/gitweb.perl
--- 2/gitweb/gitweb.perl
+++ b/gitweb/gitweb.perl
@@@ -5629,8 -5408,10 +5636,8 @@@ sub git_blob 
                        chomp $line;
                        $nr++;
                        $line = untabify($line);
 -                      printf "<div class=\"pre\"><a id=\"l%i\" href=\""
 -                              . esc_attr(href(-replay => 1))
 -                              . "#l%i\" class=\"linenr\">%4i</a> %s</div>\n",
 -                             $nr, $nr, $nr, esc_html($line, -nbsp=>1);
 +                      printf qq!<div class="pre"><a id="l%i" href="%s#l%i" class="linenr">%4i</a> %s</div>\n!,
-                              $nr, href(-replay => 1), $nr, $nr, $syntax ? $line : esc_html($line, -nbsp=>1);
++                             $nr, esc_attr(href(-replay => 1)), $nr, $nr, $syntax ? $line : esc_html($line, -nbsp=>1);
                }
        }
        close $fd
Git—the stupid content tracker