git 1:2.37.2-1ubuntu1.1 source package in Ubuntu
Changelog
git (1:2.37.2-1ubuntu1.1) kinetic-security; urgency=medium
* SECURITY UPDATE: Unexpected behavior
- debian/patches/CVE-2022-39253-*.patch: disallow --local
clones with symlinks and additionally changed the
protocol.file.allow to be user by default in
builtin/clone.c, transport.c, and modified tests in
t/t5604-clone-reference.sh,
lib-submodule-update.sh, t/t1091-sparse-checkout-builtin.sh,
t/t1500-rev-parse.sh, t/t2400-worktree-add.sh,
t/t2403-worktree-move.sh, t/t2405-worktree-submodule.sh,
t/t3200-branch.sh, t/t3420-rebase-autostash.sh,
t/t3426-rebase-submodule.sh, t/t3512-cherry-pick-submodule.sh,
t/t3600-rm.sh, t/t3906-stash-submodule.sh,
t/t4059-diff-submodule-not-initialized.sh,
t/t4060-diff-submodule-option-diff-format.sh,
t/t4067-diff-partial-clone.sh,
t/t4208-log-magic-pathspec.sh, t/t5510-fetch.sh,
t/t5526-fetch-submodules.sh, t/t5545-push-options.sh,
t/t5572-pull-submodule.sh, t/t5601-clone.sh,
t/t5614-clone-submodules-shallow.sh, t/t5616-partial-clone.sh,
t/t5617-clone-submodules-remote.sh, t/t6008-rev-list-submodule.sh,
t/t6134-pathspec-in-submodule.sh,
t/t7001-mv.sh, t/t7064-wtstatus-pv2.sh,
t/t7300-clean.sh, t/t7400-submodule-basic.sh,
t/t7403-submodule-sync.sh, t/t7406-submodule-update.sh,
t/t7407-submodule-foreach.sh, t/t7408-submodule-reference.sh,
t/t7409-submodule-detached-work-tree.sh, t/t7411-submodule-config.sh,
t/t7413-submodule-is-active.sh, t/t7414-submodule-mistakes.sh,
t/t7415-submodule-names.sh, t/t7416-submodule-dash-url.sh,
t/t7417-submodule-path-url.sh, t/t7418-submodule-sparse-gitmodules.sh,
t/t7419-submodule-set-branch.sh, t/t7420-submodule-set-url.sh,
t/t7421-submodule-summary-add.sh, t/t7506-status-submodule.sh,
t/t7507-commit-verbose.sh, t/t7800-difftool.sh,
t/t7814-grep-recurse-submodules.sh, t/t9304-fast-import-marks.sh,
t/t9350-fast-export.sh, t/t1092-sparse-checkout-compatibility.sh,
t/t2080-parallel-checkout-basics.sh, t/t7450-bad-git-dotfiles.sh.
- CVE-2022-39253
* SECURITY UPDATE: Arbitrary heap writes
- debian/patches/CVE-2022-39260-*.patch: limit size of interactive
commands and reject too-long cmdline strings in split cmdline()
in shell.c, t/t9850-shell.sh, alias.c.
- CVE-2022-39260
-- Leonidas Da Silva Barbosa <email address hidden> Mon, 14 Nov 2022 16:44:48 -0300
Upload details
- Uploaded by:
- Leonidas S. Barbosa
- Uploaded to:
- Kinetic
- Original maintainer:
- Ubuntu Developers
- Architectures:
- any all
- Section:
- vcs
- Urgency:
- Medium Urgency
See full publishing history Publishing
| Series | Published | Component | Section |
|---|
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| git_2.37.2.orig.tar.xz | 6.7 MiB | 1c3d9c821c4538e7a6dac30a4af8bd8dcfe4f651f95474c526b52f83406db003 |
| git_2.37.2-1ubuntu1.1.debian.tar.xz | 723.9 KiB | 704acb5895c5245140e147a3267214f57fc844868bdfce659e821c49ca2cea14 |
| git_2.37.2-1ubuntu1.1.dsc | 2.9 KiB | da530dd9d2acf8130c2701ccb29bd85988ae14d71c2407131e2596866c0cba99 |
Available diffs
Binary packages built by this source
- git: No summary available for git in ubuntu kinetic.
No description available for git in ubuntu kinetic.
- git-all: No summary available for git-all in ubuntu kinetic.
No description available for git-all in ubuntu kinetic.
- git-cvs: No summary available for git-cvs in ubuntu kinetic.
No description available for git-cvs in ubuntu kinetic.
- git-daemon-run: No summary available for git-daemon-run in ubuntu kinetic.
No description available for git-daemon-run in ubuntu kinetic.
- git-daemon-sysvinit: No summary available for git-daemon-sysvinit in ubuntu kinetic.
No description available for git-daemon-sysvinit in ubuntu kinetic.
- git-dbgsym: No summary available for git-dbgsym in ubuntu kinetic.
No description available for git-dbgsym in ubuntu kinetic.
- git-doc: No summary available for git-doc in ubuntu kinetic.
No description available for git-doc in ubuntu kinetic.
- git-email: No summary available for git-email in ubuntu kinetic.
No description available for git-email in ubuntu kinetic.
- git-gui: No summary available for git-gui in ubuntu kinetic.
No description available for git-gui in ubuntu kinetic.
- git-man: No summary available for git-man in ubuntu kinetic.
No description available for git-man in ubuntu kinetic.
- git-mediawiki: No summary available for git-mediawiki in ubuntu kinetic.
No description available for git-mediawiki in ubuntu kinetic.
- git-svn: No summary available for git-svn in ubuntu kinetic.
No description available for git-svn in ubuntu kinetic.
- gitk: No summary available for gitk in ubuntu kinetic.
No description available for gitk in ubuntu kinetic.
- gitweb: No summary available for gitweb in ubuntu kinetic.
No description available for gitweb in ubuntu kinetic.
