From 609ddbad5bdb8d798dce1105b69de246fe618355cad40d4905bb15d67985bf4b Mon Sep 17 00:00:00 2001
From: Marcus Rueckert <mrueckert@suse.com>
Date: Tue, 17 Jan 2023 21:45:10 +0000
Subject: [PATCH 1/2] Accepting request 1059150 from
 home:AndreasStieger:branches:devel:tools:scm

git 2.39.1

OBS-URL: https://build.opensuse.org/request/show/1059150
OBS-URL: https://build.opensuse.org/package/show/devel:tools:scm/git?expand=0&rev=605
---
 git-2.39.0.tar.sign | Bin 566 -> 0 bytes
 git-2.39.0.tar.xz   |   3 ---
 git-2.39.1.tar.sign | Bin 0 -> 566 bytes
 git-2.39.1.tar.xz   |   3 +++
 git.changes         |   8 ++++++++
 git.spec            |   4 ++--
 6 files changed, 13 insertions(+), 5 deletions(-)
 delete mode 100644 git-2.39.0.tar.sign
 delete mode 100644 git-2.39.0.tar.xz
 create mode 100644 git-2.39.1.tar.sign
 create mode 100644 git-2.39.1.tar.xz

diff --git a/git-2.39.0.tar.sign b/git-2.39.0.tar.sign
deleted file mode 100644
index 9a2c1a2d687bd14dcaa1616f348b190a1442a057ed6f006011e85f58c210f92e..0000000000000000000000000000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 566
zcmV-60?GY}0y6{v0SEvc79j-T@HVmj=OQ1+c<k@6wdjVHujb1I0%Mkf^Z*J85U{oA
zhL*49%g&S!{w_h!RnkB*u_qGV{m|d@>8eUdMivM3fnb`GaL~C1lJ8(pI>F7knELIV
z-!;yeNtbTOFlSR<Z96OzAAvF-kW|ZsV+s#6Q9h3+?1z^aTgysz(T6f<hnx;K=9Pc`
z-?wRpE5Yldc71nIIz$}n258j3RoeidCIAt7=te}uiE;AscOw$D%}fEJoifJP*fe6S
zbCF80;O7bN(Wnn#2nkPFmH-b}ZCMtKV=X=+!N<ZJvqg4$7#n%Y-?L=aVv#69ZviUr
zXE#@2bG2iqn-Qpvkb&&>hz9b^^fz;ZU~aSe=9<9)UN#`3NT%+g+q~V~we+nl!7#I&
zNE-6bqjV=fumvB?9a@U-+AZI-nqY*fCg`4QZB7yU=WDJsfpSSEv8<f&U6?MSomv1I
zGf<9h$6{NfAlT_PbjGS32VvbMpi?R7?*~IM<tlHFJ<UM%L2dj>CQD5%B&KHL=A_in
z304med7v9`M}LMEGgw2hJrKpM$FtsPs*97AHxaQP33;R24FcizgjX)JO_xu#h_1*G
z6dp{>nfcZeNApduAcJsdBh_4;#%K|n?DgQ@7;x4}4aJ9v_)Ys$Fkw3ewN|ciOucmb
zmfG`3LoPp>Fn^&w83KhIMeAkAX$r}Ifkw1DfGWC=PT!6ca*w?x%Ue-_f<|QWaX@Z{
E%$g1m0RR91

diff --git a/git-2.39.0.tar.xz b/git-2.39.0.tar.xz
deleted file mode 100644
index 0a866e4..0000000
--- a/git-2.39.0.tar.xz
+++ /dev/null
@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:ba199b13fb5a99ca3dec917b0bd736bc0eb5a9df87737d435eddfdf10d69265b
-size 7157548
diff --git a/git-2.39.1.tar.sign b/git-2.39.1.tar.sign
new file mode 100644
index 0000000000000000000000000000000000000000000000000000000000000000..d69a968211445f576052a16d3748514df7df1f96a06d8184f8e811d8b171cd5d
GIT binary patch
literal 566
zcmV-60?GY}0y6{v0SEvc79j-T@HVmj=OQ1+c<k@6wdjVHujb1I0%O6MU;qjU5U{oA
zhL*49%L=&=0L$#@EG-text{!>LyW#Zy3GZXz7`?I!hcKotCX3#WRFJLMQN*Xsk+re
z>~Aii_jz6WM@1gqR@aM}(|3Du0=-yV;sN}3@A^xuu)Y$QLblvfb68Al$b_YfO(4<=
zNe^p-P_aXn*AhsVd18m2(uz(b=l&tDG~qAcf~X+IOH(-1n}3cp6R7Bu!Nl=^ykv@<
zaL<Gtn4)sOZTh>PmWH#+&FBBmc*+-5P7CG4;Bgw(!dH6JD{T|LHR+6|VpKGIF<&{=
z*-Lyj$tit<TaamLE?vmMk{=DZ^gbS<=G`3kLb*=v6Dqb9n-i?6eP|M4O3T9lqaUoF
zCbH!yNfy-G4vsyBEI0U4C>uU<(ma-A6tK>HWGIHMgl6Tw_cgDqaE(Dht%ERQ#u6j^
zleUf!SM2(6GXD59qN-@Kz96+wl6}HIIt1LLUp?8ZhE-Hs^+cZ9KzJzGei=)A#A2IO
z3I}G1tc>n%H&S_Do9zX`^ffr!<e8-l0nP3y^7CbbN54(g9ACbchCZXj^dtduohpN&
z-jj-591TrFmUpYksb2#u0&A}!1v%Kv%)}47LTt@!Hf1Bvi_<h+lnhem<SaWLc=CVz
zOu*%k6|oW>`AM{o;{Iv!>n*s&RIGQ^tZ|ZS2!=$bf45RECnuC&Q<0-2;oytsFGhJn
EW+X2eg8%>k

literal 0
HcmV?d00001

diff --git a/git-2.39.1.tar.xz b/git-2.39.1.tar.xz
new file mode 100644
index 0000000..5a33d71
--- /dev/null
+++ b/git-2.39.1.tar.xz
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:40a38a0847b30c371b35873b3afcf123885dd41ea3ecbbf510efa97f3ce5c161
+size 7160744
diff --git a/git.changes b/git.changes
index fcdf958..d62223a 100644
--- a/git.changes
+++ b/git.changes
@@ -1,3 +1,11 @@
+-------------------------------------------------------------------
+Tue Jan 17 19:13:03 UTC 2023 - Andreas Stieger <andreas.stieger@gmx.de>
+
+- git 2.39.1, fixing two security issues that could allow remote
+  code execution when accessing specially crafted repositories:
+  * CVE-2022-41903: log format integer overflow
+  * CVE-2022-23521: gitattributed parsing integer overflow 
+
 -------------------------------------------------------------------
 Thu Dec 15 12:01:04 UTC 2022 - Dirk Müller <dmueller@suse.com>
 
diff --git a/git.spec b/git.spec
index ddeb9d8..5aa25b2 100644
--- a/git.spec
+++ b/git.spec
@@ -1,7 +1,7 @@
 #
 # spec file for package git
 #
-# Copyright (c) 2022 SUSE LLC
+# Copyright (c) 2023 SUSE LLC
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -36,7 +36,7 @@
 %bcond_with    asciidoctor
 %endif
 Name:           git
-Version:        2.39.0
+Version:        2.39.1
 Release:        0
 Summary:        Fast, scalable, distributed revision control system
 License:        GPL-2.0-only

From ad03eb7dfc90be8f3a28b8e90783b01f373063bf0e551652dc6db73359923dd0 Mon Sep 17 00:00:00 2001
From: Marcus Rueckert <mrueckert@suse.com>
Date: Wed, 18 Jan 2023 10:28:17 +0000
Subject: [PATCH 2/2] Accepting request 1059281 from
 home:AndreasStieger:branches:devel:tools:scm

bugzillas

OBS-URL: https://build.opensuse.org/request/show/1059281
OBS-URL: https://build.opensuse.org/package/show/devel:tools:scm/git?expand=0&rev=606
---
 git.changes | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/git.changes b/git.changes
index d62223a..288ea91 100644
--- a/git.changes
+++ b/git.changes
@@ -3,8 +3,9 @@ Tue Jan 17 19:13:03 UTC 2023 - Andreas Stieger <andreas.stieger@gmx.de>
 
 - git 2.39.1, fixing two security issues that could allow remote
   code execution when accessing specially crafted repositories:
-  * CVE-2022-41903: log format integer overflow
-  * CVE-2022-23521: gitattributed parsing integer overflow 
+  * CVE-2022-41903: log format integer overflow boo#1207033
+  * CVE-2022-23521: gitattributed parsing integer overflow
+    boo#1207032
 
 -------------------------------------------------------------------
 Thu Dec 15 12:01:04 UTC 2022 - Dirk Müller <dmueller@suse.com>