"Fossies" - the Fresh Open Source Software Archive

Member "RelNotes/2.14.5.txt" (15 Dec 2018, 578 Bytes) of package /linux/misc/git-htmldocs-2.20.1.tar.xz:


As a special service "Fossies" has tried to format the requested text file into HTML format (style: standard) with prefixed line numbers. Alternatively you can here view or download the uninterpreted source code file.

    1 Git v2.14.5 Release Notes
    2 =========================
    3 
    4 This release is to address the recently reported CVE-2018-17456.
    5 
    6 Fixes since v2.14.4
    7 -------------------
    8 
    9  * Submodules' "URL"s come from the untrusted .gitmodules file, but
   10    we blindly gave it to "git clone" to clone submodules when "git
   11    clone --recurse-submodules" was used to clone a project that has
   12    such a submodule.  The code has been hardened to reject such
   13    malformed URLs (e.g. one that begins with a dash).
   14 
   15 Credit for finding and fixing this vulnerability goes to joernchen
   16 and Jeff King, respectively.