Accepting request 613093 from devel:tools:scm
git 2.17.1 (CVE-2018-11235, bsc#1095219) (CVE-2018-11233, bsc#1095218) OBS-URL: https://build.opensuse.org/request/show/613093 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/git?expand=0&rev=220
This commit is contained in:
parent
f7bc847ca0
commit
0a9fed604d
Binary file not shown.
@ -1,3 +0,0 @@
|
|||||||
version https://git-lfs.github.com/spec/v1
|
|
||||||
oid sha256:e916e5e95e81dbeafa7aac5d719c01108b5c814eb90b746695afa1afedf955c7
|
|
||||||
size 5011556
|
|
BIN
git-2.17.1.tar.sign
Normal file
BIN
git-2.17.1.tar.sign
Normal file
Binary file not shown.
3
git-2.17.1.tar.xz
Normal file
3
git-2.17.1.tar.xz
Normal file
@ -0,0 +1,3 @@
|
|||||||
|
version https://git-lfs.github.com/spec/v1
|
||||||
|
oid sha256:79136e7aa83abae4d8a25c8111f113d3c5a63aeb5fd93cc72c26d49c6d5ba65e
|
||||||
|
size 5015484
|
18
git.changes
18
git.changes
@ -1,3 +1,21 @@
|
|||||||
|
-------------------------------------------------------------------
|
||||||
|
Tue May 29 23:11:45 UTC 2018 - avindra@opensuse.org
|
||||||
|
|
||||||
|
- git 2.17.1
|
||||||
|
* Submodule "names" come from the untrusted .gitmodules file, but
|
||||||
|
we blindly append them to $GIT_DIR/modules to create our on-disk
|
||||||
|
repo paths. This means you can do bad things by putting "../"
|
||||||
|
into the name. We now enforce some rules for submodule names
|
||||||
|
which will cause Git to ignore these malicious names
|
||||||
|
(CVE-2018-11235, bsc#1095219)
|
||||||
|
* It was possible to trick the code that sanity-checks paths on
|
||||||
|
NTFS into reading random piece of memory
|
||||||
|
(CVE-2018-11233, bsc#1095218)
|
||||||
|
* Support on the server side to reject pushes to repositories
|
||||||
|
that attempt to create such problematic .gitmodules file etc.
|
||||||
|
as tracked contents, to help hosting sites protect their
|
||||||
|
customers by preventing malicious contents from spreading.
|
||||||
|
|
||||||
-------------------------------------------------------------------
|
-------------------------------------------------------------------
|
||||||
Thu May 24 12:05:33 UTC 2018 - tchvatal@suse.com
|
Thu May 24 12:05:33 UTC 2018 - tchvatal@suse.com
|
||||||
|
|
||||||
|
2
git.spec
2
git.spec
@ -35,7 +35,7 @@
|
|||||||
%bcond_without docs
|
%bcond_without docs
|
||||||
|
|
||||||
Name: git
|
Name: git
|
||||||
Version: 2.17.0
|
Version: 2.17.1
|
||||||
Release: 0
|
Release: 0
|
||||||
Summary: Fast, scalable, distributed revision control system
|
Summary: Fast, scalable, distributed revision control system
|
||||||
License: GPL-2.0-only
|
License: GPL-2.0-only
|
||||||
|
Loading…
Reference in New Issue
Block a user