diff --git a/CVE-2024-24577.patch b/CVE-2024-24577.patch new file mode 100644 index 0000000..ea3ff2b --- /dev/null +++ b/CVE-2024-24577.patch @@ -0,0 +1,20 @@ +Index: b/read-cache.c +=================================================================== +--- a/read-cache.c ++++ b/read-cache.c +@@ -1158,10 +1158,13 @@ static int has_dir_name(struct index_sta + size_t len; + + for (;;) { +- if (*--slash == '/') +- break; ++ slash--; ++ + if (slash <= ce->name) + return retval; ++ ++ if (*slash == '/') ++ break; + } + len = slash - name; + diff --git a/git-2.45.1.tar.sign b/git-2.45.1.tar.sign deleted file mode 100644 index efdb7d4..0000000 Binary files a/git-2.45.1.tar.sign and /dev/null differ diff --git a/git-2.45.1.tar.xz b/git-2.45.1.tar.xz deleted file mode 100644 index 7596e5b..0000000 --- a/git-2.45.1.tar.xz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:e64d340a8e627ae22cfb8bcc651cca0b497cf1e9fdf523735544ff4a732f12bf -size 7490268 diff --git a/git-2.46.0.tar.sign b/git-2.46.0.tar.sign new file mode 100644 index 0000000..297e5db Binary files /dev/null and b/git-2.46.0.tar.sign differ diff --git a/git-2.46.0.tar.xz b/git-2.46.0.tar.xz new file mode 100644 index 0000000..c54d122 --- /dev/null +++ b/git-2.46.0.tar.xz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:7f123462a28b7ca3ebe2607485f7168554c2b10dfc155c7ec46300666ac27f95 +size 7577180 diff --git a/git.changes b/git.changes index ebbaf16..0bb526b 100644 --- a/git.changes +++ b/git.changes @@ -1,3 +1,373 @@ +------------------------------------------------------------------- +Wed Aug 28 08:33:45 UTC 2024 - Georg Pfuetzenreuter + +- Change less requirement to path to allow for use with BusyBox + +------------------------------------------------------------------- +Tue Jul 30 00:07:55 UTC 2024 - Marcus Rueckert + +- update to 2.46.0 + UI, Workflows & Features + * The "--rfc" option of "git format-patch" learned to take an + optional string value to be used in place of "RFC" to tweak the + "[PATCH]" on the subject header. + * The credential helper protocol, together with the HTTP layer, have + been enhanced to support authentication schemes different from + username & password pair, like Bearer and NTLM. + * Command line completion script (in contrib/) learned to complete + "git symbolic-ref" a bit better (you need to enable plumbing + commands to be completed with GIT_COMPLETION_SHOW_ALL_COMMANDS). + * When the user responds to a prompt given by "git add -p" with an + unsupported command, list of available commands were given, which + was too much if the user knew what they wanted to type but merely + made a typo. Now the user gets a much shorter error message. + * The color parsing code learned to handle 12-bit RGB colors, spelled + as "#RGB" (in addition to "#RRGGBB" that is already supported). + * The operation mode options (like "--get") the "git config" command + uses have been deprecated and replaced with subcommands (like "git + config get"). + * "git tag" learned the "--trailer" option to futz with the trailers + in the same way as "git commit" does. + * A new global "--no-advice" option can be used to disable all advice + messages, which is meant to be used only in scripts. + * Updates to symbolic refs can now be made as a part of ref + transaction. + * The trailer API has been reshuffled a bit. + * Terminology to call various ref-like things are getting + straightened out. + * The command line completion script (in contrib/) has been adjusted + to the recent update to "git config" that adopted subcommand based + UI. + * The knobs to tweak how reftable files are written have been made + available as configuration variables. + * When "git push" notices that the commit at the tip of the ref on + the other side it is about to overwrite does not exist locally, it + used to first try fetching it if the local repository is a partial + clone. The command has been taught not to do so and immediately + fail instead. + * The promisor.quiet configuration knob can be set to true to make + lazy fetching from promisor remotes silent. + * The inter/range-diff output has been moved to the end of the patch + when format-patch adds it to a single patch, instead of writing it + before the patch text, to be consistent with what is done for a + cover letter for a multi-patch series. + * A new command has been added to migrate a repository that uses the + files backend for its ref storage to use the reftable backend, with + limitations. + * "git diff --exit-code --ext-diff" learned to take the exit status + of the external diff driver into account when deciding the exit + status of the overall "git diff" invocation when configured to do + so. + * "git update-ref --stdin" learned to handle transactional updates of + symbolic-refs. + * "git format-patch --interdiff" for multi-patch series learned to + turn on cover letters automatically (unless told never to enable + cover letter with "--no-cover-letter" and such). + * The "--heads" option of "ls-remote" and "show-ref" has been been + deprecated; "--branches" replaces "--heads". + * For over a year, setting add.interactive.useBuiltin configuration + variable did nothing but giving a "this does not do anything" + warning. The warning has been removed. + * The http transport can now be told to send request with + authentication material without first getting a 401 response. + * A handful of entries are added to the GitFAQ document. + * "git var GIT_SHELL_PATH" should report the path to the shell used + to spawn external commands, but it didn't do so on Windows, which + has been corrected. + Performance, Internal Implementation, Development Support etc. + * Advertise "git contacts", a tool for newcomers to find people to + ask review for their patches, a bit more in our developer + documentation. + * In addition to building the objects needed, try to link the objects + that are used in fuzzer tests, to make sure at least they build + without bitrot, in Linux CI runs. + * Code to write out reftable has seen some optimization and + simplification. + * Tests to ensure interoperability between reftable written by jgit + and our code have been added and enabled in CI. + * The singleton index_state instance "the_index" has been eliminated + by always instantiating "the_repository" and replacing references + to "the_index" with references to its .index member. + * Git-GUI has a new maintainer, Johannes Sixt. + * The "test-tool" has been taught to run testsuite tests in parallel, + bypassing the need to use the "prove" tool. + * The "whitespace check" task that was enabled for GitHub Actions CI + has been ported to GitLab CI. + * The refs API lost functions that implicitly assumes to work on the + primary ref_store by forcing the callers to pass a ref_store as an + argument. + * Code clean-up to reduce inter-function communication inside + builtin/config.c done via the use of global variables. + * The pack bitmap code saw some clean-up to prepare for a follow-up topic. + * Preliminary code clean-up for "git send-email". + * The default "creation-factor" used by "git format-patch" has been + raised to make it more aggressively find matching commits. + * Before discovering the repository details, We used to assume SHA-1 + as the "default" hash function, which has been corrected. Hopefully + this will smoke out codepaths that rely on such an unwarranted + assumptions. + * The project decision making policy has been documented. + * The strcmp-offset tests have been rewritten using the unit test + framework. + * "git add -p" learned to complain when an answer with more than one + letter is given to a prompt that expects a single letter answer. + * The alias-expanded command lines are logged to the trace output. + * A new test was added to ensure git commands that are designed to + run outside repositories do work. + * A few tests in reftable library have been rewritten using the + unit test framework. + * A pair of test helpers that essentially are unit tests on hash + algorithms have been rewritten using the unit-tests framework. + * A test helper that essentially is unit tests on the "decorate" + logic has been rewritten using the unit-tests framework. + * Many memory leaks in the sparse-checkout code paths have been + plugged. + * "make check-docs" noticed problems and reported to its output but + failed to signal its findings with its exit status, which has been + corrected. + * Building with "-Werror -Wwrite-strings" is now supported. + * To help developers, the build procedure now allows builders to use + CFLAGS_APPEND to specify additional CFLAGS. + * "oidtree" tests were rewritten to use the unit test framework. + * The structure of the document that records longer-term project + decisions to deprecate/remove/update various behaviour has been + outlined. + * The pseudo-merge reachability bitmap to help more efficient storage + of the reachability bitmap in a repository with too many refs has + been added. + * When "git merge" sees that the index cannot be refreshed (e.g. due + to another process doing the same in the background), it died but + after writing MERGE_HEAD etc. files, which was useless for the + purpose to recover from the failure. + * The output from "git cat-file --batch-check" and "--batch-command + (info)" should not be unbuffered, for which some tests have been + added. + * A CPP macro USE_THE_REPOSITORY_VARIABLE is introduced to help + transition the codebase to rely less on the availability of the + singleton the_repository instance. + * "git version --build-options" reports the version information of + OpenSSL and other libraries (if used) in the build. + * Memory ownership rules for the in-core representation of + remote.*.url configuration values have been straightened out, which + resulted in a few leak fixes and code clarification. + * When bundleURI interface fetches multiple bundles, Git failed to + take full advantage of all bundles and ended up slurping duplicated + objects, which has been corrected. + * The code to deal with modified paths that are out-of-cone in a + sparsely checked out working tree has been optimized. + * An existing test of oidmap API has been rewritten with the + unit-test framework. + * The "ort" merge backend saw one bugfix for a crash that happens + when inner merge gets killed, and assorted code clean-ups. + * A new warning message is issued when a command has to expand a + sparse index to handle working tree cruft that are outside of the + sparse checkout. + * The test framework learned to take the test body not as a single + string but as a here-document. + * "git push '' HEAD:there" used to hit a BUG(); it has been corrected + to die with "fatal: bad repository ''". + * What happens when http.cookieFile gets the special value "" has + been clarified in the documentation. + Fixes + * "git rebase --signoff" used to forget that it needs to add a + sign-off to the resulting commit when told to continue after a + conflict stops its operation. + * The procedure to build multi-pack-index got confused by the + replace-refs mechanism, which has been corrected by disabling the + latter. + * The "-k" and "--rfc" options of "format-patch" will now error out + when used together, as one tells us not to add anything to the + title of the commit, and the other one tells us to add "RFC" in + addition to "PATCH". + * "git stash -S" did not handle binary files correctly, which has + been corrected. + * A scheduled "git maintenance" job is expected to work on all + repositories it knows about, but it stopped at the first one that + errored out. Now it keeps going. + * zsh can pretend to be a normal shell pretty well except for some + glitches that we tickle in some of our scripts. Work them around + so that "vimdiff" and our test suite works well enough with it. + * Command line completion support for zsh (in contrib/) has been + updated to stop exposing internal state to end-user shell + interaction. + * Tests that try to corrupt in-repository files in chunked format did + not work well on macOS due to its broken "mv", which has been + worked around. + * The maximum size of attribute files is enforced more consistently. + * Unbreak CI jobs so that we do not attempt to use Python 2 that has + been removed from the platform. + * Git 2.43 started using the tree of HEAD as the source of attributes + in a bare repository, which has severe performance implications. + For now, revert the change, without ripping out a more explicit + support for the attr.tree configuration variable. + * The "--exit-code" option of "git diff" command learned to work with + the "--ext-diff" option. + * Windows CI running in GitHub Actions started complaining about the + order of arguments given to calloc(); the imported regex code uses + the wrong order almost consistently, which has been corrected. + * Expose "name conflict" error when a ref creation fails due to D/F + conflict in the ref namespace, to improve an error message given by + "git fetch". + (merge 9339fca23e it/refs-name-conflict later to maint). + * The SubmittingPatches document now refers folks to manpages + translation project. + * The documentation for "git diff --name-only" has been clarified + that it is about showing the names in the post-image tree. + * The credential helper that talks with osx keychain learned to avoid + storing back the authentication material it just got received from + the keychain. + (merge e1ab45b2da kn/osxkeychain-skip-idempotent-store later to maint). + * The chainlint script (invoked during "make test") did nothing when + it failed to detect the number of available CPUs. It now falls + back to 1 CPU to avoid the problem. + * Revert overly aggressive "layered defence" that went into 2.45.1 + and friends, which broke "git-lfs", "git-annex", and other use + cases, so that we can rebuild necessary counterparts in the open. + * "git init" in an already created directory, when the user + configuration has includeif.onbranch, started to fail recently, + which has been corrected. + * Memory leaks in "git mv" has been plugged. + * The safe.directory configuration knob has been updated to + optionally allow leading path matches. + * An overly large ".gitignore" files are now rejected silently. + * Upon expiration event, the credential subsystem forgot to clear + in-core authentication material other than password (whose support + was added recently), which has been corrected. + * Fix for an embarrassing typo that prevented Python2 tests from running + anywhere. + * Varargs functions that are unannotated as printf-like or execl-like + have been annotated as such. + * "git am" has a safety feature to prevent it from starting a new + session when there already is a session going. It reliably + triggers when a mbox is given on the command line, but it has to + rely on the tty-ness of the standard input. Add an explicit way to + opt out of this safety with a command line option. + (merge 62c71ace44 jk/am-retry later to maint). + * A leak in "git imap-send" that somehow escapes LSan has been + plugged. + * Setting core.abbrev too early before the repository set-up + (typically in "git clone") caused segfault, which as been + corrected. + * When the user adds to "git rebase -i" instruction to "pick" a merge + commit, the error experience is not pleasant. Such an error is now + caught earlier in the process that parses the todo list. + * We forgot to normalize the result of getcwd() to NFC on macOS where + all other paths are normalized, which has been corrected. This still + does not address the case where core.precomposeUnicode configuration + is not defined globally. + * Earlier we stopped using the tree of HEAD as the default source of + attributes in a bare repository, but failed to document it. This + has been corrected. + * "git update-server-info" and "git commit-graph --write" have been + updated to use the tempfile API to avoid leaving cruft after + failing. + * An unused extern declaration for mingw has been removed to prevent + it from causing build failure. + * A helper function shared between two tests had a copy-paste bug, + which has been corrected. + * "git fetch-pack -k -k" without passing "--lock-pack" (which we + never do ourselves) did not work at all, which has been corrected. + * CI job to build minimum fuzzers learned to pass NO_CURL=NoThanks to + the build procedure, as its build environment does not offer, or + the rest of the build needs, anything cURL. + (merge 4e66b5a990 jc/fuzz-sans-curl later to maint). + * "git diff --no-ext-diff" when diff.external is configured ignored + the "--color-moved" option. + (merge 0f4b0d4cf0 rs/diff-color-moved-w-no-ext-diff-fix later to maint). + * "git archive --add-virtual-file=:" never paid + attention to the --prefix= option but the documentation + said it would. The documentation has been corrected. + (merge 72c282098d jc/archive-prefix-with-add-virtual-file later to maint). + * When GIT_PAGER failed to spawn, depending on the code path taken, + we failed immediately (correct) or just spew the payload to the + standard output (incorrect). The code now always fail immediately + when GIT_PAGER fails. + (merge 78f0a5d187 rj/pager-die-upon-exec-failure later to maint). + * date parser updates to be more careful about underflowing epoch + based timestamp. + (merge 9d69789770 db/date-underflow-fix later to maint). + * The Bloom filter used for path limited history traversal was broken + on systems whose "char" is unsigned; update the implementation and + bump the format version to 2. + (merge 9c8a9ec787 tb/path-filter-fix later to maint). + * Typofix. + (merge 231cf7370e as/pathspec-h-typofix later to maint). + * Code clean-up. + (merge 4b837f821e rs/simplify-submodule-helper-super-prefix-invocation later to maint). + * "git describe --dirty --broken" forgot to refresh the index before + seeing if there is any chang, ("git describe --dirty" correctly did + so), which has been corrected. + (merge b8ae42e292 as/describe-broken-refresh-index-fix later to maint). + * Test suite has been taught not to unnecessarily rely on DNS failing + a bogus external name. + (merge 407cdbd271 jk/tests-without-dns later to maint). + * GitWeb update to use committer date consistently in rss/atom feeds. + (merge cf6ead095b am/gitweb-feed-use-committer-date later to maint). + * Custom control structures we invented more recently have been + taught to the clang-format file. + (merge 1457dff9be rs/clang-format-updates later to maint). + * Developer build procedure fix. + (merge df32729866 tb/dev-build-pedantic-fix later to maint). + * "git push" that pushes only deletion gave an unnecessary and + harmless error message when push negotiation is configured, which + has been corrected. + (merge 4d8ee0317f jc/disable-push-nego-for-deletion later to maint). + * Address-looking strings found on the trailer are now placed on the + Cc: list after running through sanitize_address by "git send-email". + (merge c852531f45 cb/send-email-sanitize-trailer-addresses later to maint). + * Tests that use GIT_TEST_SANITIZE_LEAK_LOG feature got their exit + status inverted, which has been corrected. + (merge 8c1d6691bc rj/test-sanitize-leak-log-fix later to maint). + * The http.cookieFile and http.saveCookies configuration variables + have a few values that need to be avoided, which are now ignored + with warning messages. + (merge 4f5822076f jc/http-cookiefile later to maint). + * Repacking a repository with multi-pack index started making stupid + pack selections in Git 2.45, which has been corrected. + (merge 8fb6d11fad ds/midx-write-repack-fix later to maint). + * Fix documentation mark-up regression in 2.45. + (merge 6474da0aa4 ja/doc-markup-updates-fix later to maint). + * Work around asciidoctor's css that renders `monospace` material + in the SYNOPSIS section of manual pages as block elements. + (merge d44ce6ddd5 js/doc-markup-updates-fix later to maint). + * Other code cleanup, docfix, build fix, etc. + (merge 493fdae046 ew/object-convert-leakfix later to maint). + (merge 00f3661a0a ss/doc-eol-attr-fix later to maint). + (merge 428c40da61 ri/doc-show-branch-fix later to maint). + (merge 58696bfcaa jc/where-is-bash-for-ci later to maint). + (merge 616e94ca24 tb/doc-max-tree-depth-fix later to maint). + +------------------------------------------------------------------- +Thu Jul 18 17:38:04 UTC 2024 - Antonio Teixeira + +- Add CVE-2024-24577.patch + * CVE-2024-24577: arbitrary code execution due to heap corruption + in git_index_add (boo#1219660) + +------------------------------------------------------------------- +Fri May 31 22:57:33 UTC 2024 - Matej Cepl + +- Compat stub for %python3_fix_shebang_path + +------------------------------------------------------------------- +Fri May 31 22:42:57 UTC 2024 - Marcus Rueckert + +- only call the %python3_fix_shebang_path if it is actually + defined. This fixes the build on 15.x + +------------------------------------------------------------------- +Fri May 31 21:04:34 UTC 2024 - Andreas Stieger + +- update to 2.45.2: + * Revert "defense in depth" fixes from 2.45.1 broke 'git lfs' and + 'git annex' + +------------------------------------------------------------------- +Mon May 27 10:12:52 UTC 2024 - Matej Cepl + +- remove dependency on /usr/bin/python3 using + %python3_fix_shebang_path macro, [bsc#1212476] + ------------------------------------------------------------------- Tue May 14 22:38:09 UTC 2024 - Andreas Stieger diff --git a/git.spec b/git.spec index 046a4c7..ee9fc6a 100644 --- a/git.spec +++ b/git.spec @@ -28,6 +28,13 @@ %if ! %{defined _fillupdir} %define _fillupdir %{_localstatedir}/adm/fillup-templates %endif +# Compat stub for python3_fix_shebang_path +%{?!python3_fix_shebang_path:%define python3_fix_shebang_path(+abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789_-=) \\\ + myargs="%{**}" \ + for f in ${myargs}; do \ + [ -f "$f" ] && sed -i -e "1s@#\\!.*python.*@#\\!$(realpath %__python3)@" $f \ + done + } %bcond_without git_libsecret %bcond_without docs %if 0%{?suse_version} >= 1500 && %{with docs} @@ -36,7 +43,7 @@ %bcond_with asciidoctor %endif Name: git -Version: 2.45.1 +Version: 2.46.0 Release: 0 Summary: Fast, scalable, distributed revision control system License: GPL-2.0-only @@ -61,6 +68,8 @@ Patch4: git-prevent_xss-default.diff Patch6: git-tcsh-completion-fixes.diff Patch8: git-asciidoc.patch Patch10: setup-don-t-fail-if-commondir-reference-is-deleted.patch +# PATCH-FIX-OPENSUSE CVE-2024-24577.patch boo#1219660 antonio.teixeira@suse.com +Patch11: CVE-2024-24577.patch BuildRequires: fdupes BuildRequires: gpg2 BuildRequires: libcurl-devel @@ -70,6 +79,8 @@ BuildRequires: pcre2-devel BuildRequires: perl-Error BuildRequires: perl-MailTools BuildRequires: pkgconfig +# for the %%python3_fix_shebang_path macro +BuildRequires: python-rpm-macros BuildRequires: python3-base BuildRequires: systemd-rpm-macros BuildRequires: tcsh @@ -118,7 +129,7 @@ CVS, and GNU arch. %package core Summary: Core git tools Group: Development/Tools/Version Control -Requires: less +Requires: /usr/bin/less Obsoletes: git-remote-helpers < %{version} %if 0%{?suse_version} >= 1550 || 0%{?sle_version} >= 150300 Recommends: openssh-clients @@ -443,6 +454,12 @@ install -m 0644 %{SOURCE11} %{buildroot}%{_sysusersdir}/ %find_lang %{name} cat %{name}.lang >>bin-man-doc-files + +%if %{defined python3_fix_shebang_path} +# fix shebang for git-p4 (and possibly others) +%python3_fix_shebang_path %{buildroot}%{gitexecdir}/* +%endif + # use symlinks instead of hardlinks in sub-commands %fdupes -s %{buildroot}