projects / git.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: ebbc549) | patch
git (1:1.7.10.4-1+wheezy6) wheezy-security; urgency=high
authorAntoine Beaupré <anarcat@debian.org>
Mon, 2 Oct 2017 19:47:26 +0000 (20:47 +0100)
committerAntoine Beaupré <anarcat@debian.org>
Mon, 2 Oct 2017 19:47:26 +0000 (20:47 +0100)
commit4ae50a9bcc3f0bd048c84e8760b73a4e60013808
treece1f25a5daa8e65b467b85aff57c8976f00cdfdctree | snapshot
parentebbc5495ce6d85105970bd0b69b1cf0f4942447ccommit | diff
git (1:1.7.10.4-1+wheezy6) wheezy-security; urgency=high

  * Non-maintainer upload by the LTS Security Team.
  * Fix CVE-2017-14867: Git uses unsafe Perl scripts to support
    subcommands such as cvsserver, which allows attackers to execute
    arbitrary OS commands via shell metacharacters in a module name. The
    vulnerable code is reachable via git-shell even without CVS
    support. (Closes: #876854)

[dgit import package git 1:1.7.10.4-1+wheezy6]
93 files changed:
debian/changelog [new file with mode: 0644] blob
debian/changelog.upstream [new file with mode: 0644] blob
debian/changelog.upstream.sh [new file with mode: 0644] blob
debian/control [new file with mode: 0644] blob
debian/copyright [new file with mode: 0644] blob
debian/diff/0001-hooks-post-receive-email-set-encoding-to-utf-8.diff [new file with mode: 0644] blob
debian/diff/0002-post-receive-email-defend-against-non-utf8-i18n.logou.diff [new file with mode: 0644] blob
debian/diff/0003-remove-interpreter-line-from-shell-libraries.diff [new file with mode: 0644] blob
debian/diff/0004-pre-rebase-hook-capture-documentation-in-a-here-docum.diff [new file with mode: 0644] blob
debian/diff/0005-transport-expose-git_tcp_connect-and-friends-in-new-t.diff [new file with mode: 0644] blob
debian/diff/0006-daemon-make-host-resolution-into-a-separate-function.diff [new file with mode: 0644] blob
debian/diff/0007-daemon-move-locate_host-to-tcp.c.diff [new file with mode: 0644] blob
debian/diff/0008-tcp-unify-ipv4-and-ipv6-code-paths.diff [new file with mode: 0644] blob
debian/diff/0009-daemon-check-for-errors-retrieving-IP-address.diff [new file with mode: 0644] blob
debian/diff/0010-transport-optionally-honor-DNS-SRV-records.diff [new file with mode: 0644] blob
debian/diff/0011-srv-be-more-tolerant-of-broken-DNS-replies.diff [new file with mode: 0644] blob
debian/diff/0012-Makefile-add-a-knob-to-turn-off-hardlinks-within-same.diff [new file with mode: 0644] blob
debian/diff/0013-git-svn-use-YAML-format-for-mergeinfo-cache-when-poss.diff [new file with mode: 0644] blob
debian/diff/0016-CVE-2015-7545-backport1.patch [new file with mode: 0644] blob
debian/diff/0017-CVE-2015-7545-backport2.patch [new file with mode: 0644] blob
debian/diff/0018-CVE-2015-7545-1.patch [new file with mode: 0644] blob
debian/diff/0019-CVE-2015-7545-2.patch [new file with mode: 0644] blob
debian/diff/0020-CVE-2015-7545-3.patch [new file with mode: 0644] blob
debian/diff/0021-CVE-2015-7545-4.patch [new file with mode: 0644] blob
debian/diff/0022-CVE-2015-7545-5.patch [new file with mode: 0644] blob
debian/diff/0023-CVE-2016-2315.patch [new file with mode: 0644] blob
debian/diff/0024-CVE-2016-2324.patch [new file with mode: 0644] blob
debian/diff/0025-CVE-2017-8386.patch [new file with mode: 0644] blob
debian/diff/0026-CVE-2017-1000117.diff [new file with mode: 0644] blob
debian/diff/0027-CVE-2017-14867.diff [new file with mode: 0644] blob
debian/diff/0030-shell-drop-git-cvsserver-support-by-default.diff [new file with mode: 0644] blob
debian/diff/0031-archimport-use-safe_pipe_capture-for-user-input.diff [new file with mode: 0644] blob
debian/diff/0032-cvsimport-shell-quote-variable-used-in-backticks.diff [new file with mode: 0644] blob
debian/examples/index.aux-generation [new file with mode: 0644] blob
debian/git-core.postinst [new file with mode: 0644] blob
debian/git-core.preinst [new file with mode: 0644] blob
debian/git-daemon-run.README.Debian [new file with mode: 0644] blob
debian/git-daemon-run.conffiles [new file with mode: 0644] blob
debian/git-daemon-run.postinst [new file with mode: 0644] blob
debian/git-daemon-run.postrm [new file with mode: 0644] blob
debian/git-daemon-run.prerm [new file with mode: 0644] blob
debian/git-daemon-sysvinit.README.Debian [new file with mode: 0644] blob
debian/git-daemon-sysvinit.conffiles [new file with mode: 0644] blob
debian/git-daemon-sysvinit.postinst [new file with mode: 0644] blob
debian/git-daemon-sysvinit.postrm [new file with mode: 0644] blob
debian/git-daemon-sysvinit.prerm [new file with mode: 0644] blob
debian/git-daemon.default [new file with mode: 0644] blob
debian/git-daemon.init [new file with mode: 0644] blob
debian/git-daemon/log/run [new file with mode: 0644] blob
debian/git-daemon/run [new file with mode: 0644] blob
debian/git-doc.doc-base.everyday-git [new file with mode: 0644] blob
debian/git-doc.doc-base.git-bisect-lk2009 [new file with mode: 0644] blob
debian/git-doc.doc-base.git-howtos [new file with mode: 0644] blob
debian/git-doc.doc-base.git-index-format [new file with mode: 0644] blob
debian/git-doc.doc-base.git-pack-format [new file with mode: 0644] blob
debian/git-doc.doc-base.git-protocol [new file with mode: 0644] blob
debian/git-doc.doc-base.git-reference-manual [new file with mode: 0644] blob
debian/git-doc.doc-base.git-shallow-clone-design [new file with mode: 0644] blob
debian/git-doc.doc-base.git-technical [new file with mode: 0644] blob
debian/git-doc.doc-base.git-tools [new file with mode: 0644] blob
debian/git-doc.doc-base.git-trivial-merge-rules [new file with mode: 0644] blob
debian/git-doc.doc-base.git-user-manual [new file with mode: 0644] blob
debian/git-doc.doc-base.the-racy-git-problem [new file with mode: 0644] blob
debian/git-doc.docs [new file with mode: 0644] blob
debian/git-el.conffiles [new file with mode: 0644] blob
debian/git-el.emacsen-install [new file with mode: 0644] blob
debian/git-el.emacsen-remove [new file with mode: 0644] blob
debian/git-el.emacsen-startup [new file with mode: 0644] blob
debian/git-el.postinst [new file with mode: 0644] blob
debian/git-el.prerm [new file with mode: 0644] blob
debian/git.NEWS.Debian [new file with mode: 0644] blob
debian/git.README.Debian [new file with mode: 0644] blob
debian/git.README.emacs [new file with mode: 0644] blob
debian/git.README.source [new file with mode: 0644] blob
debian/git.conffiles [new file with mode: 0644] blob
debian/git.docs [new file with mode: 0644] blob
debian/git.lintian-overrides [new file with mode: 0644] blob
debian/git.postinst [new file with mode: 0644] blob
debian/git.postrm [new file with mode: 0644] blob
debian/git.preinst [new file with mode: 0644] blob
debian/git.prerm [new file with mode: 0644] blob
debian/gitweb.NEWS.Debian [new file with mode: 0644] blob
debian/gitweb.README.Debian [new file with mode: 0644] blob
debian/gitweb.apache2.conf [new file with mode: 0644] blob
debian/gitweb.conf [new file with mode: 0644] blob
debian/gitweb.conffiles [new file with mode: 0644] blob
debian/gitweb.docs [new file with mode: 0644] blob
debian/gitweb.examples [new file with mode: 0644] blob
debian/gitweb.postinst [new file with mode: 0644] blob
debian/implicit [new file with mode: 0644] blob
debian/rules [new file with mode: 0755] blob
debian/versions.upstream [new file with mode: 0644] blob
debian/watch [new file with mode: 0644] blob
Unnamed repository; edit this file 'description' to name the repository.