Ubuntu
git package

git 1:1.9.1-1ubuntu0.8 source package in Ubuntu

Changelog

git (1:1.9.1-1ubuntu0.8) trusty-security; urgency=medium

  * SECURITY UPDATE: arbitrary code execution via
    submodule names in .gitsubmodules.
    - 0005-submodule-config-verify-submodule-names-as-paths.patch
    - 0018-fsck-simplify-.git-check.patch
    - 0020-fsck-actually-fsck-blob-data.patch
    - 0025-fsck-detect-gitmodules-files.patch
    - 0026-fsck-check-.gitmodules-content.patch
    - 0027-fsck-call-fsck_finish-after-fscking-objects.patch
    - 0028-unpack-objects-call-fsck_finish-after-fscking-objects.patch
    - 0029-index-pack-check-.gitmodules-files-with-strict.patch
    - CVE-2018-11235 (LP: #1774061)
  * SECURITY UPDATE: out-of-bounds memory access when sanity-checking
    pathnames on NTFS
    - 0006-is_ntfs_dotgit-use-a-size_t-for-traversing-string.patch
    - CVE-2018-11233
  * Do not allow .gitmodules to be a symlink:
  * debian/rules: ensure added tests are executable.
    - 0001-apply-reject-input-that-touches-outside-the-working-a.patch
    - 0002-apply-do-not-read-from-the-filesystem-under-index.patch
    - 0003-apply-do-not-read-from-beyond-a-symbolic-link.patch
    - 0004-apply-do-not-touch-a-file-beyond-a-symbolic-link.patch
    - 0007-is_hfs_dotgit-match-other-.git-files.patch
    - 0008-is_ntfs_dotgit-match-other-.git-files.patch
    - 0009-skip_prefix-add-case-insensitive-variant.patch
    - 0010-verify_path-drop-clever-fallthrough.patch
    - 0011-verify_dotfile-mention-case-insensitivity-in-comment.patch
    - 0012-update-index-stat-updated-files-earlier.patch
    - 0013-verify_path-disallow-symlinks-in-.gitmodules.patch
    - 0014-sha1_file-add-read_loose_object-function.patch
    - 0015-fsck-drop-inode-sorting-code.patch
    - 0016-fsck-parse-loose-object-paths-directly.patch
    - 0017-index-pack-make-fsck-error-message-more-specific.patch
    - 0019-fsck_object-allow-passing-object-data-separately-from.patch
    - 0021-add-a-hashtable-implementation-that-supports-O-1-rem.patch
    - 0022-hashmap.h-use-unsigned-int-for-hash-codes-everywhere.patch
    - 0023-hashmap-factor-out-getting-a-hash-code-from-a-SHA1.patch
    - 0024-hashmap-add-simplified-hashmap_get_from_hash-API.patch
    - 0030-fsck-complain-when-.gitmodules-is-a-symlink.patch
  * move patches from debian/diff to quilt debian/patch/, to avoid
    conflicts and overlooking already added patches
  * Thanks to Jonathan Nieder <email address hidden> of Debian for
    backporting to 2.1.x.

 -- Steve Beattie <email address hidden>  Mon, 04 Jun 2018 10:56:07 -0700

Upload details

Uploaded by:
Steve Beattie
Uploaded to:
Trusty
Original maintainer:
Ubuntu Developers
Architectures:
any all
Section:
vcs
Urgency:
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section

Downloads

File Size SHA-256 Checksum
git_1.9.1.orig.tar.xz 3.2 MiB f962fbce8c049f94ece1d1845cba1528c13ff82de7cc8d23cddb3d0c93c3a77b
git_1.9.1-1ubuntu0.8.debian.tar.gz 666.1 KiB 32e0d02732ff5436b175b6e3f833462d85ee8c51c2431b4c385a81e90659a5b2
git_1.9.1-1ubuntu0.8.dsc 2.7 KiB 1b79a1ced2022c3e37302afa9f3615b81b00007f87b37278e8c7b3e1a3fbd331

View changes file

Binary packages built by this source

git: fast, scalable, distributed revision control system

 Git is popular version control system designed to handle very large
 projects with speed and efficiency; it is used for many high profile
 open source projects, most notably the Linux kernel.
 .
 Git falls in the category of distributed source code management tools.
 Every Git working directory is a full-fledged repository with full
 revision tracking capabilities, not dependent on network access or a
 central server.
 .
 This package provides the git main components with minimal dependencies.
 Additional functionality, e.g. a graphical user interface and revision
 tree visualizer, tools for interoperating with other VCS's, or a web
 interface, is provided as separate git* packages.

git-all: fast, scalable, distributed revision control system (all subpackages)

 Git is popular version control system designed to handle very large
 projects with speed and efficiency; it is used for many high profile
 open source projects, most notably the Linux kernel.
 .
 Git falls in the category of distributed source code management tools.
 Every Git working directory is a full-fledged repository with full
 revision tracking capabilities, not dependent on network access or a
 central server.
 .
 This is a dummy package which brings in all subpackages.

git-arch: fast, scalable, distributed revision control system (arch interoperability)

 Git is popular version control system designed to handle very large
 projects with speed and efficiency; it is used for many high profile
 open source projects, most notably the Linux kernel.
 .
 Git falls in the category of distributed source code management tools.
 Every Git working directory is a full-fledged repository with full
 revision tracking capabilities, not dependent on network access or a
 central server.
 .
 This package provides tools for importing development history from arch
 repositories.

git-bzr: fast, scalable, distributed revision control system (bzr interoperability)

 Git is a popular version control system designed to handle very large
 projects with speed and efficiency; it is used for many high profile
 open source projects, most notably the Linux kernel.
 .
 Git falls in the category of distributed source code management tools.
 Every Git working directory is a full-fledged repository with full
 revision tracking capabilities, not dependent on network access or a
 central server.
 .
 This package provides the bzr remote helper, which allows Git to
 read from and write to Bazaar repositories as though they were remote
 Git repositories.

git-core: fast, scalable, distributed revision control system (obsolete)

 Git is popular version control system designed to handle very large
 projects with speed and efficiency; it is used for many high profile
 open source projects, most notably the Linux kernel.
 .
 Git falls in the category of distributed source code management tools.
 Every Git working directory is a full-fledged repository with full
 revision tracking capabilities, not dependent on network access or a
 central server.
 .
 This is a transitional dummy package. The 'git-core' package has been
 renamed to 'git', which has been installed automatically. This
 git-core package is now obsolete, and can safely be removed from the
 system if no other package depends on it.

git-cvs: fast, scalable, distributed revision control system (cvs interoperability)

 Git is popular version control system designed to handle very large
 projects with speed and efficiency; it is used for many high profile
 open source projects, most notably the Linux kernel.
 .
 Git falls in the category of distributed source code management tools.
 Every Git working directory is a full-fledged repository with full
 revision tracking capabilities, not dependent on network access or a
 central server.
 .
 This package provides the git cvsimport, cvsexportcommit, and cvsserver
 tools, which allow Git to read from and write to CVS repositories and
 offer access over CVS protocol to Git repositories.
 .
 The git cvsimport tool can incrementally import from a repository that
 is being actively developed and only requires remote access over CVS
 protocol. Unfortunately, in many situations the import leads to
 incorrect results. For reliable, one-shot imports, cvs2git from the
 cvs2svn package or parsecvs may be a better fit.

git-daemon-run: fast, scalable, distributed revision control system (git-daemon service)

 Git is popular version control system designed to handle very large
 projects with speed and efficiency; it is used for many high profile
 open source projects, most notably the Linux kernel.
 .
 Git falls in the category of distributed source code management tools.
 Every Git working directory is a full-fledged repository with full
 revision tracking capabilities, not dependent on network access or a
 central server.
 .
 git-daemon, as provided by the git package, is a simple server for git
 repositories, ideally suited for read-only updates, i.e. pulling from git
 repositories through the network. This package provides a runit service
 for running git-daemon permanently.

git-daemon-sysvinit: fast, scalable, distributed revision control system (git-daemon service)

 Git is popular version control system designed to handle very large
 projects with speed and efficiency; it is used for many high profile
 open source projects, most notably the Linux kernel.
 .
 Git falls in the category of distributed source code management tools.
 Every Git working directory is a full-fledged repository with full
 revision tracking capabilities, not dependent on network access or a
 central server.
 .
 git-daemon, as provided by the git package, is a simple server for git
 repositories, ideally suited for read-only updates, i.e. pulling from git
 repositories through the network. This package provides a sysvinit service
 for running git-daemon permanently.

git-doc: fast, scalable, distributed revision control system (documentation)

 Git is popular version control system designed to handle very large
 projects with speed and efficiency; it is used for many high profile
 open source projects, most notably the Linux kernel.
 .
 Git falls in the category of distributed source code management tools.
 Every Git working directory is a full-fledged repository with full
 revision tracking capabilities, not dependent on network access or a
 central server.
 .
 This package provides the documentation.

git-el: fast, scalable, distributed revision control system (emacs support)

 Git is popular version control system designed to handle very large
 projects with speed and efficiency; it is used for many high profile
 open source projects, most notably the Linux kernel.
 .
 Git falls in the category of distributed source code management tools.
 Every Git working directory is a full-fledged repository with full
 revision tracking capabilities, not dependent on network access or a
 central server.
 .
 This package provides two modules for integration with Emacs:
 .
  * git.el:
 .
    Status manager that displays the state of all the files of the
    project and provides easy access to the most frequently used git
    commands. The user interface is intended to be similar to the
    pcl-cvs mode. It can be started with `M-x git-status'.
 .
  * git-blame.el:
 .
    Emacs implementation of incremental "git blame". When you turn it
    on while viewing a file, the editor buffer will be updated by
    setting the background of individual lines to a color that reflects
    which commit it comes from.
 .
 This package does not contain the VC-mode backend for git. That is
 part of standard Emacs distributions, starting with version 22.2.
 .
 For a more polished Emacs interface for Git, see the magit package.

git-email: fast, scalable, distributed revision control system (email add-on)

 Git is popular version control system designed to handle very large
 projects with speed and efficiency; it is used for many high profile
 open source projects, most notably the Linux kernel.
 .
 Git falls in the category of distributed source code management tools.
 Every Git working directory is a full-fledged repository with full
 revision tracking capabilities, not dependent on network access or a
 central server.
 .
 This package provides the git-send-email program for sending series of
 patch emails.

git-gui: fast, scalable, distributed revision control system (GUI)

 Git is popular version control system designed to handle very large
 projects with speed and efficiency; it is used for many high profile
 open source projects, most notably the Linux kernel.
 .
 Git falls in the category of distributed source code management tools.
 Every Git working directory is a full-fledged repository with full
 revision tracking capabilities, not dependent on network access or a
 central server.
 .
 This package provides the git graphical user interface.
 .
 If aspell is installed, it can check the spelling of commit messages
 as the user types.

git-man: fast, scalable, distributed revision control system (manual pages)

 Git is popular version control system designed to handle very large
 projects with speed and efficiency; it is used for many high profile
 open source projects, most notably the Linux kernel.
 .
 Git falls in the category of distributed source code management tools.
 Every Git working directory is a full-fledged repository with full
 revision tracking capabilities, not dependent on network access or a
 central server.
 .
 This package provides reference documentation for use by the 'man'
 utility and the 'git help' command.

git-mediawiki: fast, scalable, distributed revision control system (MediaWiki interoperability)

 Git is popular version control system designed to handle very large
 projects with speed and efficiency; it is used for many high profile
 open source projects, most notably the Linux kernel.
 .
 Git falls in the category of distributed source code management tools.
 Every Git working directory is a full-fledged repository with full
 revision tracking capabilities, not dependent on network access or a
 central server.
 .
 This package provides the mediawiki remote helper, which allows Git to
 read from and write to a wiki such as Wikipedia as though it were a
 remote Git repository, and a 'git mw' command that can show a preview
 of how wiki markup will be rendered before pushing.

git-svn: fast, scalable, distributed revision control system (svn interoperability)

 Git is popular version control system designed to handle very large
 projects with speed and efficiency; it is used for many high profile
 open source projects, most notably the Linux kernel.
 .
 Git falls in the category of distributed source code management tools.
 Every Git working directory is a full-fledged repository with full
 revision tracking capabilities, not dependent on network access or a
 central server.
 .
 This package provides tools for interoperating with Subversion repositories,
 and importing SVN development history.

gitk: fast, scalable, distributed revision control system (revision tree visualizer)

 Git is popular version control system designed to handle very large
 projects with speed and efficiency; it is used for many high profile
 open source projects, most notably the Linux kernel.
 .
 Git falls in the category of distributed source code management tools.
 Every Git working directory is a full-fledged repository with full
 revision tracking capabilities, not dependent on network access or a
 central server.
 .
 This package provides the gitk program, a tcl/tk revision tree visualizer.

gitweb: fast, scalable, distributed revision control system (web interface)

 Git is popular version control system designed to handle very large
 projects with speed and efficiency; it is used for many high profile
 open source projects, most notably the Linux kernel.
 .
 Git falls in the category of distributed source code management tools.
 Every Git working directory is a full-fledged repository with full
 revision tracking capabilities, not dependent on network access or a
 central server.
 .
 This package configures a web interface for browsing git repositories.
 .
 If apache2 is installed, the web interface is automatically made
 available at http://localhost/gitweb. Other servers that support CGI
 or mod_perl are supported through manual configuration.
 .
 If libcgi-fast-perl is installed, gitweb can also be run over FastCGI
 (and served by nginx, for example).