Format: 1.8 Date: Fri, 01 Jun 2018 23:44:15 -0700 Source: git Binary: git git-man git-core git-doc git-arch git-cvs git-svn git-mediawiki git-email git-daemon-run git-daemon-sysvinit git-gui gitk git-el gitweb git-all Architecture: powerpc powerpc_translations Version: 1:2.7.4-0ubuntu1.4 Distribution: xenial Urgency: medium Maintainer: Launchpad Build Daemon Changed-By: Steve Beattie Description: git - fast, scalable, distributed revision control system git-all - fast, scalable, distributed revision control system (all subpacka git-arch - fast, scalable, distributed revision control system (arch interop git-core - fast, scalable, distributed revision control system (obsolete) git-cvs - fast, scalable, distributed revision control system (cvs interope git-daemon-run - fast, scalable, distributed revision control system (git-daemon s git-daemon-sysvinit - fast, scalable, distributed revision control system (git-daemon s git-doc - fast, scalable, distributed revision control system (documentatio git-el - fast, scalable, distributed revision control system (emacs suppor git-email - fast, scalable, distributed revision control system (email add-on git-gui - fast, scalable, distributed revision control system (GUI) git-man - fast, scalable, distributed revision control system (manual pages git-mediawiki - fast, scalable, distributed revision control system (MediaWiki in git-svn - fast, scalable, distributed revision control system (svn interope gitk - fast, scalable, distributed revision control system (revision tre gitweb - fast, scalable, distributed revision control system (web interfac Launchpad-Bugs-Fixed: 1774061 Changes: git (1:2.7.4-0ubuntu1.4) xenial-security; urgency=medium . * SECURITY UPDATE: arbitrary code execution via submodule names in .gitsubmodules. - 0014-fsck-simplify-.git-check.patch - 0015-fsck-actually-fsck-blob-data.patch - 0016-fsck-detect-gitmodules-files.patch - 0017-fsck-check-.gitmodules-content.patch - 0018-fsck-call-fsck_finish-after-fscking-objects.patch - 0019-unpack-objects-call-fsck_finish-after-fscking-object.patch - 0020-index-pack-check-.gitmodules-files-with-strict.patch - CVE-2018-11235 (LP: #1774061) * SECURITY UPDATE: out-of-bounds memory access when sanity-checking pathnames on NTFS - 0002-is_ntfs_dotgit-use-a-size_t-for-traversing-string.patch - CVE-2018-11233 * Do not allow .gitmodules to be a symlink: - 0003-is_hfs_dotgit-match-other-.git-files.patch - 0004-is_ntfs_dotgit-match-other-.git-files.patch - 0005-is_-hfs-ntfs-_dotgitmodules-add-tests.patch - 0006-skip_prefix-add-case-insensitive-variant.patch - 0007-verify_path-drop-clever-fallthrough.patch - 0008-verify_dotfile-mention-case-insensitivity-in-comment.patch - 0009-update-index-stat-updated-files-earlier.patch - 0010-verify_path-disallow-symlinks-in-.gitmodules.patch - 0011-sha1_file-add-read_loose_object-function.patch - 0012-fsck-parse-loose-object-paths-directly.patch - 0013-index-pack-make-fsck-error-message-more-specific.patch - 0021-fsck-complain-when-.gitmodules-is-a-symlink.patch * debian/rules: ensure added tests are executable. Checksums-Sha1: 4fc0e1025a025929a75f1978bc22da5f02656998 2530020 git_2.7.4-0ubuntu1.4_powerpc.deb 1661ca581c2f2da5771942940bc16f65c6ac7db6 2175038 git_2.7.4-0ubuntu1.4_powerpc_translations.tar.gz Checksums-Sha256: 0ce146503e3b78b1fd051ba697ac0d8abfd2a21c8a288f9ea9db61b12081b926 2530020 git_2.7.4-0ubuntu1.4_powerpc.deb 0d32111a41a5a5edbe98d1f0eef6bf3f83abd0da35fd8e1377a1d8eaa20d88e3 2175038 git_2.7.4-0ubuntu1.4_powerpc_translations.tar.gz Files: 03f287681e2182f7805c3a8a7da461be 2530020 vcs optional git_2.7.4-0ubuntu1.4_powerpc.deb c6d3839062148a8ab2560b2186ccd9fd 2175038 raw-translations - git_2.7.4-0ubuntu1.4_powerpc_translations.tar.gz Original-Maintainer: Gerrit Pape