From b18505bb0a8a6835126a08d22ee15cb0d49aa8ea443676bb3c444c32b6b731a4 Mon Sep 17 00:00:00 2001
From: Dominique Leuenberger <dleuenberger@suse.com>
Date: Sat, 20 May 2017 08:06:50 +0000
Subject: [PATCH] Accepting request 494473 from devel:tools:scm

git 2.13.0
git 2.12.3
  * CVE-2017-8386: On a server running git-shell as login shell to
    restrict user to git commands, remote users may have been able
    to have git service programs spawn an interactive pager
    and thus escape the shell restrictions. (bsc#1038395)

OBS-URL: https://build.opensuse.org/request/show/494473
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/git?expand=0&rev=197
---
 completion-wordbreaks.diff |  16 ++++++++--------
 git-2.12.2.tar.sign        | Bin 543 -> 0 bytes
 git-2.12.2.tar.xz          |   3 ---
 git-2.13.0.tar.sign        | Bin 0 -> 543 bytes
 git-2.13.0.tar.xz          |   3 +++
 git.changes                |  24 ++++++++++++++++++++++++
 git.spec                   |   2 +-
 7 files changed, 36 insertions(+), 12 deletions(-)
 delete mode 100644 git-2.12.2.tar.sign
 delete mode 100644 git-2.12.2.tar.xz
 create mode 100644 git-2.13.0.tar.sign
 create mode 100644 git-2.13.0.tar.xz

diff --git a/completion-wordbreaks.diff b/completion-wordbreaks.diff
index 4fd6f7c..0b750a2 100644
--- a/completion-wordbreaks.diff
+++ b/completion-wordbreaks.diff
@@ -2,13 +2,13 @@
  contrib/completion/git-completion.bash |   10 ++++++----
  1 file changed, 6 insertions(+), 4 deletions(-)
 
-Index: git-2.11.0/contrib/completion/git-completion.bash
+Index: git-2.13.0/contrib/completion/git-completion.bash
 ===================================================================
---- git-2.11.0.orig/contrib/completion/git-completion.bash
-+++ git-2.11.0/contrib/completion/git-completion.bash
-@@ -29,10 +29,12 @@
- # tell the completion to use commit completion.  This also works with aliases
- # of form "!sh -c '...'".  For example, "!sh -c ': git commit ; ... '".
+--- git-2.13.0.orig/contrib/completion/git-completion.bash	2017-05-09 16:47:28.000000000 +0200
++++ git-2.13.0/contrib/completion/git-completion.bash	2017-05-10 12:09:05.594109083 +0200
+@@ -37,10 +37,12 @@
+ #     When set to "1", do not include "DWIM" suggestions in git-checkout
+ #     completion (e.g., completing "foo" when "origin/foo" exists).
  
 -case "$COMP_WORDBREAKS" in
 -*:*) : great ;;
@@ -21,5 +21,5 @@ Index: git-2.11.0/contrib/completion/git-completion.bash
 +#*)   COMP_WORDBREAKS="$COMP_WORDBREAKS:"
 +#esac
  
- # __gitdir accepts 0 or 1 arguments (i.e., location)
- # returns location of .git repo
+ # Discovers the path to the git repository taking any '--git-dir=<path>' and
+ # '-C <path>' options into account and stores it in the $__git_repo_path
diff --git a/git-2.12.2.tar.sign b/git-2.12.2.tar.sign
deleted file mode 100644
index 18dc0c8308153de2275e8ba9effd8469c31388ad8e96d7e80336c0065d1d03c3..0000000000000000000000000000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 543
zcmV+)0^t3L0vrSY0RjL91p-*rhfe?s2@tTg=!TZB=F6AV5CGR6OSae`<~j$I<~a5k
za`rTet$&<vJM^nI5T%g!3eKmrujlQ&CW`pH$!ouN2TlY5D^Of+?P0-*h3v!(!@=tr
zN{>EvY|Fy<xMtw$M+7;XYyIi@P`++ygOwdDcWrj2-Mx=lMar}Hk$=l3M#!}{59dvV
z-kazZ0C&U{+*+5~oirupo;niL;Ul}t^@E%qmQ9ZMibtd(C=9No1#DtnpXlh3NFg-G
zKfpR(!n)y6X+|XQ6(wk5iA6V}s-aR70~EuR5=?Qn!y5fJ+EL}4`%>!p#>|YWssmly
zFE94t2&*Dgq4lH_sx4BDOX00*O%j?qarxFaUTyJ)9h$b~k3tc>buWC?K`LkoUp;&$
ziB3GhS_!Nz`duH=8p5k(G&o(JPZ}fPxJDilIk8-uH19A`anJ81*+n$6T2Bx`PP)~A
zd0B{T2QU-yXv}u^gvBDp{k8;t<6o3P|B~;24nq!iVr63yxl41sy}mH1o*~Vv>4W4k
z+&T1720ou<jowFu>yxPqo~a1my?pI0>IZZUf_S4INQSJ!Am^c~B?myNn|4-KR&*mL
z1Ze!+oG0OuM~QHVbE-M@yRr-ofM$iVYRdmBIAu{TffS3<dj7*O{cS*I%<QV(Z!3Kc
hEkmJ2<*?zTBUUjgw|{hksCz<UttFA1B_i{+9j4k81>gVx

diff --git a/git-2.12.2.tar.xz b/git-2.12.2.tar.xz
deleted file mode 100644
index b84517d..0000000
--- a/git-2.12.2.tar.xz
+++ /dev/null
@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:d21a9e23506e618d561fb25a8a7bd6134f927b86147930103487117a7a678c4a
-size 4273748
diff --git a/git-2.13.0.tar.sign b/git-2.13.0.tar.sign
new file mode 100644
index 0000000000000000000000000000000000000000000000000000000000000000..65f1caffa96db3160294ba0db77b7ce9d9db8a016b53394b9b6fb9045ddd01fd
GIT binary patch
literal 543
zcmV+)0^t3L0vrSY0RjL91p-+S*BAf_2@tTg=!TZB=F6wR5B@FtEF`FuXkBjShp;$i
z`d|}#-Oo)=hlN*qqd}GmdON+(!tX-PGPMr%go9IwLWQSFOTCT96qjtTNF`@}dORl)
zMPtk{L7Y1Av66dUHY)$r|4=OR!E8%KUwI=~hi9JtQViztUKM5hy}*OFrk7&P&g9b3
z$X|ELztKy4vwz(`xzsqC|1Lf#2`}ZY`<z}jNZzp)XB^n_osv@e!5{}eQb(`Vqg{(B
zAL*`J9pIbkP}5d)lPM;6TukvwC*F%`FB?~CxM45{MpX=8u0e~#S>H?bLq|n*6&URC
z(c})tl30gtUGXa1(VIVRe9H;eJwym3XJHOk+m4T{atU22uww>vOE&>zCgL{q2&{n)
zgQgf}b^u@@|8`(9|2AFNt_*Z@8t-StMMBn33;fLj@U9p~5QUJnx;CLQsw-9|W^{Gz
z>$sa2jEg)7HhxOUnUwlse=ZE_%Mg7|hUCrnlB%Q0xQD@A3X!$#!BXct+2Xr`-)S;7
zTt;9o7mqWjo$J9F?YUGGGIN)oGdlqbrabe6*)a!xf*?=f&>iY3BkpRS0hrumv@U`)
zhUu`_KNf6HHMnf@7Xe`bw_k&qV~#w=+S->n&C6>pIqNANyaI5v)RH>Y4zHvLEp--@
h*k1`@&p`xr0Cw*!j`~Jv!d!o(aKl*X$&F(h_ZI_?|GxkL

literal 0
HcmV?d00001

diff --git a/git-2.13.0.tar.xz b/git-2.13.0.tar.xz
new file mode 100644
index 0000000..50b9fe1
--- /dev/null
+++ b/git-2.13.0.tar.xz
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:4bbf2ab6f2341253a38f95306ec7936833eb1c42572da5c1fa61f0abb2191258
+size 4744388
diff --git a/git.changes b/git.changes
index d5dff26..b35f03b 100644
--- a/git.changes
+++ b/git.changes
@@ -1,3 +1,27 @@
+-------------------------------------------------------------------
+Wed May 10 21:09:53 UTC 2017 - astieger@suse.com
+
+- git 2.13.0:
+  * empty string as a pathspec element for 'everything matches'
+    is still warned, for future removal.
+  * deprecated argument order "git merge <msg> HEAD <commit>..."
+    was removed
+  * default location "~/.git-credential-cache/socket" for the
+    socket used to communicate with the credential-cache daemon 
+    moved to "~/.cache/git/credential/socket".
+  * now avoid blindly falling back to ".git" when the setup
+    sequence indicated otherwise
+  * many workflow features, improvements and bug fixes
+
+-------------------------------------------------------------------
+Wed May 10 07:54:52 UTC 2017 - astieger@suse.com
+
+- git 2.12.3:
+  * CVE-2017-8386: On a server running git-shell as login shell to
+    restrict user to git commands, remote users may have been able
+    to have git service programs spawn an interactive pager
+    and thus escape the shell restrictions. (bsc#1038395)
+
 -------------------------------------------------------------------
 Sat Mar 25 13:43:23 UTC 2017 - astieger@suse.com
 
diff --git a/git.spec b/git.spec
index be9c05a..c8a266c 100644
--- a/git.spec
+++ b/git.spec
@@ -26,7 +26,7 @@
 %endif
 
 Name:           git
-Version:        2.12.2
+Version:        2.13.0
 Release:        0
 Summary:        Fast, scalable, distributed revision control system
 License:        GPL-2.0