diff --git a/git-2.35.1.tar.sign b/git-2.35.1.tar.sign deleted file mode 100644 index 4462578..0000000 Binary files a/git-2.35.1.tar.sign and /dev/null differ diff --git a/git-2.35.1.tar.xz b/git-2.35.1.tar.xz deleted file mode 100644 index 63593a4..0000000 --- a/git-2.35.1.tar.xz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:d768528e6443f65a203036266f1ca50f9d127ba89751e32ead37117ed9191080 -size 6874520 diff --git a/git-2.35.3.tar.sign b/git-2.35.3.tar.sign new file mode 100644 index 0000000..4d19159 Binary files /dev/null and b/git-2.35.3.tar.sign differ diff --git a/git-2.35.3.tar.xz b/git-2.35.3.tar.xz new file mode 100644 index 0000000..0cb719e --- /dev/null +++ b/git-2.35.3.tar.xz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:15e9db4f9bf2ed9fff30cb62a00c5c7c0901015f5ab048cdb4e8b04ddee00fa2 +size 6876328 diff --git a/git-daemon.service b/git-daemon.service index e8f257b..1ba6f96 100644 --- a/git-daemon.service +++ b/git-daemon.service @@ -1,5 +1,5 @@ [Unit] -Description=Start Git Daemon +Description=Git Daemon [Service] # added automatically, for details please see diff --git a/git.changes b/git.changes index 6828172..5edb1c7 100644 --- a/git.changes +++ b/git.changes @@ -1,3 +1,28 @@ +------------------------------------------------------------------- +Thu Apr 14 06:01:19 UTC 2022 - Andreas Stieger + +- git 2.35.3: + * usability fix-up for CVE-2022-24765 bsc#1198234: + '*' can be used as the value for the `safe.directory` variable + to signal that the user considers that any directory is safe. + * The code that was meant to parse the new `safe.directory` + configuration variable was not checking what configuration + variable was being fed to it + +------------------------------------------------------------------- +Wed Apr 13 13:13:13 UTC 2022 - olaf@aepfle.de + +- Require bash in git-daemon because the service file uses it +- Reword git-daemon.service description to get a useful sentence + in journalctl -b + +------------------------------------------------------------------- +Tue Apr 12 17:56:41 UTC 2022 - Andreas Stieger + +- git 2.35.2 (CVE-2022-24765, bsc#1198234): + * CVE-2022-24765: git may execute commands defined by other users + from unexpected worktrees + ------------------------------------------------------------------- Thu Mar 10 15:16:47 UTC 2022 - chris@computersalat.de @@ -114,6 +139,7 @@ Wed Oct 20 16:32:02 UTC 2021 - Callum Farmer - Add CONFIG parameter to %sysusers_generate_pre - Remove unneeded SHELL in git-daemon.conf - Fix sysusers usage in spec file +- Require nogroup group for %pre (bsc#1192023) ------------------------------------------------------------------- Wed Oct 13 18:09:43 UTC 2021 - Andreas Stieger diff --git a/git.spec b/git.spec index 832435a..0fb955a 100644 --- a/git.spec +++ b/git.spec @@ -36,7 +36,7 @@ %bcond_with asciidoctor %endif Name: git -Version: 2.35.1 +Version: 2.35.3 Release: 0 Summary: Fast, scalable, distributed revision control system License: GPL-2.0-only @@ -246,6 +246,7 @@ Email interface for the GIT version control system. %package daemon Summary: Simple Server for Git Repositories Group: Development/Tools/Version Control +Requires: bash Requires: git-core = %{version} Requires(pre): %fillup_prereq %if 0%{?suse_version} >= 1500