git 1:2.26.1-1 source package in Debian
Changelog
git (1:2.26.1-1) unstable; urgency=high
* new upstream point release (see RelNotes/2.26.1.txt).
* Addresses the security issue CVE-2020-5260.
With a crafted URL that contains a newline, the credential
helper machinery can be fooled to supply credential information
for the wrong host. The attack has been made impossible by
forbidding a newline character in any value passed via the
credential protocol.
Thanks to Felix Wilhelm of Google Project Zero for finding
this vulnerability and Jeff King for fixing it.
-- Jonathan Nieder <email address hidden> Tue, 14 Apr 2020 10:29:38 -0700
Upload details
- Uploaded by:
- Jonathan Nieder
- Uploaded to:
- Sid
- Original maintainer:
- Jonathan Nieder
- Architectures:
- any all
- Section:
- vcs
- Urgency:
- Very Urgent
See full publishing history Publishing
| Series | Published | Component | Section |
|---|
Builds
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| git_2.26.1-1.dsc | 2.8 KiB | 15f08a650808a188e996302aabc9668d906498919b02508110f6343e581a0d7e |
| git_2.26.1.orig.tar.xz | 5.7 MiB | 888228408f254634330234df3cece734d190ef6381063821f31ec020538f0368 |
| git_2.26.1-1.debian.tar.xz | 631.0 KiB | 986608f95e65f719a429ada5954f6fa6ca90d8243f6dbdefeade2d8411033d3d |
No changes file available.
