Accepting request 494473 from devel:tools:scm

git 2.13.0
git 2.12.3
  * CVE-2017-8386: On a server running git-shell as login shell to
    restrict user to git commands, remote users may have been able
    to have git service programs spawn an interactive pager
    and thus escape the shell restrictions. (bsc#1038395)

OBS-URL: https://build.opensuse.org/request/show/494473
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/git?expand=0&rev=197
This commit is contained in:
Dominique Leuenberger 2017-05-20 08:06:50 +00:00 committed by Git OBS Bridge
parent 8b81b222a4
commit b18505bb0a
7 changed files with 36 additions and 12 deletions

View File

@ -2,13 +2,13 @@
contrib/completion/git-completion.bash | 10 ++++++---- contrib/completion/git-completion.bash | 10 ++++++----
1 file changed, 6 insertions(+), 4 deletions(-) 1 file changed, 6 insertions(+), 4 deletions(-)
Index: git-2.11.0/contrib/completion/git-completion.bash Index: git-2.13.0/contrib/completion/git-completion.bash
=================================================================== ===================================================================
--- git-2.11.0.orig/contrib/completion/git-completion.bash --- git-2.13.0.orig/contrib/completion/git-completion.bash 2017-05-09 16:47:28.000000000 +0200
+++ git-2.11.0/contrib/completion/git-completion.bash +++ git-2.13.0/contrib/completion/git-completion.bash 2017-05-10 12:09:05.594109083 +0200
@@ -29,10 +29,12 @@ @@ -37,10 +37,12 @@
# tell the completion to use commit completion. This also works with aliases # When set to "1", do not include "DWIM" suggestions in git-checkout
# of form "!sh -c '...'". For example, "!sh -c ': git commit ; ... '". # completion (e.g., completing "foo" when "origin/foo" exists).
-case "$COMP_WORDBREAKS" in -case "$COMP_WORDBREAKS" in
-*:*) : great ;; -*:*) : great ;;
@ -21,5 +21,5 @@ Index: git-2.11.0/contrib/completion/git-completion.bash
+#*) COMP_WORDBREAKS="$COMP_WORDBREAKS:" +#*) COMP_WORDBREAKS="$COMP_WORDBREAKS:"
+#esac +#esac
# __gitdir accepts 0 or 1 arguments (i.e., location) # Discovers the path to the git repository taking any '--git-dir=<path>' and
# returns location of .git repo # '-C <path>' options into account and stores it in the $__git_repo_path

Binary file not shown.

View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:d21a9e23506e618d561fb25a8a7bd6134f927b86147930103487117a7a678c4a
size 4273748

BIN
git-2.13.0.tar.sign Normal file

Binary file not shown.

3
git-2.13.0.tar.xz Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:4bbf2ab6f2341253a38f95306ec7936833eb1c42572da5c1fa61f0abb2191258
size 4744388

View File

@ -1,3 +1,27 @@
-------------------------------------------------------------------
Wed May 10 21:09:53 UTC 2017 - astieger@suse.com
- git 2.13.0:
* empty string as a pathspec element for 'everything matches'
is still warned, for future removal.
* deprecated argument order "git merge <msg> HEAD <commit>..."
was removed
* default location "~/.git-credential-cache/socket" for the
socket used to communicate with the credential-cache daemon
moved to "~/.cache/git/credential/socket".
* now avoid blindly falling back to ".git" when the setup
sequence indicated otherwise
* many workflow features, improvements and bug fixes
-------------------------------------------------------------------
Wed May 10 07:54:52 UTC 2017 - astieger@suse.com
- git 2.12.3:
* CVE-2017-8386: On a server running git-shell as login shell to
restrict user to git commands, remote users may have been able
to have git service programs spawn an interactive pager
and thus escape the shell restrictions. (bsc#1038395)
------------------------------------------------------------------- -------------------------------------------------------------------
Sat Mar 25 13:43:23 UTC 2017 - astieger@suse.com Sat Mar 25 13:43:23 UTC 2017 - astieger@suse.com

View File

@ -26,7 +26,7 @@
%endif %endif
Name: git Name: git
Version: 2.12.2 Version: 2.13.0
Release: 0 Release: 0
Summary: Fast, scalable, distributed revision control system Summary: Fast, scalable, distributed revision control system
License: GPL-2.0 License: GPL-2.0