projects / git.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: ebbc549) | patch
git (1:1.7.10.4-1+wheezy5) wheezy-security; urgency=high
authorMarkus Koschany <apo@debian.org>
Sun, 27 Aug 2017 13:51:22 +0000 (14:51 +0100)
committerMarkus Koschany <apo@debian.org>
Sun, 27 Aug 2017 13:51:22 +0000 (14:51 +0100)
commitf3a38cc19e2912bb3bbb4795a21b8315dc76085b
tree6917dcb9e0be2d7ae05a46a77bdfa763113e179dtree | snapshot
parentebbc5495ce6d85105970bd0b69b1cf0f4942447ccommit | diff
git (1:1.7.10.4-1+wheezy5) wheezy-security; urgency=high

  * Non-maintainer upload by the LTS team.
  *  Fix CVE-2017-1000117, arbitrary code execution issues via URLs:
      - reject ssh hostname that begins with a dash
      - factor out "looks like command line option" check
      - reject dashed arguments to $GIT_PROXY_COMMAND
      - ssh:// and local URLs: reject path to repositories that look like
        command line options

[dgit import package git 1:1.7.10.4-1+wheezy5]
89 files changed:
debian/changelog [new file with mode: 0644] blob
debian/changelog.upstream [new file with mode: 0644] blob
debian/changelog.upstream.sh [new file with mode: 0644] blob
debian/control [new file with mode: 0644] blob
debian/copyright [new file with mode: 0644] blob
debian/diff/0001-hooks-post-receive-email-set-encoding-to-utf-8.diff [new file with mode: 0644] blob
debian/diff/0002-post-receive-email-defend-against-non-utf8-i18n.logou.diff [new file with mode: 0644] blob
debian/diff/0003-remove-interpreter-line-from-shell-libraries.diff [new file with mode: 0644] blob
debian/diff/0004-pre-rebase-hook-capture-documentation-in-a-here-docum.diff [new file with mode: 0644] blob
debian/diff/0005-transport-expose-git_tcp_connect-and-friends-in-new-t.diff [new file with mode: 0644] blob
debian/diff/0006-daemon-make-host-resolution-into-a-separate-function.diff [new file with mode: 0644] blob
debian/diff/0007-daemon-move-locate_host-to-tcp.c.diff [new file with mode: 0644] blob
debian/diff/0008-tcp-unify-ipv4-and-ipv6-code-paths.diff [new file with mode: 0644] blob
debian/diff/0009-daemon-check-for-errors-retrieving-IP-address.diff [new file with mode: 0644] blob
debian/diff/0010-transport-optionally-honor-DNS-SRV-records.diff [new file with mode: 0644] blob
debian/diff/0011-srv-be-more-tolerant-of-broken-DNS-replies.diff [new file with mode: 0644] blob
debian/diff/0012-Makefile-add-a-knob-to-turn-off-hardlinks-within-same.diff [new file with mode: 0644] blob
debian/diff/0013-git-svn-use-YAML-format-for-mergeinfo-cache-when-poss.diff [new file with mode: 0644] blob
debian/diff/0016-CVE-2015-7545-backport1.patch [new file with mode: 0644] blob
debian/diff/0017-CVE-2015-7545-backport2.patch [new file with mode: 0644] blob
debian/diff/0018-CVE-2015-7545-1.patch [new file with mode: 0644] blob
debian/diff/0019-CVE-2015-7545-2.patch [new file with mode: 0644] blob
debian/diff/0020-CVE-2015-7545-3.patch [new file with mode: 0644] blob
debian/diff/0021-CVE-2015-7545-4.patch [new file with mode: 0644] blob
debian/diff/0022-CVE-2015-7545-5.patch [new file with mode: 0644] blob
debian/diff/0023-CVE-2016-2315.patch [new file with mode: 0644] blob
debian/diff/0024-CVE-2016-2324.patch [new file with mode: 0644] blob
debian/diff/0025-CVE-2017-8386.patch [new file with mode: 0644] blob
debian/diff/0026-CVE-2017-1000117.diff [new file with mode: 0644] blob
debian/examples/index.aux-generation [new file with mode: 0644] blob
debian/git-core.postinst [new file with mode: 0644] blob
debian/git-core.preinst [new file with mode: 0644] blob
debian/git-daemon-run.README.Debian [new file with mode: 0644] blob
debian/git-daemon-run.conffiles [new file with mode: 0644] blob
debian/git-daemon-run.postinst [new file with mode: 0644] blob
debian/git-daemon-run.postrm [new file with mode: 0644] blob
debian/git-daemon-run.prerm [new file with mode: 0644] blob
debian/git-daemon-sysvinit.README.Debian [new file with mode: 0644] blob
debian/git-daemon-sysvinit.conffiles [new file with mode: 0644] blob
debian/git-daemon-sysvinit.postinst [new file with mode: 0644] blob
debian/git-daemon-sysvinit.postrm [new file with mode: 0644] blob
debian/git-daemon-sysvinit.prerm [new file with mode: 0644] blob
debian/git-daemon.default [new file with mode: 0644] blob
debian/git-daemon.init [new file with mode: 0644] blob
debian/git-daemon/log/run [new file with mode: 0644] blob
debian/git-daemon/run [new file with mode: 0644] blob
debian/git-doc.doc-base.everyday-git [new file with mode: 0644] blob
debian/git-doc.doc-base.git-bisect-lk2009 [new file with mode: 0644] blob
debian/git-doc.doc-base.git-howtos [new file with mode: 0644] blob
debian/git-doc.doc-base.git-index-format [new file with mode: 0644] blob
debian/git-doc.doc-base.git-pack-format [new file with mode: 0644] blob
debian/git-doc.doc-base.git-protocol [new file with mode: 0644] blob
debian/git-doc.doc-base.git-reference-manual [new file with mode: 0644] blob
debian/git-doc.doc-base.git-shallow-clone-design [new file with mode: 0644] blob
debian/git-doc.doc-base.git-technical [new file with mode: 0644] blob
debian/git-doc.doc-base.git-tools [new file with mode: 0644] blob
debian/git-doc.doc-base.git-trivial-merge-rules [new file with mode: 0644] blob
debian/git-doc.doc-base.git-user-manual [new file with mode: 0644] blob
debian/git-doc.doc-base.the-racy-git-problem [new file with mode: 0644] blob
debian/git-doc.docs [new file with mode: 0644] blob
debian/git-el.conffiles [new file with mode: 0644] blob
debian/git-el.emacsen-install [new file with mode: 0644] blob
debian/git-el.emacsen-remove [new file with mode: 0644] blob
debian/git-el.emacsen-startup [new file with mode: 0644] blob
debian/git-el.postinst [new file with mode: 0644] blob
debian/git-el.prerm [new file with mode: 0644] blob
debian/git.NEWS.Debian [new file with mode: 0644] blob
debian/git.README.Debian [new file with mode: 0644] blob
debian/git.README.emacs [new file with mode: 0644] blob
debian/git.README.source [new file with mode: 0644] blob
debian/git.conffiles [new file with mode: 0644] blob
debian/git.docs [new file with mode: 0644] blob
debian/git.lintian-overrides [new file with mode: 0644] blob
debian/git.postinst [new file with mode: 0644] blob
debian/git.postrm [new file with mode: 0644] blob
debian/git.preinst [new file with mode: 0644] blob
debian/git.prerm [new file with mode: 0644] blob
debian/gitweb.NEWS.Debian [new file with mode: 0644] blob
debian/gitweb.README.Debian [new file with mode: 0644] blob
debian/gitweb.apache2.conf [new file with mode: 0644] blob
debian/gitweb.conf [new file with mode: 0644] blob
debian/gitweb.conffiles [new file with mode: 0644] blob
debian/gitweb.docs [new file with mode: 0644] blob
debian/gitweb.examples [new file with mode: 0644] blob
debian/gitweb.postinst [new file with mode: 0644] blob
debian/implicit [new file with mode: 0644] blob
debian/rules [new file with mode: 0755] blob
debian/versions.upstream [new file with mode: 0644] blob
debian/watch [new file with mode: 0644] blob
Unnamed repository; edit this file 'description' to name the repository.