diff --git a/git b/git index 366b5dd..e303d70 160000 --- a/git +++ b/git @@ -1 +1 @@ -Subproject commit 366b5dd2a22aea515899752fa575f05cf14f2bbf +Subproject commit e303d70c7ed814e5f6e563631ab6c5bd9aa590cf diff --git a/patchinfo.20240909073809950064.90520734224245/_patchinfo b/patchinfo.20240909073809950064.90520734224245/_patchinfo new file mode 100644 index 0000000..26aaff4 --- /dev/null +++ b/patchinfo.20240909073809950064.90520734224245/_patchinfo @@ -0,0 +1,188 @@ + + + Some Bash completions do not work + VUL-1: CVE-2005-4900: git: hardening against practical SHA1 attacks (SHATTERED) + VUL-0: CVE-2017-14867: git: cvsserver command injection + Packages should no longer use /var/adm/fillup-templates + git send-email fails to authenticate with SMTP server + git-web package update overrides custom app armor profile in /etc + git instaweb returns "No such projects found" + `git instaweb` on OpenSUSE Tumbleweed: /etc/gitweb-common.conf is not being read + VUL-0: CVE-2024-32002: git: recursive clones on case-insensitive filesystems that support symbolic links are susceptible to case confusion + VUL-0: CVE-2024-32004: git: arbitrary code execution during local clones + VUL-0: CVE-2024-32020: git: file overwriting vulnerability during local clones + VUL-0: CVE-2024-32021: git: git may create hardlinks to arbitrary user-readable files + VUL-0: CVE-2024-32465: git: arbitrary code execution during clone operations + + + + + + + + + dspinella + important + security + Security update for git + This update for git fixes the following issues: + +git was updated to 2.45.1: + + * CVE-2024-32002: recursive clones on case-insensitive + filesystems that support symbolic links are susceptible to case + confusion (bsc#1224168) + * CVE-2024-32004: arbitrary code execution during local clones + (bsc#1224170) + * CVE-2024-32020: file overwriting vulnerability during local + clones (bsc#1224171) + * CVE-2024-32021: git may create hardlinks to arbitrary user- + readable files (bsc#1224172) + * CVE-2024-32465: arbitrary code execution during clone operations + (bsc#1224173) + +Update to 2.45.0: + + * Improved efficiency managing repositories with many references + ("git init --ref-format=reftable") + * "git checkout -p" and friends learned that that "@" is a + synonym for "HEAD" + * cli improvements handling refs + * Expanded a number of commands and options, UI improvements + * status.showUntrackedFiles now accepts "true" + * git-cherry-pick(1) now automatically drops redundant commits + with new --empty option + * The userdiff patterns for C# has been updated. + +Update to 2.44.0: + + * "git checkout -B <branch>" now longer allows switching to a + branch that is in use on another worktree. The users need to + use "--ignore-other-worktrees" option. + * Faster server-side rebases with git replay + * Faster pack generation with multi-pack reuse + * rebase auto-squashing now works in non-interactive mode + * pathspec now understands attr, e.g. ':(attr:~binary) for + selecting non-binaries, or builtin_objectmode for selecting + items by file mode or other properties + * Many other cli UI and internal improvements and extensions + +- Do not replace apparmor configuration, fixes bsc#1216545 + +Update to 2.43.2: + + * https://raw.githubusercontent.com/git/git/master/Documentation/RelNotes/2.43.2.txt + * Update to a new feature recently added, "git show-ref --exists". + * Rename detection logic ignored the final line of a file if it + is an incomplete line. + * "git diff --no-rename A B" did not disable rename detection but + did not trigger an error from the command line parser. + * "git diff --no-index file1 file2" segfaulted while invoking the + external diff driver, which has been corrected. + * A failed "git tag -s" did not necessarily result in an error + depending on the crypto backend, which has been corrected. + * "git stash" sometimes was silent even when it failed due to + unwritable index file, which has been corrected. + * Recent conversion to allow more than 0/1 in GIT_FLUSH broke the + mechanism by flipping what yes/no means by mistake, which has + been corrected. + +Update to 2.43.1: + + * https://raw.githubusercontent.com/git/git/master/Documentation/RelNotes/2.43.1.txt + +- gitweb AppArmor profile: allow reading etc/gitweb-common.conf + (bsc#1218664) + +- git moved to /usr/libexec/git/git, update AppArmor profile + accordingly (bsc#1218588) + +Update to 2.43.0: + + * The "--rfc" option of "git format-patch" used to be a valid way to + override an earlier "--subject-prefix=<something>" on the command + line and replace it with "[RFC PATCH]", but from this release, it + merely prefixes the string "RFC " in front of the given subject + prefix. If you are negatively affected by this change, please use + "--subject-prefix=PATCH --rfc" as a replacement. + * In Git 2.42, "git rev-list --stdin" learned to take non-revisions + (like "--not") from the standard input, but the way such a "--not" was + handled was quite confusing, which has been rethought. The updated + rule is that "--not" given from the command line only affects revs + given from the command line that comes but not revs read from the + standard input, and "--not" read from the standard input affects + revs given from the standard input and not revs given from the + command line. + * A message written in olden time prevented a branch from getting + checked out, saying it is already checked out elsewhere. But these + days, we treat a branch that is being bisected or rebased just like + a branch that is checked out and protect it from getting modified + with the same codepath. The message has been rephrased to say that + the branch is "in use" to avoid confusion. + * Hourly and other schedules of "git maintenance" jobs are randomly + distributed now. + * "git cmd -h" learned to signal which options can be negated by + listing such options like "--[no-]opt". + * The way authentication related data other than passwords (e.g., + oauth token and password expiration data) are stored in libsecret + keyrings has been rethought. + * Update the libsecret and wincred credential helpers to correctly + match which credential to erase; they erased the wrong entry in + some cases. + * Git GUI updates. + * "git format-patch" learned a new "--description-file" option that + lets cover letter description to be fed; this can be used on + detached HEAD where there is no branch description available, and + also can override the branch description if there is one. + * Use of the "--max-pack-size" option to allow multiple packfiles to + be created is now supported even when we are sending unreachable + objects to cruft packs. + * "git format-patch --rfc --subject-prefix=<foo>" used to ignore the + "--subject-prefix" option and used "[RFC PATCH]"; now we will add + "RFC" prefix to whatever subject prefix is specified. + * "git log --format" has been taught the %(decorate) placeholder for + further customization over what the "--decorate" option offers. + * The default log message created by "git revert", when reverting a + commit that records a revert, has been tweaked, to encourage people + to describe complex "revert of revert of revert" situations better in + their own words. + * The command-line completion support (in contrib/) learned to + complete "git commit --trailer=" for possible trailer keys. + * "git update-index" learned the "--show-index-version" option to + inspect the index format version used by the on-disk index file. + * "git diff" learned the "diff.statNameWidth" configuration variable, + to give the default width for the name part in the "--stat" output. + * "git range-diff --notes=foo" compared "log --notes=foo --notes" of + the two ranges, instead of using just the specified notes tree, + which has been corrected to use only the specified notes tree. + * The command line completion script (in contrib/) can be told to + complete aliases by including ": git <cmd> ;" in the alias to tell + it that the alias should be completed in a similar way to how "git + <cmd>" is completed. The parsing code for the alias has been + loosened to allow ';' without an extra space before it. + * "git for-each-ref" and friends learned to apply mailmap to + authorname and other fields in a more flexible way than using + separate placeholder letters like %a[eElL] every time we want to + come up with small variants. + * "git repack" machinery learned to pay attention to the "--filter=" + option. + * "git repack" learned the "--max-cruft-size" option to prevent cruft + packs from growing without bounds. + * "git merge-tree" learned to take strategy backend specific options + via the "-X" option, like "git merge" does. + * "git log" and friends learned the "--dd" option that is a + short-hand for "--diff-merges=first-parent -p". + * The attribute subsystem learned to honor the "attr.tree" + configuration variable that specifies which tree to read the + .gitattributes files from. + * "git merge-file" learns a mode to read three variants of the + contents to be merged from blob objects. + * see https://raw.githubusercontent.com/git/git/master/Documentation/RelNotes/2.43.0.txt + +Update 2.42.1: + + * Fix "git diff" exit code handling + + git + +