- update to 2.43.0:
* The "--rfc" option of "git format-patch" used to be a valid way to
override an earlier "--subject-prefix=<something>" on the command
line and replace it with "[RFC PATCH]", but from this release, it
merely prefixes the string "RFC " in front of the given subject
prefix. If you are negatively affected by this change, please use
"--subject-prefix=PATCH --rfc" as a replacement.
* In Git 2.42, "git rev-list --stdin" learned to take non-revisions
(like "--not") from the standard input, but the way such a "--not" was
handled was quite confusing, which has been rethought. The updated
rule is that "--not" given from the command line only affects revs
given from the command line that comes but not revs read from the
standard input, and "--not" read from the standard input affects
revs given from the standard input and not revs given from the
command line.
* A message written in olden time prevented a branch from getting
checked out, saying it is already checked out elsewhere. But these
days, we treat a branch that is being bisected or rebased just like
a branch that is checked out and protect it from getting modified
with the same codepath. The message has been rephrased to say that
the branch is "in use" to avoid confusion.
* Hourly and other schedules of "git maintenance" jobs are randomly
distributed now.
* "git cmd -h" learned to signal which options can be negated by
listing such options like "--[no-]opt".
* The way authentication related data other than passwords (e.g.,
oauth token and password expiration data) are stored in libsecret
keyrings has been rethought.
* Update the libsecret and wincred credential helpers to correctly
match which credential to erase; they erased the wrong entry in
OBS-URL: https://build.opensuse.org/request/show/1127934
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/git?expand=0&rev=304
* The "--rfc" option of "git format-patch" used to be a valid way to
override an earlier "--subject-prefix=<something>" on the command
line and replace it with "[RFC PATCH]", but from this release, it
merely prefixes the string "RFC " in front of the given subject
prefix. If you are negatively affected by this change, please use
"--subject-prefix=PATCH --rfc" as a replacement.
* In Git 2.42, "git rev-list --stdin" learned to take non-revisions
(like "--not") from the standard input, but the way such a "--not" was
handled was quite confusing, which has been rethought. The updated
rule is that "--not" given from the command line only affects revs
given from the command line that comes but not revs read from the
standard input, and "--not" read from the standard input affects
revs given from the standard input and not revs given from the
command line.
* A message written in olden time prevented a branch from getting
checked out, saying it is already checked out elsewhere. But these
days, we treat a branch that is being bisected or rebased just like
a branch that is checked out and protect it from getting modified
with the same codepath. The message has been rephrased to say that
the branch is "in use" to avoid confusion.
* Hourly and other schedules of "git maintenance" jobs are randomly
distributed now.
* "git cmd -h" learned to signal which options can be negated by
listing such options like "--[no-]opt".
* The way authentication related data other than passwords (e.g.,
oauth token and password expiration data) are stored in libsecret
keyrings has been rethought.
* Update the libsecret and wincred credential helpers to correctly
match which credential to erase; they erased the wrong entry in
OBS-URL: https://build.opensuse.org/package/show/devel:tools:scm/git?expand=0&rev=628
- git 2.40.1:
* CVE-2023-25652: By feeding specially crafted input to git apply
--reject, a path outside the working tree can be overwritten
with partially controlled contents (corresponding to the
rejected hunk(s) from the given patch).
* CVE-2023-25815: When Git is compiled with runtime prefix
support and runs without translated messages, it still used
the gettext machinery to display messages, which subsequently
potentially looked for translated messages in unexpected
places. This allowed for malicious placement of crafted
messages.
* CVE-2023-29007: When renaming or deleting a section from a
configuration file, certain malicious configuration values may
be misinterpreted as the beginning of a new configuration
section, leading to arbitrary configuration injection.
OBS-URL: https://build.opensuse.org/request/show/1082939
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/git?expand=0&rev=298
- git 2.35.3:
* usability fix-up for CVE-2022-24765 bsc#1198234:
'*' can be used as the value for the `safe.directory` variable
to signal that the user considers that any directory is safe.
* The code that was meant to parse the new `safe.directory`
configuration variable was not checking what configuration
variable was being fed to it
- Require bash in git-daemon because the service file uses it
- Reword git-daemon.service description to get a useful sentence
in journalctl -b
- git 2.35.2 (CVE-2022-24765, bsc#1198234):
* CVE-2022-24765: git may execute commands defined by other users
from unexpected worktrees
- Require nogroup group for %pre (bsc#1192023)
OBS-URL: https://build.opensuse.org/request/show/970347
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/git?expand=0&rev=276
