Synopsis: Moderate: git security update Issue date: 2010-12-21 CVE Names: CVE-2010-3906 A cross-site scripting (XSS) flaw was found in gitweb, a simple web interface for Git repositories. A remote attacker could perform an XSS attack against victims by tricking them into visiting a specially-crafted gitweb URL. (CVE-2010-3906) SL 6.x SRPMS: git-1.7.1-2.el6_0.1.src.rpm i386: emacs-git-1.7.1-2.el6_0.1.noarch.rpm emacs-git-el-1.7.1-2.el6_0.1.noarch.rpm git-1.7.1-2.el6_0.1.i686.rpm git-all-1.7.1-2.el6_0.1.noarch.rpm git-cvs-1.7.1-2.el6_0.1.noarch.rpm git-daemon-1.7.1-2.el6_0.1.i686.rpm git-email-1.7.1-2.el6_0.1.noarch.rpm git-gui-1.7.1-2.el6_0.1.noarch.rpm gitk-1.7.1-2.el6_0.1.noarch.rpm git-svn-1.7.1-2.el6_0.1.noarch.rpm gitweb-1.7.1-2.el6_0.1.noarch.rpm perl-Git-1.7.1-2.el6_0.1.noarch.rpm x86_64: emacs-git-1.7.1-2.el6_0.1.noarch.rpm emacs-git-el-1.7.1-2.el6_0.1.noarch.rpm git-1.7.1-2.el6_0.1.x86_64.rpm git-all-1.7.1-2.el6_0.1.noarch.rpm git-cvs-1.7.1-2.el6_0.1.noarch.rpm git-daemon-1.7.1-2.el6_0.1.x86_64.rpm git-email-1.7.1-2.el6_0.1.noarch.rpm git-gui-1.7.1-2.el6_0.1.noarch.rpm gitk-1.7.1-2.el6_0.1.noarch.rpm git-svn-1.7.1-2.el6_0.1.noarch.rpm gitweb-1.7.1-2.el6_0.1.noarch.rpm perl-Git-1.7.1-2.el6_0.1.noarch.rpm -Connie Sieh -Troy Dawson