Accepting request 797168 from devel:tools:scm
- With recent switch to protocol v2 people are reporting fetches transferring
unreasonable amount of data. Upstream proposes switching the protocol back
until the issue is properly diagnosed. The regression is problematic for
people with lower network connection speed.
Added: Revert-fetch-default-to-protocol-version-2.patch
- git 2.26.2:
* CVE-2020-11008: Specially crafted URLs may have tricked the
credentials helper to providing credential information that
is not appropriate for the protocol in use and host being
contacted (boo#1169936)
- Submit to SLE15 / resubmit to Factory (bsc#1169786, jsc#SLE-12396, bsc#1149792)
OBS-URL: https://build.opensuse.org/request/show/797168
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/git?expand=0&rev=248
This commit is contained in:
Dominique Leuenberger
Git OBS Bridge
parent
a0030f8fd4
commit
72bf55c7c6
42
Revert-fetch-default-to-protocol-version-2.patch
Normal file
42
Revert-fetch-default-to-protocol-version-2.patch
Normal file
@ -0,0 +1,42 @@
|
||||
From 3063fdec2a274235925c1b202ba8c65537e48211 Mon Sep 17 00:00:00 2001
|
||||
From: Michal Suchanek <msuchanek@suse.de>
|
||||
Date: Tue, 21 Apr 2020 21:38:48 +0200
|
||||
Subject: [PATCH] Revert "fetch: default to protocol version 2"
|
||||
|
||||
This reverts commit 684ceae32dae726c6a5c693b257b156926aba8b7.
|
||||
|
||||
Causes a lot of data fetched from the Linux tree.
|
||||
---
|
||||
Documentation/config/protocol.txt | 2 +-
|
||||
protocol.c | 2 +-
|
||||
2 files changed, 2 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/Documentation/config/protocol.txt b/Documentation/config/protocol.txt
|
||||
index 756591d77b08..0b40141613e3 100644
|
||||
--- a/Documentation/config/protocol.txt
|
||||
+++ b/Documentation/config/protocol.txt
|
||||
@@ -48,7 +48,7 @@ protocol.version::
|
||||
If set, clients will attempt to communicate with a server
|
||||
using the specified protocol version. If the server does
|
||||
not support it, communication falls back to version 0.
|
||||
- If unset, the default is `2`.
|
||||
+ If unset, the default is `0`.
|
||||
Supported versions:
|
||||
+
|
||||
--
|
||||
diff --git a/protocol.c b/protocol.c
|
||||
index 803bef5c87e0..d390391ebac8 100644
|
||||
--- a/protocol.c
|
||||
+++ b/protocol.c
|
||||
@@ -39,7 +39,7 @@ enum protocol_version get_protocol_version_config(void)
|
||||
return env;
|
||||
}
|
||||
|
||||
- return protocol_v2;
|
||||
+ return protocol_v0;
|
||||
}
|
||||
|
||||
enum protocol_version determine_protocol_version_server(void)
|
||||
--
|
||||
2.26.0
|
||||
|
||||
Binary file not shown.
@ -1,3 +0,0 @@
|
||||
version https://git-lfs.github.com/spec/v1
|
||||
oid sha256:888228408f254634330234df3cece734d190ef6381063821f31ec020538f0368
|
||||
size 6006104
|
||||
BIN
git-2.26.2.tar.sign
Normal file
BIN
git-2.26.2.tar.sign
Normal file
Binary file not shown.
3
git-2.26.2.tar.xz
Normal file
3
git-2.26.2.tar.xz
Normal file
@ -0,0 +1,3 @@
|
||||
version https://git-lfs.github.com/spec/v1
|
||||
oid sha256:6d65132471df9e531807cb2746f8be317e22a343b9385bbe11c9ce7f0d2fc848
|
||||
size 6007864
|
||||
25
git.changes
25
git.changes
@ -1,3 +1,26 @@
|
||||
-------------------------------------------------------------------
|
||||
Tue Apr 21 19:41:46 UTC 2020 - Michal Suchanek <msuchanek@suse.de>
|
||||
|
||||
- With recent switch to protocol v2 people are reporting fetches transferring
|
||||
unreasonable amount of data. Upstream proposes switching the protocol back
|
||||
until the issue is properly diagnosed. The regression is problematic for
|
||||
people with lower network connection speed.
|
||||
Added: Revert-fetch-default-to-protocol-version-2.patch
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Mon Apr 20 18:35:15 UTC 2020 - Andreas Stieger <andreas.stieger@gmx.de>
|
||||
|
||||
- git 2.26.2:
|
||||
* CVE-2020-11008: Specially crafted URLs may have tricked the
|
||||
credentials helper to providing credential information that
|
||||
is not appropriate for the protocol in use and host being
|
||||
contacted (boo#1169936)
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Mon Apr 20 07:19:07 UTC 2020 - Marketa Calabkova <mcalabkova@suse.com>
|
||||
|
||||
- Submit to SLE15 / resubmit to Factory (bsc#1169786, jsc#SLE-12396, bsc#1149792)
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Fri Apr 17 17:56:32 UTC 2020 - Michal Suchanek <msuchanek@suse.com>
|
||||
|
||||
@ -11,7 +34,7 @@ Tue Apr 14 18:32:57 UTC 2020 - Andreas Stieger <andreas.stieger@gmx.de>
|
||||
* CVE-2020-5260: Specially crafted URLs with newline characters
|
||||
could have been used to make the Git client to send credential
|
||||
information for a wrong host to the attacker's site boo#1168930
|
||||
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Mon Mar 23 16:45:06 UTC 2020 - Andreas Stieger <andreas.stieger@gmx.de>
|
||||
|
||||
|
||||
4
git.spec
4
git.spec
@ -32,7 +32,7 @@
|
||||
%endif
|
||||
|
||||
Name: git
|
||||
Version: 2.26.1
|
||||
Version: 2.26.2
|
||||
Release: 0
|
||||
Summary: Fast, scalable, distributed revision control system
|
||||
License: GPL-2.0-only
|
||||
@ -58,6 +58,7 @@ Patch8: git-asciidoc.patch
|
||||
Patch10: setup-don-t-fail-if-commondir-reference-is-deleted.patch
|
||||
Patch11: 0001-DOC-Move-to-DocBook-5-when-using-asciidoctor.patch
|
||||
Patch13: 0002-Also-use-DocBook-5-stylesheet-when-generating-HTML-o.patch
|
||||
Patch14: Revert-fetch-default-to-protocol-version-2.patch
|
||||
BuildRequires: fdupes
|
||||
BuildRequires: gpg2
|
||||
BuildRequires: libcurl-devel
|
||||
@ -286,6 +287,7 @@ directory /git/ that calls the cgi script.
|
||||
%patch10 -p1
|
||||
%patch11 -p1
|
||||
%patch13 -p1
|
||||
%patch14 -p1
|
||||
|
||||
%build
|
||||
cat > .make <<'EOF'
|
||||
|
||||
Loading…
Reference in New Issue
Block a user