)]}'
{
  "commit": "3017ed62f47ce14a959e2d315c434d4980cf4243",
  "tree": "de50397d2e5078ee325ea4e332b2825732639bd0",
  "parents": [
    "1b0b962d771fb734cbf273f216b487bb58dec7b9"
  ],
  "author": {
    "name": "Jakub Narebski",
    "email": "jnareb@gmail.com",
    "time": "Wed Dec 15 00:34:01 2010 +0100"
  },
  "committer": {
    "name": "Junio C Hamano",
    "email": "gitster@pobox.com",
    "time": "Wed Dec 15 11:16:31 2010 -0800"
  },
  "message": "gitweb: Introduce esc_attr to escape attributes of HTML elements\n\nIt is needed only to escape attributes of handcrafted HTML elements,\nand not those generated using CGI.pm subroutines / methods for HTML\ngeneration.\n\nWhile at it, add esc_url and esc_html where needed, and prefer to use\nCGI.pm HTML generating methods than handcrafted HTML code.  Most of\nthose are probably unnecessary (could be exploited only by person with\nwrite access to gitweb config, or at least access to the repository).\n\nThis fixes CVE-2010-3906\n\nReported-by: Emanuele Gentili \u003ce.gentili@tigersecurity.it\u003e\nHelped-by: John \u0027Warthog9\u0027 Hawley \u003cwarthog9@kernel.org\u003e\nHelped-by: Jonathan Nieder \u003cjrnieder@gmail.com\u003e\nSigned-off-by: Jakub Narebski \u003cjnareb@gmail.com\u003e\nSigned-off-by: Junio C Hamano \u003cgitster@pobox.com\u003e\n",
  "tree_diff": [
    {
      "type": "modify",
      "old_id": "2cb832753a449aba64cc0e4b0f2c7878bb3871f5",
      "old_mode": 33261,
      "old_path": "gitweb/gitweb.perl",
      "new_id": "c3a04b122352650e22f81f7ae5acdc3cdf100135",
      "new_mode": 33261,
      "new_path": "gitweb/gitweb.perl"
    }
  ]
}