Mandriva Linux Security Advisory 2010-256 - A cross-site scripting vulnerability in Gitweb 1.7.3.3 and previous versions allows remote attackers to inject arbitrary web script or HTML code via f and fp variables. The updated packages have been patched to correct this issue.
12cc44b1f8163524c2c9ae6870b8f546fbe57f84baf66e8584fb168f16d0fad7