Change log for git package in Ubuntu
| 1 → 75 of 216 results | First • Previous • Next • Last |
git (1:2.43.0-1ubuntu7) noble; urgency=high * No change rebuild against libcurl3t64-gnutls. -- Julian Andres Klode <email address hidden> Mon, 08 Apr 2024 16:39:51 +0200
Available diffs
- diff from 1:2.43.0-1ubuntu6 to 1:2.43.0-1ubuntu7 (326 bytes)
git (1:2.43.0-1ubuntu6) noble; urgency=medium * No-change rebuild for CVE-2024-3094 -- Steve Langasek <email address hidden> Sun, 31 Mar 2024 00:07:01 +0000
Available diffs
- diff from 1:2.43.0-1ubuntu5 to 1:2.43.0-1ubuntu6 (305 bytes)
git (1:2.43.0-1ubuntu5) noble; urgency=medium * Run tests again. -- Matthias Klose <email address hidden> Sat, 16 Mar 2024 13:18:21 +0100
Available diffs
- diff from 1:2.43.0-1ubuntu1 to 1:2.43.0-1ubuntu5 (404 bytes)
- diff from 1:2.43.0-1ubuntu4 to 1:2.43.0-1ubuntu5 (437 bytes)
| Superseded in noble-proposed |
git (1:2.43.0-1ubuntu4) noble; urgency=medium * Run tests again. -- Matthias Klose <email address hidden> Sat, 16 Mar 2024 13:18:21 +0100
Available diffs
- diff from 1:2.43.0-1ubuntu3 to 1:2.43.0-1ubuntu4 (314 bytes)
| Superseded in noble-proposed |
git (1:2.43.0-1ubuntu3) noble; urgency=medium * Don't run tests for a first build against libcurl3t64-gnutls. -- Matthias Klose <email address hidden> Sat, 16 Mar 2024 13:17:23 +0100
Available diffs
- diff from 1:2.43.0-1ubuntu2 to 1:2.43.0-1ubuntu3 (548 bytes)
| Superseded in noble-proposed |
git (1:2.43.0-1ubuntu2) noble; urgency=medium * No-change rebuild against libcurl3t64-gnutls -- Steve Langasek <email address hidden> Sat, 16 Mar 2024 06:55:53 +0000
Available diffs
- diff from 1:2.43.0-1ubuntu1 to 1:2.43.0-1ubuntu2 (330 bytes)
| Deleted in noble-updates (Reason: superseded by release) |
| Superseded in noble-release |
| Deleted in noble-proposed (Reason: Moved to noble) |
git (1:2.43.0-1ubuntu1) noble; urgency=medium
* Merge from Debian Unstable. Remaining changes:
- Build diff-highlight in the contrib dir
- Don't build-depend on subversion on i386, it is not reasonable to
support on the partial arch.
Available diffs
| Superseded in noble-proposed |
git (1:2.42.0-1ubuntu1) noble; urgency=medium
* Merge from Debian unstable. Remaining changes:
- Build diff-highlight in the contrib dir
- Don't build-depend on subversion on i386, it is not reasonable to
support on the partial arch.
Available diffs
- diff from 1:2.40.1-1ubuntu1 to 1:2.42.0-1ubuntu1 (994.8 KiB)
git (1:2.34.1-1ubuntu1.10) jammy; urgency=medium
* Fix issue where untracked files are not recovered during a stash
pop/apply operation when a merge conflict is present. Untracked
files are now correctly restored regardless if a conflict is
present or not. (LP: #2026319)
- d/p/lp-2026319-stash-do-not-return-before-restoring-untracked-files.patch
-- Matthew Ruffell <email address hidden> Fri, 07 Jul 2023 14:31:14 +1200
| Superseded in noble-release |
| Published in mantic-release |
| Deleted in mantic-proposed (Reason: Moved to mantic) |
git (1:2.40.1-1ubuntu1) mantic; urgency=low
* Merge from Debian unstable. Remaining changes:
- Build diff-highlight in the contrib dir
- Don't build-depend on subversion on i386, it is not reasonable to
support on the partial arch.
* Dropped changes, included upstream:
- debian/patches/CVE-2023_25652_25815_29007/0022-*.patch: apply
--reject overwriting existing .rej symlink if it exists in apply.c,
t/t4115-apply-symlink.sh.
- debian/patches/CVE-2023_25652_25815_29007/0024-*patch:
avoid using gettext if the locale dir is not present in
gettext.c.
- debian/patches/CVE-2023_25652_25815_29007/0025-*.patch: avoid
fixed-sized buffer when renaming/deleting a section in config.c,
t/t1300-config.sh.
- debian/patches/CVE-2023_25652_25815_29007/0026-*.patch: avoid
integer truncation in copy_or_rename_section_in_file() in config.c.
- debian/patches/CVE-2023_25652_25815_29007/0027-*.patch: disallow
overly-long lines in copy_or_rename_section_in_file in config.c.
Available diffs
git (1:2.17.1-1ubuntu0.18) bionic-security; urgency=medium
* SECURITY UPDATE: Overwriting path
- debian/patches/CVE-2023_25652_25815_29007/0022-*.patch: apply
--reject overwriting existing .rej symlink if it exists in apply.c,
t/t4115-apply-symlink.sh.
- CVE-2023-25652
* SECURITY UPDATE: Malicious placement of crafted messages
- debian/patches/CVE-2023_25652_25815_29007/0024-*patch:
avoid using gettext if the locale dir is not present in
gettext.c.
- CVE-2023-25815
* SECURITY UPDATE: Arbitrary configuration injection
- debian/patches/CVE-2023_25652_25815_29007/0025-*.patch: avoid
fixed-sized buffer when renaming/deleting a section in config.c.
- debian/patches/CVE-2023_25652_25815_29007/0026-*.patch: avoid
integer truncation in copy_or_rename_section_in_file() in config.c.
- debian/patches/CVE-2023_25652_25815_29007/0027-*.patch: disallow
overly-long lines in copy_or_rename_section_in_file in config.c.
- CVE-2023-29007
-- Leonidas Da Silva Barbosa <email address hidden> Wed, 26 Apr 2023 11:14:45 -0300
Available diffs
git (1:2.25.1-1ubuntu3.11) focal-security; urgency=medium
* SECURITY UPDATE: Overwriting path
- debian/patches/CVE-2023_25652_25815_29007/0022-*.patch: apply
--reject overwriting existing .rej symlink if it exists in apply.c,
t/t4115-apply-symlink.sh.
- CVE-2023-25652
* SECURITY UPDATE: Malicious placement of crafted messages
- debian/patches/CVE-2023_25652_25815_29007/0024-*patch:
avoid using gettext if the locale dir is not present in
gettext.c.
- CVE-2023-25815
* SECURITY UPDATE: Arbitrary configuration injection
- debian/patches/CVE-2023_25652_25815_29007/0025-*.patch: avoid
fixed-sized buffer when renaming/deleting a section in config.c,
t/t1300-config.sh.
- debian/patches/CVE-2023_25652_25815_29007/0026-*.patch: avoid
integer truncation in copy_or_rename_section_in_file() in config.c.
- debian/patches/CVE-2023_25652_25815_29007/0027-*.patch: disallow
overly-long lines in copy_or_rename_section_in_file in config.c.
- CVE-2023-29007
-- Leonidas Da Silva Barbosa <email address hidden> Wed, 26 Apr 2023 09:52:23 -0300
Available diffs
| Superseded in mantic-release |
| Deleted in mantic-proposed (Reason: Moved to mantic) |
| Published in lunar-updates |
| Published in lunar-security |
git (1:2.39.2-1ubuntu1.1) lunar-security; urgency=medium
* SECURITY UPDATE: Overwriting path
- debian/patches/CVE-2023_25652_25815_29007/0022-*.patch: apply
--reject overwriting existing .rej symlink if it exists in apply.c,
t/t4115-apply-symlink.sh.
- CVE-2023-25652
* SECURITY UPDATE: Malicious placement of crafted messages
- debian/patches/CVE-2023_25652_25815_29007/0024-*patch:
avoid using gettext if the locale dir is not present in
gettext.c.
- CVE-2023-25815
* SECURITY UPDATE: Arbitrary configuration injection
- debian/patches/CVE-2023_25652_25815_29007/0025-*.patch: avoid
fixed-sized buffer when renaming/deleting a section in config.c,
t/t1300-config.sh.
- debian/patches/CVE-2023_25652_25815_29007/0026-*.patch: avoid
integer truncation in copy_or_rename_section_in_file() in config.c.
- debian/patches/CVE-2023_25652_25815_29007/0027-*.patch: disallow
overly-long lines in copy_or_rename_section_in_file in config.c.
- CVE-2023-29007
-- Leonidas Da Silva Barbosa <email address hidden> Mon, 24 Apr 2023 13:01:23 -0300
Available diffs
git (1:2.34.1-1ubuntu1.9) jammy-security; urgency=medium
* SECURITY UPDATE: Overwriting path
- debian/patches/CVE-2023_25652_25815_29007/0022-*.patch: apply
--reject overwriting existing .rej symlink if it exists in apply.c,
t/t4115-apply-symlink.sh.
- CVE-2023-25652
* SECURITY UPDATE: Malicious placement of crafted messages
- debian/patches/CVE-2023_25652_25815_29007/0024-*patch:
avoid using gettext if the locale dir is not present in
gettext.c.
- CVE-2023-25815
* SECURITY UPDATE: Arbitrary configuration injection
- debian/patches/CVE-2023_25652_25815_29007/0025-*.patch: avoid
fixed-sized buffer when renaming/deleting a section in config.c,
t/t1300-config.sh.
- debian/patches/CVE-2023_25652_25815_29007/0026-*.patch: avoid
integer truncation in copy_or_rename_section_in_file() in config.c.
- debian/patches/CVE-2023_25652_25815_29007/0027-*.patch: disallow
overly-long lines in copy_or_rename_section_in_file in config.c.
- CVE-2023-29007
-- Leonidas Da Silva Barbosa <email address hidden> Wed, 26 Apr 2023 06:43:33 -0300
Available diffs
git (1:2.37.2-1ubuntu1.5) kinetic-security; urgency=medium
* SECURITY UPDATE: Overwriting path
- debian/patches/CVE-2023-25652_25815_29007/0022-*.patch: apply
--reject overwriting existing .rej symlink if it exists in apply.c,
t/t4115-apply-symlink.sh.
- CVE-2023-25652
* SECURITY UPDATE: Malicious placement of crafted messages
- debian/patches/CVE-2023-25652_25815_29007/0024-*patch:
avoid using gettext if the locale dir is not present in
gettext.c.
- CVE-2023-25815
* SECURITY UPDATE: Arbitrary configuration injection
- debian/patches/CVE-2023-25652_25815_29007/0025-*.patch: avoid
fixed-sized buffer when renaming/deleting a section in config.c,
t/t1300-config.sh.
- debian/patches/CVE-2023-25652_25815_29007/0026-*.patch: avoid
integer truncation in copy_or_rename_section_in_file() in config.c.
- debian/patches/CVE-2023-25652_25815_29007/0027-*.patch: disallow
overly-long lines in copy_or_rename_section_in_file in config.c.
- CVE-2023-29007
-- Leonidas Da Silva Barbosa <email address hidden> Mon, 24 Apr 2023 14:29:14 -0300
Available diffs
git (1:2.17.1-1ubuntu0.17) bionic-security; urgency=medium
* SECURITY REGRESSION: Adding missing parts of CVE-2023-22490
local repository clone when .git/objects is a symlink
- debian/patches/CVE_2023_22490_and_23946/0001-dir-iterator-refactor*.patch
- debian/patches/CVE_2023_22490_and_23946/0005-dir-iterator-add-flags*.patch
(LP: #2008277).
-- Leonidas Da Silva Barbosa <email address hidden> Mon, 27 Feb 2023 11:27:06 -0300
Available diffs
| Superseded in mantic-release |
| Published in lunar-release |
| Deleted in lunar-proposed (Reason: Moved to lunar) |
git (1:2.39.2-1ubuntu1) lunar; urgency=medium
* Merge from Debian Unstable. Remaining changes:
- Build diff-highlight in the contrib dir
- Don't build-depend on subversion on i386, it is not reasonable to
support on the partial arch.
Available diffs
| Superseded in lunar-proposed |
git (1:2.39.1-0.1ubuntu1) lunar; urgency=medium
* Merge from Debian Unstable. Remaining changes:
- Build diff-highlight in the contrib dir
- Don't build-depend on subversion on i386, it is not reasonable to
support on the partial arch.
Available diffs
git (1:2.34.1-1ubuntu1.8) jammy-security; urgency=medium
* SECURITY UPDATE: Overwritten path and using
local clone optimization even when using a non-local transport
- debian/patches/CVE_2023-22490_and_23946/0002-*.patch: adjust
a mismatch data type in attr.c.
- debian/patches/CVE_2023-22490_and_23946/0003-*.patch: demonstrate
clone_local() with ambiguous transport in
t/t5619-clone-local-ambiguous-transport.sh.
- debian/patches/CVE_2023-22490_and_23946/0004-*.patch: delay
picking a transport until after get_repo_path() in builtin/clone.c.
- debian/patches/CVE_2023-22490_and_23946/0005-*.patch: prevent top-level
symlinks without FOLLOW_SYMLINKS in dir-iterator, dir-iterator.h,
t/t0066-dir-iterator.sh, t/t5604-clone-reference.sh.
- debian/patches/CVE_2023-22490_and_23946/0006-*.patch: fix writing behind
newly created symbolic links in apply.c, t/t4115-apply-symlink.sh.
- CVE-2023-22490
- CVE-2023-23946
-- Leonidas Da Silva Barbosa <email address hidden> Wed, 08 Feb 2023 10:57:45 -0300
Available diffs
git (1:2.37.2-1ubuntu1.4) kinetic-security; urgency=medium
* SECURITY UPDATE: Overwritten path and using
local clone optimization even when using a non-local transport
- debian/patches/CVE_2023-22490_and_23946/0002-*.patch: adjust
a mismatch data type in attr.c.
- debian/patches/CVE_2023-22490_and_23946/0003-*.patch: demonstrate
clone_local() with ambiguous transport in
t/t5619-clone-local-ambiguous-transport.sh.
- debian/patches/CVE_2023-22490_and_23946/0004-*.patch: delay
picking a transport until after get_repo_path() in builtin/clone.c.
- debian/patches/CVE_2023-22490_and_23946/0005-*.patch: prevent top-level
symlinks without FOLLOW_SYMLINKS in dir-iterator, dir-iterator.h,
t/t0066-dir-iterator.sh, t/t5604-clone-reference.sh.
- debian/patches/CVE_2023-22490_and_23946/0006-*.patch: fix writing behind
newly created symbolic links in apply.c, t/t4115-apply-symlink.sh.
- CVE-2023-22490
- CVE-2023-23946
-- Leonidas Da Silva Barbosa <email address hidden> Wed, 08 Feb 2023 09:17:55 -0300
Available diffs
git (1:2.17.1-1ubuntu0.16) bionic-security; urgency=medium
* SECURITY UPDATE: Overwritten path and using
local clone optimization even when using a non-local transport
- debian/patches/CVE_2023-22490_and_23946/0002-*.patch: adjust
a mismatch data type in attr.c.
- debian/patches/CVE_2023-22490_and_23946/0003-*.patch: demonstrate
clone_local() with ambiguous transport in
t/t5619-clone-local-ambiguous-transport.sh.
- debian/patches/CVE_2023-22490_and_23946/0004-*.patch: delay
picking a transport until after get_repo_path() in builtin/clone.c.
- debian/patches/CVE_2023-22490_and_23946/0006-*.patch: fix writing behind
newly created symbolic links in apply.c, t/t4115-apply-symlink.sh.
- CVE-2023-22490
- CVE-2023-23946
-- Leonidas Da Silva Barbosa <email address hidden> Wed, 08 Feb 2023 12:09:34 -0300
git (1:2.25.1-1ubuntu3.10) focal-security; urgency=medium
* SECURITY UPDATE: Overwritten path and using
local clone optimization even when using a non-local transport
- debian/patches/CVE_2023-22490_and_23946/0002-*.patch: adjust
a mismatch data type in attr.c.
- debian/patches/CVE_2023-22490_and_23946/0003-*.patch: demonstrate
clone_local() with ambiguous transport in
t/t5619-clone-local-ambiguous-transport.sh.
- debian/patches/CVE_2023-22490_and_23946/0004-*.patch: delay
picking a transport until after get_repo_path() in builtin/clone.c.
- debian/patches/CVE_2023-22490_and_23946/0005-*.patch: prevent top-level
symlinks without FOLLOW_SYMLINKS in dir-iterator, dir-iterator.h,
t/t0066-dir-iterator.sh, t/t5604-clone-reference.sh.
- debian/patches/CVE_2023-22490_and_23946/0006-*.patch: fix writing behind
newly created symbolic links in apply.c, t/t4115-apply-symlink.sh.
- CVE-2023-22490
- CVE-2023-23946
-- Leonidas Da Silva Barbosa <email address hidden> Wed, 08 Feb 2023 11:21:13 -0300
Available diffs
git (1:2.17.1-1ubuntu0.15) bionic-security; urgency=medium
* SECURITY REGRESSION: Previous update was incomplete what could causes regressions
- debian/patches/CVE_2022_23521_and_41903/0012-*.patch: update patch with
missed parts (LP: #2003246).
-- Leonidas Da Silva Barbosa <email address hidden> Thu, 19 Jan 2023 08:37:09 -0300
Available diffs
git (1:2.25.1-1ubuntu3.8) focal-security; urgency=medium
* SECURITY REGRESSION: Previous update was incomplete what could causes regressions
- debian/patches/CVE_2022_23521_and_41903/0012-*.patch: update patch with
missed parts (LP: #2003246).
-- Leonidas Da Silva Barbosa <email address hidden> Thu, 19 Jan 2023 08:22:47 -0300
Available diffs
git (1:2.37.2-1ubuntu1.2) kinetic-security; urgency=medium
* SECURITY UPDATE: Integer overflow
- debian/patches/CVE_2022_23521_and_41903/00*.patch:
attr.c, attr.h, pretty.c, column.c, utf8.c, utf8.h,
t/t4205-log-pretty-formats.sh, t/test-lib.sh, git-compat-util.h,
t/t0003-attributes.sh.
- CVE-2022-23521
- CVE-2022-41903
-- Leonidas Da Silva Barbosa <email address hidden> Wed, 11 Jan 2023 14:29:53 -0300
Available diffs
git (1:2.34.1-1ubuntu1.6) jammy-security; urgency=medium
* SECURITY UPDATE: Integer overflow
- debian/patches/CVE_2022_23521_and_41903/00*.patch:
attr.c, attr.h, pretty.c, column.c, utf8.c, utf8.h,
t/t4205-log-pretty-formats.sh, t/test-lib.sh, git-compat-util.h,
t/t0003-attributes.sh.
- CVE-2022-23521
- CVE-2022-41903
-- Leonidas Da Silva Barbosa <email address hidden> Wed, 11 Jan 2023 15:12:27 -0300
Available diffs
git (1:2.25.1-1ubuntu3.7) focal-security; urgency=medium
* SECURITY UPDATE: Integer overflow
- debian/patches/CVE_2022_23521_and_41903/00*.patch:
attr.c, attr.h, pretty.c, column.c, utf8.c, utf8.h,
t/t4205-log-pretty-formats.sh, t/test-lib.sh, git-compat-util.h,
t/t0003-attributes.sh.
- CVE-2022-23521
- CVE-2022-41903
-- Leonidas Da Silva Barbosa <email address hidden> Thu, 12 Jan 2023 09:56:29 -0300
Available diffs
git (1:2.17.1-1ubuntu0.14) bionic-security; urgency=medium
* SECURITY UPDATE: Integer overflow
- debian/patches/CVE_2022_23521_and_41903/00*.patch:
attr.c, attr.h, pretty.c, column.c, utf8.c, utf8.h,
t/t4205-log-pretty-formats.sh, t/test-lib.sh, git-compat-util.h,
t/t0003-attributes.sh.
- CVE-2022-23521
- CVE-2022-41903
-- Leonidas Da Silva Barbosa <email address hidden> Thu, 12 Jan 2023 11:48:11 -0300
Available diffs
git (1:2.38.1-1ubuntu2) lunar; urgency=medium
* d/p/fix-cpuinfo-regexp.patch: fix cpuinfo regexp to accomodate the
way s390x shows it (LP: #1997475)
-- Andreas Hasenack <email address hidden> Tue, 22 Nov 2022 14:25:40 -0300
Available diffs
git (1:2.37.2-1ubuntu1.1) kinetic-security; urgency=medium
* SECURITY UPDATE: Unexpected behavior
- debian/patches/CVE-2022-39253-*.patch: disallow --local
clones with symlinks and additionally changed the
protocol.file.allow to be user by default in
builtin/clone.c, transport.c, and modified tests in
t/t5604-clone-reference.sh,
lib-submodule-update.sh, t/t1091-sparse-checkout-builtin.sh,
t/t1500-rev-parse.sh, t/t2400-worktree-add.sh,
t/t2403-worktree-move.sh, t/t2405-worktree-submodule.sh,
t/t3200-branch.sh, t/t3420-rebase-autostash.sh,
t/t3426-rebase-submodule.sh, t/t3512-cherry-pick-submodule.sh,
t/t3600-rm.sh, t/t3906-stash-submodule.sh,
t/t4059-diff-submodule-not-initialized.sh,
t/t4060-diff-submodule-option-diff-format.sh,
t/t4067-diff-partial-clone.sh,
t/t4208-log-magic-pathspec.sh, t/t5510-fetch.sh,
t/t5526-fetch-submodules.sh, t/t5545-push-options.sh,
t/t5572-pull-submodule.sh, t/t5601-clone.sh,
t/t5614-clone-submodules-shallow.sh, t/t5616-partial-clone.sh,
t/t5617-clone-submodules-remote.sh, t/t6008-rev-list-submodule.sh,
t/t6134-pathspec-in-submodule.sh,
t/t7001-mv.sh, t/t7064-wtstatus-pv2.sh,
t/t7300-clean.sh, t/t7400-submodule-basic.sh,
t/t7403-submodule-sync.sh, t/t7406-submodule-update.sh,
t/t7407-submodule-foreach.sh, t/t7408-submodule-reference.sh,
t/t7409-submodule-detached-work-tree.sh, t/t7411-submodule-config.sh,
t/t7413-submodule-is-active.sh, t/t7414-submodule-mistakes.sh,
t/t7415-submodule-names.sh, t/t7416-submodule-dash-url.sh,
t/t7417-submodule-path-url.sh, t/t7418-submodule-sparse-gitmodules.sh,
t/t7419-submodule-set-branch.sh, t/t7420-submodule-set-url.sh,
t/t7421-submodule-summary-add.sh, t/t7506-status-submodule.sh,
t/t7507-commit-verbose.sh, t/t7800-difftool.sh,
t/t7814-grep-recurse-submodules.sh, t/t9304-fast-import-marks.sh,
t/t9350-fast-export.sh, t/t1092-sparse-checkout-compatibility.sh,
t/t2080-parallel-checkout-basics.sh, t/t7450-bad-git-dotfiles.sh.
- CVE-2022-39253
* SECURITY UPDATE: Arbitrary heap writes
- debian/patches/CVE-2022-39260-*.patch: limit size of interactive
commands and reject too-long cmdline strings in split cmdline()
in shell.c, t/t9850-shell.sh, alias.c.
- CVE-2022-39260
-- Leonidas Da Silva Barbosa <email address hidden> Mon, 14 Nov 2022 16:44:48 -0300
Available diffs
| Superseded in lunar-proposed |
git (1:2.38.1-1ubuntu1) lunar; urgency=low
* Merge from Debian unstable. Remaining changes:
- Build diff-highlight in the contrib dir
- Don't build-depend on subversion on i386, it is not reasonable to
support on the partial arch.
Available diffs
- diff from 1:2.37.2-1ubuntu1 to 1:2.38.1-1ubuntu1 (731.0 KiB)
git (1:2.17.1-1ubuntu0.13) bionic-security; urgency=medium
* SECURITY UPDATE: Unexpected behavior
- debian/patches/CVE-2022-39253-*.patch: disallow --local
clones with symlinks and additionally changed the
protocol.file.allow to be user by default in
builtin/clone.c, transport.c, and modified tests in
t/t5604-clone-reference.sh,
lib-submodule-update.sh, t/t1091-sparse-checkout-builtin.sh,
t/t1500-rev-parse.sh, t/t2400-worktree-add.sh,
t/t2403-worktree-move.sh, t/t2405-worktree-submodule.sh,
t/t3200-branch.sh, t/t3420-rebase-autostash.sh,
t/t3426-rebase-submodule.sh, t/t3512-cherry-pick-submodule.sh,
t/t3600-rm.sh, t/t3906-stash-submodule.sh,
t/t4059-diff-submodule-not-initialized.sh,
t/t4060-diff-submodule-option-diff-format.sh,
t/t4067-diff-partial-clone.sh,
t/t4208-log-magic-pathspec.sh, t/t5510-fetch.sh,
t/t5526-fetch-submodules.sh, t/t5545-push-options.sh,
t/t5572-pull-submodule.sh, t/t5601-clone.sh,
t/t5614-clone-submodules-shallow.sh, t/t5616-partial-clone.sh,
t/t5617-clone-submodules-remote.sh, t/t6008-rev-list-submodule.sh,
t/t6134-pathspec-in-submodule.sh,
t/t7001-mv.sh, t/t7064-wtstatus-pv2.sh,
t/t7300-clean.sh, t/t7400-submodule-basic.sh,
t/t7403-submodule-sync.sh, t/t7406-submodule-update.sh,
t/t7407-submodule-foreach.sh, t/t7408-submodule-reference.sh,
t/t7409-submodule-detached-work-tree.sh, t/t7411-submodule-config.sh,
t/t7413-submodule-is-active.sh, t/t7414-submodule-mistakes.sh,
t/t7415-submodule-names.sh, t/t7416-submodule-dash-url.sh,
t/t7417-submodule-path-url.sh, t/t7418-submodule-sparse-gitmodules.sh,
t/t7419-submodule-set-branch.sh, t/t7420-submodule-set-url.sh,
t/t7421-submodule-summary-add.sh, t/t7506-status-submodule.sh,
t/t7507-commit-verbose.sh, t/t7800-difftool.sh,
t/t7814-grep-recurse-submodules.sh, t/t9304-fast-import-marks.sh,
t/t9350-fast-export.sh, t/t1092-sparse-checkout-compatibility.sh,
t/t2080-parallel-checkout-basics.sh, t/t7450-bad-git-dotfiles.sh.
- CVE-2022-39253
* SECURITY UPDATE: Arbitrary heap writes
- debian/patches/CVE-2022-39260-*.patch: limit size of interactive
commands and reject too-long cmdline strings in split cmdline()
in shell.c, t/t9850-shell.sh, alias.c.
- CVE-2022-39260
-- Leonidas Da Silva Barbosa <email address hidden> Fri, 14 Oct 2022 11:15:33 -0300
Available diffs
git (1:2.25.1-1ubuntu3.6) focal-security; urgency=medium
* SECURITY UPDATE: Unexpected behavior
- debian/patches/CVE-2022-39253-*.patch: disallow --local
clones with symlinks and additionally changed the
protocol.file.allow to be user by default in
builtin/clone.c, transport.c, and modified tests in
t/t5604-clone-reference.sh,
lib-submodule-update.sh, t/t1091-sparse-checkout-builtin.sh,
t/t1500-rev-parse.sh, t/t2400-worktree-add.sh,
t/t2403-worktree-move.sh, t/t2405-worktree-submodule.sh,
t/t3200-branch.sh, t/t3420-rebase-autostash.sh,
t/t3426-rebase-submodule.sh, t/t3512-cherry-pick-submodule.sh,
t/t3600-rm.sh, t/t3906-stash-submodule.sh,
t/t4059-diff-submodule-not-initialized.sh,
t/t4060-diff-submodule-option-diff-format.sh,
t/t4067-diff-partial-clone.sh,
t/t4208-log-magic-pathspec.sh, t/t5510-fetch.sh,
t/t5526-fetch-submodules.sh, t/t5545-push-options.sh,
t/t5572-pull-submodule.sh, t/t5601-clone.sh,
t/t5614-clone-submodules-shallow.sh, t/t5616-partial-clone.sh,
t/t5617-clone-submodules-remote.sh, t/t6008-rev-list-submodule.sh,
t/t6134-pathspec-in-submodule.sh,
t/t7001-mv.sh, t/t7064-wtstatus-pv2.sh,
t/t7300-clean.sh, t/t7400-submodule-basic.sh,
t/t7403-submodule-sync.sh, t/t7406-submodule-update.sh,
t/t7407-submodule-foreach.sh, t/t7408-submodule-reference.sh,
t/t7409-submodule-detached-work-tree.sh, t/t7411-submodule-config.sh,
t/t7413-submodule-is-active.sh, t/t7414-submodule-mistakes.sh,
t/t7415-submodule-names.sh, t/t7416-submodule-dash-url.sh,
t/t7417-submodule-path-url.sh, t/t7418-submodule-sparse-gitmodules.sh,
t/t7419-submodule-set-branch.sh, t/t7420-submodule-set-url.sh,
t/t7421-submodule-summary-add.sh, t/t7506-status-submodule.sh,
t/t7507-commit-verbose.sh, t/t7800-difftool.sh,
t/t7814-grep-recurse-submodules.sh, t/t9304-fast-import-marks.sh,
t/t9350-fast-export.sh, t/t1092-sparse-checkout-compatibility.sh,
t/t2080-parallel-checkout-basics.sh, t/t7450-bad-git-dotfiles.sh.
- CVE-2022-39253
* SECURITY UPDATE: Arbitrary heap writes
- debian/patches/CVE-2022-39260-*.patch: limit size of interactive
commands and reject too-long cmdline strings in split cmdline()
in shell.c, t/t9850-shell.sh, alias.c.
- CVE-2022-39260
-- Leonidas Da Silva Barbosa <email address hidden> Thu, 13 Oct 2022 13:36:40 -0300
Available diffs
git (1:2.34.1-1ubuntu1.5) jammy-security; urgency=medium
* SECURITY UPDATE: Unexpected behavior
- debian/patches/CVE-2022-39253-*.patch: disallow --local
clones with symlinks and additionally changed the
protocol.file.allow to be user by default in
builtin/clone.c, transport.c, and modified tests in
t/t5604-clone-reference.sh,
lib-submodule-update.sh, t/t1091-sparse-checkout-builtin.sh,
t/t1500-rev-parse.sh, t/t2400-worktree-add.sh,
t/t2403-worktree-move.sh, t/t2405-worktree-submodule.sh,
t/t3200-branch.sh, t/t3420-rebase-autostash.sh,
t/t3426-rebase-submodule.sh, t/t3512-cherry-pick-submodule.sh,
t/t3600-rm.sh, t/t3906-stash-submodule.sh,
t/t4059-diff-submodule-not-initialized.sh,
t/t4060-diff-submodule-option-diff-format.sh,
t/t4067-diff-partial-clone.sh,
t/t4208-log-magic-pathspec.sh, t/t5510-fetch.sh,
t/t5526-fetch-submodules.sh, t/t5545-push-options.sh,
t/t5572-pull-submodule.sh, t/t5601-clone.sh,
t/t5614-clone-submodules-shallow.sh, t/t5616-partial-clone.sh,
t/t5617-clone-submodules-remote.sh, t/t6008-rev-list-submodule.sh,
t/t6134-pathspec-in-submodule.sh,
t/t7001-mv.sh, t/t7064-wtstatus-pv2.sh,
t/t7300-clean.sh, t/t7400-submodule-basic.sh,
t/t7403-submodule-sync.sh, t/t7406-submodule-update.sh,
t/t7407-submodule-foreach.sh, t/t7408-submodule-reference.sh,
t/t7409-submodule-detached-work-tree.sh, t/t7411-submodule-config.sh,
t/t7413-submodule-is-active.sh, t/t7414-submodule-mistakes.sh,
t/t7415-submodule-names.sh, t/t7416-submodule-dash-url.sh,
t/t7417-submodule-path-url.sh, t/t7418-submodule-sparse-gitmodules.sh,
t/t7419-submodule-set-branch.sh, t/t7420-submodule-set-url.sh,
t/t7421-submodule-summary-add.sh, t/t7506-status-submodule.sh,
t/t7507-commit-verbose.sh, t/t7800-difftool.sh,
t/t7814-grep-recurse-submodules.sh, t/t9304-fast-import-marks.sh,
t/t9350-fast-export.sh, t/t1092-sparse-checkout-compatibility.sh,
t/t2080-parallel-checkout-basics.sh, t/t7450-bad-git-dotfiles.sh.
- CVE-2022-39253
* SECURITY UPDATE: Arbitrary heap writes
- debian/patches/CVE-2022-39260-*.patch: limit size of interactive
commands and reject too-long cmdline strings in split cmdline()
in shell.c, t/t9850-shell.sh, alias.c.
- CVE-2022-39260
-- Leonidas Da Silva Barbosa <email address hidden> Thu, 13 Oct 2022 09:33:36 -0300
Available diffs
| Superseded in lunar-release |
| Obsolete in kinetic-release |
| Deleted in kinetic-proposed (Reason: Moved to kinetic) |
git (1:2.37.2-1ubuntu1) kinetic; urgency=low
* Merge from Debian unstable. Remaining changes:
- Build diff-highlight in the contrib dir
- Don't build-depend on subversion on i386, it is not reasonable to
support on the partial arch.
* Dropped changes, included upstream:
- debian/patches/CVE-2022-29187-1.patch: adds test to
regression git needs safe.directory when using sudo in
t/t0034-root-safe-directory.sh.
- debian/patches/CVE-2022-29187-2.patch: avoid failing dir ownership
checks if running privileged in git-compat-util.h,
t/t0034-root-safe-directory.sh.
- debian/patches/CVE-2022-29187-3.patch: add negative tests
and allow git init to mostly work under sudo in
t/lib-sudo.sh b/t/lib-sudo.sh.
- debian/patches/CVE-2022-29187-4.patch: allow root
to access both SUDO_UID and root owned in git-compat-util.h,
t/t0034-root-safe-directory.sh.
- debian/patches/CVE-2022-29187-6.patch: tighten ownership checks
post CVE-2022-24765 in setup.c.
Available diffs
git (1:2.36.1-1ubuntu2) kinetic; urgency=medium
* SECURITY UPDATE: Potential arbitrary code execution
- debian/patches/CVE-2022-29187-1.patch: adds test to
regression git needs safe.directory when using sudo in
t/t0034-root-safe-directory.sh.
- debian/patches/CVE-2022-29187-2.patch: avoid failing dir ownership
checks if running privileged in git-compat-util.h,
t/t0034-root-safe-directory.sh.
- debian/patches/CVE-2022-29187-3.patch: add negative tests
and allow git init to mostly work under sudo in
t/lib-sudo.sh b/t/lib-sudo.sh.
- debian/patches/CVE-2022-29187-4.patch: allow root
to access both SUDO_UID and root owned in git-compat-util.h,
t/t0034-root-safe-directory.sh.
- debian/patches/CVE-2022-29187-6.patch: tighten ownership checks
post CVE-2022-24765 in setup.c.
- CVE-2022-29187
-- Leonidas Da Silva Barbosa <email address hidden> Thu, 14 Jul 2022 15:05:33 -0300
Available diffs
git (1:2.34.1-1ubuntu1.4) jammy-security; urgency=medium
* SECURITY UPDATE: Potential arbitrary code execution
- debian/patches/CVE-2022-29187-1.patch: adds test to
regression git needs safe.directory when using sudo in
t/t0034-root-safe-directory.sh.
- debian/patches/CVE-2022-29187-2.patch: avoid failing dir ownership
checks if running privileged in git-compat-util.h,
t/t0034-root-safe-directory.sh.
- debian/patches/CVE-2022-29187-3.patch: add negative tests
and allow git init to mostly work under sudo in
t/lib-sudo.sh b/t/lib-sudo.sh.
- debian/patches/CVE-2022-29187-4.patch: allow root
to access both SUDO_UID and root owned in git-compat-util.h,
t/t0034-root-safe-directory.sh.
- debian/patches/CVE-2022-29187-5.patch: add tests for safe.directory
in t/t0033-safe-directory.sh, setup.c.
- debian/patches/CVE-2022-29187-6.patch: tighten ownership checks
post CVE-2022-24765 in setup.c.
- CVE-2022-29187
-- Leonidas Da Silva Barbosa <email address hidden> Tue, 05 Jul 2022 10:11:29 -0300
Available diffs
git (1:2.32.0-1ubuntu1.3) impish-security; urgency=medium
* SECURITY UPDATE: Potential arbitrary code execution
- debian/patches/CVE-2022-29187-1.patch: adds test to
regression git needs safe.directory when using sudo in
t/t0034-root-safe-directory.sh.
- debian/patches/CVE-2022-29187-2.patch: avoid failing dir ownership
checks if running privileged in git-compat-util.h,
t/t0034-root-safe-directory.sh.
- debian/patches/CVE-2022-29187-3.patch: add negative tests
and allow git init to mostly work under sudo in
t/lib-sudo.sh b/t/lib-sudo.sh.
- debian/patches/CVE-2022-29187-4.patch: allow root
to access both SUDO_UID and root owned in git-compat-util.h,
t/t0034-root-safe-directory.sh.
- debian/patches/CVE-2022-29187-5.patch: add tests for safe.directory
in t/t0033-safe-directory.sh, setup.c.
- debian/patches/CVE-2022-29187-6.patch: tighten ownership checks
post CVE-2022-24765 in setup.c.
- CVE-2022-29187
-- Leonidas Da Silva Barbosa <email address hidden> Tue, 05 Jul 2022 11:17:07 -0300
Available diffs
git (1:2.25.1-1ubuntu3.5) focal-security; urgency=medium
* SECURITY UPDATE: Potential arbitrary code execution
- debian/patches/CVE-2022-29187-1.patch: adds test to
regression git needs safe.directory when using sudo in
t/t0034-root-safe-directory.sh.
- debian/patches/CVE-2022-29187-2.patch: avoid failing dir ownership
checks if running privileged in git-compat-util.h,
t/t0034-root-safe-directory.sh.
- debian/patches/CVE-2022-29187-3.patch: add negative tests
and allow git init to mostly work under sudo in
t/lib-sudo.sh b/t/lib-sudo.sh.
- debian/patches/CVE-2022-29187-4.patch: allow root
to access both SUDO_UID and root owned in git-compat-util.h,
t/t0034-root-safe-directory.sh.
- debian/patches/CVE-2022-29187-5.patch: add tests for safe.directory
in t/t0033-safe-directory.sh, setup.c.
- debian/patches/CVE-2022-29187-6.patch: tighten ownership checks
post CVE-2022-24765 in setup.c.
- CVE-2022-29187
-- Leonidas Da Silva Barbosa <email address hidden> Tue, 05 Jul 2022 12:13:30 -0300
Available diffs
git (1:2.17.1-1ubuntu0.12) bionic-security; urgency=medium
* SECURITY UPDATE: Potential arbitrary code execution
- debian/patches/CVE-2022-29187-1.patch: adds test to
regression git needs safe.directory when using sudo in
t/t0034-root-safe-directory.sh.
- debian/patches/CVE-2022-29187-2.patch: avoid failing dir ownership
checks if running privileged in git-compat-util.h,
t/t0034-root-safe-directory.sh.
- debian/patches/CVE-2022-29187-3.patch: add negative tests
and allow git init to mostly work under sudo in
t/lib-sudo.sh b/t/lib-sudo.sh.
- debian/patches/CVE-2022-29187-4.patch: allow root
to access both SUDO_UID and root owned in git-compat-util.h,
t/t0034-root-safe-directory.sh.
- debian/patches/CVE-2022-29187-5.patch: add tests for safe.directory
in t/t0033-safe-directory.sh, setup.c.
- debian/patches/CVE-2022-29187-6.patch: tighten ownership checks
post CVE-2022-24765 in setup.c.
- CVE-2022-29187
-- Leonidas Da Silva Barbosa <email address hidden> Tue, 05 Jul 2022 12:47:55 -0300
Available diffs
git (1:2.36.1-1ubuntu1) kinetic; urgency=low
* Merge from Debian unstable. Remaining changes:
- Build diff-highlight in the contrib dir
- Don't build-depend on subversion on i386, it is not reasonable to
support on the partial arch.
Available diffs
| Superseded in kinetic-proposed |
git (1:2.34.1-1ubuntu1.3) kinetic; urgency=medium * Rebuild against new libicu71. -- Gianfranco Costamagna <email address hidden> Mon, 23 May 2022 12:07:45 +0200
Available diffs
git (1:2.32.0-1ubuntu1.2) impish-security; urgency=medium
* SECURITY REGRESSION: Previous update was incomplete causing regressions
and not correctly fixing the issue.
- debian/patches/CVE-2022-24765-5.patch: fix safe.directory
key not being checked in setup.c.
- debian/patches/CVE-2022-24765-6.patch:
opt-out of check with safe.directory=* in setup.c. (LP: #1970260)
-- Leonidas Da Silva Barbosa <email address hidden> Mon, 25 Apr 2022 20:20:02 -0300
Available diffs
git (1:2.34.1-1ubuntu1.2) jammy; urgency=medium
* SECURITY REGRESSION: Previous update was incomplete causing regressions
and not correctly fixing the issue.
- debian/patches/CVE-2022-24765-5.patch: fix safe.directory
key not being checked in setup.c.
- debian/patches/CVE-2022-24765-6.patch:
opt-out of check with safe.directory=* in setup.c. (LP: #1970260)
-- Leonidas Da Silva Barbosa <email address hidden> Mon, 25 Apr 2022 20:14:03 -0300
Available diffs
git (1:2.17.1-1ubuntu0.11) bionic-security; urgency=medium
* SECURITY REGRESSION: Previous update was incomplete causing regressions
and not correctly fixing the issue.
- debian/patches/CVE-2022-24765-5.patch: fix safe.directory
key not being checked in setup.c.
- debian/patches/CVE-2022-24765-6.patch:
opt-out of check with safe.directory=* in setup.c. (LP: #1970260)
-- Leonidas Da Silva Barbosa <email address hidden> Mon, 25 Apr 2022 20:28:52 -0300
Available diffs
git (1:2.25.1-1ubuntu3.4) focal-security; urgency=medium
* SECURITY REGRESSION: Previous update was incomplete causing regressions
and not correctly fixing the issue.
- debian/patches/CVE-2022-24765-5.patch: fix safe.directory
key not being checked in setup.c.
- debian/patches/CVE-2022-24765-6.patch:
opt-out of check with safe.directory=* in setup.c. (LP: #1970260)
-- Leonidas Da Silva Barbosa <email address hidden> Mon, 25 Apr 2022 20:21:34 -0300
Available diffs
| Superseded in kinetic-proposed |
| Superseded in kinetic-proposed |
| Superseded in jammy-updates |
| Superseded in jammy-security |
git (1:2.34.1-1ubuntu1.1) jammy-security; urgency=medium
* SECURITY UPDATE: Run commands in diff users
- debian/patches/CVE-2022-24765-*.patch: fix GIT_CEILING_DIRECTORIES; add
an owner check for the top-level-directory; add a function to
determine whether a path is owned by the current user in patch.c,
t/t0060-path-utils.sh, setup.c, compat/mingw.c, compat/mingw.h,
git-compat-util.h.
- CVE-2022-24765
-- Leonidas Da Silva Barbosa <email address hidden> Fri, 08 Apr 2022 08:43:25 -0300
Available diffs
git (1:2.17.1-1ubuntu0.10) bionic-security; urgency=medium
* SECURITY UPDATE: Run commands in diff users
- debian/patches/CVE-2022-24765-*.patch: fix GIT_CEILING_DIRECTORIES; add
an owner check for the top-level-directory; add a function to
determine whether a path is owned by the current user in patch.c,
t/t0060-path-utils.sh, setup.c, compat/mingw.c, compat/mingw.h,
git-compat-util.hi, config.c, config.h.
- CVE-2022-24765
-- Leonidas Da Silva Barbosa <email address hidden> Fri, 08 Apr 2022 10:49:20 -0300
Available diffs
git (1:2.25.1-1ubuntu3.3) focal-security; urgency=medium
* SECURITY UPDATE: Run commands in diff users
- debian/patches/CVE-2022-24765-*.patch: fix GIT_CEILING_DIRECTORIES; add
an owner check for the top-level-directory; add a function to
determine whether a path is owned by the current user in patch.c,
t/t0060-path-utils.sh, setup.c, compat/mingw.c, compat/mingw.h,
git-compat-util.h.
- CVE-2022-24765
-- Leonidas Da Silva Barbosa <email address hidden> Fri, 08 Apr 2022 09:57:16 -0300
Available diffs
git (1:2.32.0-1ubuntu1.1) impish-security; urgency=medium
* SECURITY UPDATE: Run commands in diff users
- debian/patches/CVE-2022-24765-*.patch: fix GIT_CEILING_DIRECTORIES; add
an owner check for the top-level-directory; add a function to
determine whether a path is owned by the current user in patch.c,
t/t0060-path-utils.sh, setup.c, compat/mingw.c, compat/mingw.h,
git-compat-util.h.
- CVE-2022-24765
-- Leonidas Da Silva Barbosa <email address hidden> Fri, 08 Apr 2022 09:38:33 -0300
Available diffs
| Superseded in kinetic-release |
| Published in jammy-release |
| Deleted in jammy-proposed (Reason: Moved to jammy) |
git (1:2.34.1-1ubuntu1) jammy; urgency=low
* Merge from Debian unstable. Remaining changes:
- Build diff-highlight in the contrib dir
- Don't build-depend on subversion on i386, it is not reasonable to
support on the partial arch.
Available diffs
git (1:2.33.1-1ubuntu1) jammy; urgency=low
[ Ubuntu Merge-o-Matic ]
* Merge from Debian unstable. Remaining changes:
- Build diff-highlight in the contrib dir
- Don't build-depend on subversion on i386, it is not reasonable to
support on the partial arch.
Available diffs
git (1:2.25.1-1ubuntu3.2) focal-security; urgency=medium
* SECURITY UPDATE: cross-protocol request via newline character in repo path
- debian/patches/CVE-2021-40330.patch: forbid newline in git:// hosts and
repo paths
- CVE-2021-40330
-- Spyros Seimenis <email address hidden> Thu, 09 Sep 2021 14:42:33 +0300
Available diffs
git (1:2.17.1-1ubuntu0.9) bionic-security; urgency=medium
* SECURITY UPDATE: cross-protocol request via newline character in repo path
- debian/patches/CVE-2021-40330.patch: forbid newline in git:// hosts and
repo paths
- CVE-2021-40330
-- Spyros Seimenis <email address hidden> Thu, 09 Sep 2021 18:03:10 +0300
Available diffs
| Superseded in jammy-release |
| Obsolete in impish-release |
| Deleted in impish-proposed (Reason: Moved to impish) |
git (1:2.32.0-1ubuntu1) impish; urgency=medium
* Merge with Debian; remaining changes:
- Build diff-highlight in the contrib dir
- Don't build-depend on subversion on i386, it is not reasonable to
support on the partial arch.
Available diffs
git (1:2.31.1-1ubuntu1) impish; urgency=medium
* Merge with Debian; remaining changes:
- Build diff-highlight in the contrib dir
- Don't build-depend on subversion on i386, it is not reasonable to
support on the partial arch.
Available diffs
| Superseded in impish-release |
| Obsolete in hirsute-release |
| Deleted in hirsute-proposed (Reason: Moved to hirsute) |
git (1:2.30.2-1ubuntu1) hirsute; urgency=medium
* Merge with Debian; remaining changes:
- Build diff-highlight in the contrib dir
- Don't build-depend on subversion on i386, it is not reasonable to
support on the partial arch.
Available diffs
git (1:2.25.1-1ubuntu3.1) focal-security; urgency=medium
* SECURITY UPDATE: remote code exec during clone on case-insensitive FS
- debian/patches/CVE-2021-21300.patch: fix bug that makes checkout
follow symlinks in leading path in cache.h, compat/mingw.c,
git-compat-util.h, run-command.c, symlinks.c, t/t0021-conversion.sh,
t/t0021/rot13-filter.pl, t/t2006-checkout-index-basic.sh,
unpack-trees.c.
- CVE-2021-21300
-- Marc Deslauriers <email address hidden> Thu, 04 Mar 2021 08:01:28 -0500
Available diffs
git (1:2.17.1-1ubuntu0.8) bionic-security; urgency=medium
* SECURITY UPDATE: remote code exec during clone on case-insensitive FS
- debian/patches/CVE-2021-21300.patch: fix bug that makes checkout
follow symlinks in leading path in cache.h, compat/mingw.c,
git-compat-util.h, run-command.c, symlinks.c, t/t0021-conversion.sh,
t/t0021/rot13-filter.pl, t/t2006-checkout-index-basic.sh,
unpack-trees.c.
- CVE-2021-21300
-- Marc Deslauriers <email address hidden> Thu, 04 Mar 2021 08:02:54 -0500
Available diffs
git (1:2.27.0-1ubuntu1.1) groovy-security; urgency=medium
* SECURITY UPDATE: remote code exec during clone on case-insensitive FS
- debian/patches/CVE-2021-21300.patch: fix bug that makes checkout
follow symlinks in leading path in cache.h, compat/mingw.c,
git-compat-util.h, run-command.c, symlinks.c, t/t0021-conversion.sh,
t/t0021/rot13-filter.pl, t/t2006-checkout-index-basic.sh,
unpack-trees.c.
- CVE-2021-21300
-- Marc Deslauriers <email address hidden> Thu, 04 Mar 2021 07:55:16 -0500
Available diffs
git (1:2.7.4-0ubuntu1.10) xenial-security; urgency=medium
* SECURITY UPDATE: remote code exec during clone on case-insensitive FS
- debian/patches/CVE-2021-21300.patch: fix bug that makes checkout
follow symlinks in leading path in cache.h, compat/mingw.c,
git-compat-util.h, run-command.c, symlinks.c, t/t0021-conversion.sh,
t/t2006-checkout-index-basic.sh, unpack-trees.c.
- CVE-2021-21300
-- Marc Deslauriers <email address hidden> Thu, 04 Mar 2021 08:04:31 -0500
Available diffs
git (1:2.30.1-1ubuntu1) hirsute; urgency=medium
* Merge with Debian; remaining changes:
- Build diff-highlight in the contrib dir
- Don't build-depend on subversion on i386, it is not reasonable to
support on the partial arch.
Available diffs
git (1:2.30.0-1ubuntu1) hirsute; urgency=low
* Merge from Debian unstable. Remaining changes:
- Build diff-highlight in the contrib dir
- Don't build-depend on subversion on i386, it is not reasonable to
support on the partial arch.
Available diffs
git (1:2.29.2-1ubuntu1) hirsute; urgency=low
* Merge from Debian unstable. Remaining changes:
- Build diff-highlight in the contrib dir (closes: #868871, LP: #1713690)
- Don't build-depend on subversion on i386, it is not reasonable to
support on the partial arch.
Available diffs
git (1:2.28.0-1ubuntu1) hirsute; urgency=low
* Merge from Debian unstable. Remaining changes:
- Build diff-highlight in the contrib dir (closes: #868871, LP: #1713690)
- Don't build-depend on subversion on i386, it is not reasonable to
support on the partial arch.
Available diffs
- diff from 1:2.27.0-1ubuntu1 to 1:2.28.0-1ubuntu1 (677.2 KiB)
| Superseded in hirsute-release |
| Obsolete in groovy-release |
| Deleted in groovy-proposed (Reason: moved to Release) |
git (1:2.27.0-1ubuntu1) groovy; urgency=low
* Merge from Debian unstable. Remaining changes:
- Build diff-highlight in the contrib dir (closes: #868871, LP: #1713690)
- Don't build-depend on subversion on i386, it is not reasonable to
support on the partial arch.
Available diffs
git (1:2.27.0~rc0-1ubuntu1) groovy; urgency=low
* Merge from Debian unstable. Remaining changes:
- Build diff-highlight in the contrib dir (closes: #868871, LP: #1713690)
- Don't build-depend on subversion on i386, it is not reasonable to
support on the partial arch.
* Drop security update patches, included upstream.
Available diffs
git (1:2.7.4-0ubuntu1.9) xenial-security; urgency=medium
* SECURITY UPDATE: credential helper issue with missing host or scheme
- debian/patches/CVE-2020-11008-1.patch: make "quit" helper more
realistic in t/t0300-credentials.sh.
- debian/patches/CVE-2020-11008-2.patch: use more realistic inputs in
t/t0300-credentials.sh.
- debian/patches/CVE-2020-11008-3.patch: parse URL without host as
empty host, not unset in credential.c, http.c,
t/t0300-credentials.sh.
- debian/patches/CVE-2020-11008-4.patch: refuse to operate when missing
host or protocol in credential.c, t/t0300-credentials.sh.
- debian/patches/CVE-2020-11008-5.patch: convert gitmodules url to URL
passed to curl in fsck.c, t/t7416-submodule-dash-url.sh.
- debian/patches/CVE-2020-11008-6.patch: die() when parsing invalid
urls in credential.c, t/t0300-credentials.sh.
- debian/patches/CVE-2020-11008-7.patch: treat URL without scheme as
invalid in credential.c, fsck.c, t/t7416-submodule-dash-url.sh.
- debian/patches/CVE-2020-11008-8.patch: treat URL with empty scheme as
invalid in credential.c, t/t5550-http-fetch-dumb.sh,
t/t7416-submodule-dash-url.sh.
- debian/patches/CVE-2020-11008-9.patch: reject URL with empty host in
.gitmodules in fsck.c, t/t7416-submodule-dash-url.sh.
- CVE-2020-11008
-- Marc Deslauriers <email address hidden> Mon, 20 Apr 2020 12:24:43 -0400
Available diffs
git (1:2.17.1-1ubuntu0.7) bionic-security; urgency=medium
* SECURITY UPDATE: credential helper issue with missing host or scheme
- debian/patches/CVE-2020-11008-1.patch: make "quit" helper more
realistic in t/t0300-credentials.sh.
- debian/patches/CVE-2020-11008-2.patch: use more realistic inputs in
t/t0300-credentials.sh.
- debian/patches/CVE-2020-11008-3.patch: parse URL without host as
empty host, not unset in credential.c, http.c,
t/t0300-credentials.sh.
- debian/patches/CVE-2020-11008-4.patch: refuse to operate when missing
host or protocol in credential.c, t/t0300-credentials.sh.
- debian/patches/CVE-2020-11008-5.patch: convert gitmodules url to URL
passed to curl in fsck.c, t/t7416-submodule-dash-url.sh.
- debian/patches/CVE-2020-11008-6.patch: die() when parsing invalid
urls in credential.c, t/t0300-credentials.sh.
- debian/patches/CVE-2020-11008-7.patch: treat URL without scheme as
invalid in credential.c, fsck.c, t/t5550-http-fetch-dumb.sh,
t/t7416-submodule-dash-url.sh.
- debian/patches/CVE-2020-11008-8.patch: treat URL with empty scheme as
invalid in credential.c, t/t5550-http-fetch-dumb.sh,
t/t7416-submodule-dash-url.sh.
- debian/patches/CVE-2020-11008-9.patch: reject URL with empty host in
.gitmodules in fsck.c, t/t7416-submodule-dash-url.sh.
- CVE-2020-11008
-- Marc Deslauriers <email address hidden> Mon, 20 Apr 2020 12:20:37 -0400
Available diffs
| Superseded in groovy-release |
| Published in focal-release |
| Deleted in focal-proposed (Reason: moved to Release) |
git (1:2.25.1-1ubuntu3) focal; urgency=medium
* SECURITY UPDATE: credential helper issue with missing host or scheme
- debian/patches/CVE-2020-11008-1.patch: make "quit" helper more
realistic in t/t0300-credentials.sh.
- debian/patches/CVE-2020-11008-2.patch: use more realistic inputs in
t/t0300-credentials.sh.
- debian/patches/CVE-2020-11008-3.patch: parse URL without host as
empty host, not unset in credential.c, http.c,
t/t0300-credentials.sh.
- debian/patches/CVE-2020-11008-4.patch: refuse to operate when missing
host or protocol in credential.c, t/t0300-credentials.sh.
- debian/patches/CVE-2020-11008-5.patch: convert gitmodules url to URL
passed to curl in fsck.c, t/t7416-submodule-dash-url.sh.
- debian/patches/CVE-2020-11008-6.patch: die() when parsing invalid
urls in credential.c, t/t0300-credentials.sh.
- debian/patches/CVE-2020-11008-7.patch: treat URL without scheme as
invalid in credential.c, fsck.c, t/t5550-http-fetch-dumb.sh,
t/t7416-submodule-dash-url.sh.
- debian/patches/CVE-2020-11008-8.patch: treat URL with empty scheme as
invalid in credential.c, t/t5550-http-fetch-dumb.sh,
t/t7416-submodule-dash-url.sh.
- debian/patches/CVE-2020-11008-9.patch: reject URL with empty host in
.gitmodules in fsck.c, t/t7416-submodule-dash-url.sh.
- CVE-2020-11008
-- Marc Deslauriers <email address hidden> Mon, 20 Apr 2020 11:50:03 -0400
Available diffs
git (1:2.20.1-2ubuntu1.19.10.3) eoan-security; urgency=medium
* SECURITY UPDATE: credential helper issue with missing host or scheme
- debian/patches/CVE-2020-11008-1.patch: make "quit" helper more
realistic in t/t0300-credentials.sh.
- debian/patches/CVE-2020-11008-2.patch: use more realistic inputs in
t/t0300-credentials.sh.
- debian/patches/CVE-2020-11008-3.patch: parse URL without host as
empty host, not unset in credential.c, http.c,
t/t0300-credentials.sh.
- debian/patches/CVE-2020-11008-4.patch: refuse to operate when missing
host or protocol in credential.c, t/t0300-credentials.sh.
- debian/patches/CVE-2020-11008-5.patch: convert gitmodules url to URL
passed to curl in fsck.c, t/t7416-submodule-dash-url.sh.
- debian/patches/CVE-2020-11008-6.patch: die() when parsing invalid
urls in credential.c, t/t0300-credentials.sh.
- debian/patches/CVE-2020-11008-7.patch: treat URL without scheme as
invalid in credential.c, fsck.c, t/t5550-http-fetch-dumb.sh,
t/t7416-submodule-dash-url.sh.
- debian/patches/CVE-2020-11008-8.patch: treat URL with empty scheme as
invalid in credential.c, t/t5550-http-fetch-dumb.sh,
t/t7416-submodule-dash-url.sh.
- debian/patches/CVE-2020-11008-9.patch: reject URL with empty host in
.gitmodules in fsck.c, t/t7416-submodule-dash-url.sh.
- CVE-2020-11008
-- Marc Deslauriers <email address hidden> Mon, 20 Apr 2020 12:18:11 -0400
git (1:2.25.1-1ubuntu2) focal; urgency=medium
* SECURITY UPDATE: credential helper issue with newlines in URL
- debian/patches/CVE-2020-5260-1.patch: avoid writing values with
newlines in credential.c, t/t0300-credentials.sh.
- debian/patches/CVE-2020-5260-2.patch: use test_i18ncmp to check
stderr in t/lib-credential.sh.
- debian/patches/CVE-2020-5260-3.patch: detect unrepresentable values
when parsing urls in credential.c, credential.h,
t/t0300-credentials.sh.
- debian/patches/CVE-2020-5260-4.patch: detect gitmodules URLs with
embedded newlines in fsck.c, t/t7416-submodule-dash-url.sh.
- CVE-2020-5260
-- Marc Deslauriers <email address hidden> Tue, 14 Apr 2020 08:31:47 -0400
Available diffs
git (1:2.7.4-0ubuntu1.8) xenial-security; urgency=medium
* SECURITY UPDATE: credential helper issue with newlines in URL
- debian/patches/CVE-2020-5260-1.patch: avoid writing values with
newlines in credential.c, t/t0300-credentials.sh.
- debian/patches/CVE-2020-5260-2.patch: use test_i18ncmp to check
stderr in t/lib-credential.sh.
- debian/patches/CVE-2020-5260-3.patch: detect unrepresentable values
when parsing urls in credential.c, credential.h,
t/t0300-credentials.sh.
- debian/patches/CVE-2020-5260-4.patch: detect gitmodules URLs with
embedded newlines in fsck.c, t/t7416-submodule-dash-url.sh.
- CVE-2020-5260
-- Marc Deslauriers <email address hidden> Fri, 10 Apr 2020 12:37:56 -0400
Available diffs
git (1:2.20.1-2ubuntu1.19.10.2) eoan-security; urgency=medium
* SECURITY UPDATE: credential helper issue with newlines in URL
- debian/patches/CVE-2020-5260-1.patch: avoid writing values with
newlines in credential.c, t/t0300-credentials.sh.
- debian/patches/CVE-2020-5260-2.patch: use test_i18ncmp to check
stderr in t/lib-credential.sh.
- debian/patches/CVE-2020-5260-3.patch: detect unrepresentable values
when parsing urls in credential.c, credential.h,
t/t0300-credentials.sh.
- debian/patches/CVE-2020-5260-4.patch: detect gitmodules URLs with
embedded newlines in fsck.c, t/t7416-submodule-dash-url.sh.
- CVE-2020-5260
-- Marc Deslauriers <email address hidden> Fri, 10 Apr 2020 11:53:25 -0400
Available diffs
git (1:2.17.1-1ubuntu0.6) bionic-security; urgency=medium
* SECURITY UPDATE: credential helper issue with newlines in URL
- debian/patches/CVE-2020-5260-1.patch: avoid writing values with
newlines in credential.c, t/t0300-credentials.sh.
- debian/patches/CVE-2020-5260-2.patch: use test_i18ncmp to check
stderr in t/lib-credential.sh.
- debian/patches/CVE-2020-5260-3.patch: detect unrepresentable values
when parsing urls in credential.c, credential.h,
t/t0300-credentials.sh.
- debian/patches/CVE-2020-5260-4.patch: detect gitmodules URLs with
embedded newlines in fsck.c, t/t7416-submodule-dash-url.sh.
- CVE-2020-5260
-- Marc Deslauriers <email address hidden> Fri, 10 Apr 2020 11:59:06 -0400
Available diffs
| 1 → 75 of 216 results | First • Previous • Next • Last |
