From 8685d0606ab89d39c7639b07cbf6cdde0060328c Mon Sep 17 00:00:00 2001 From: Girish Ramakrishnan Date: Fri, 11 Aug 2017 11:28:59 -0700 Subject: [PATCH 1/2] Update git https://people.canonical.com/~ubuntu-security/cve/2017/CVE-2017-1000117.html --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index b9cd4b1..e2d214d 100644 --- a/Dockerfile +++ b/Dockerfile @@ -3,7 +3,7 @@ FROM cloudron/base:0.10.0 ENV VERSION 1.1.3 RUN apt-get update && \ - apt-get install -y openssh-server && \ + apt-get install -y openssh-server git && \ rm -rf /etc/ssh_host_* && \ rm -r /var/cache/apt /var/lib/apt/lists From 8b65c0a5db1833c0757c87436ea2f0c1bfd9374e Mon Sep 17 00:00:00 2001 From: Girish Ramakrishnan Date: Fri, 11 Aug 2017 11:58:28 -0700 Subject: [PATCH 2/2] Version 1.0.1 --- CHANGELOG | 5 +++++ CloudronManifest.json | 2 +- 2 files changed, 6 insertions(+), 1 deletion(-) diff --git a/CHANGELOG b/CHANGELOG index 72a322e..f2c7b61 100644 --- a/CHANGELOG +++ b/CHANGELOG @@ -13,3 +13,8 @@ [1.0.0] * Update to version 1.1.3 +[1.0.1] +* Update Git to v2.7.4-0ubuntu1.2 +* Fixes critical security issue that allows remote command execution in git +* https://people.canonical.com/~ubuntu-security/cve/2017/CVE-2017-1000117.html + diff --git a/CloudronManifest.json b/CloudronManifest.json index 3e5307b..e2e981e 100644 --- a/CloudronManifest.json +++ b/CloudronManifest.json @@ -4,7 +4,7 @@ "author": "Gitea developers", "description": "file://DESCRIPTION.md", "tagline": "A painless self-hosted Git Service", - "version": "1.0.0", + "version": "1.0.1", "healthCheckPath": "/healthcheck", "httpPort": 3000, "addons": {