From: Raspbian forward pporter <root@raspbian.org>
Date: Tue, 3 Oct 2017 01:50:14 +0000 (+0100)
Subject: Merge version 1:1.7.10.4-1+wheezy5+rpi1 and 1:1.7.10.4-1+wheezy6 to produce 1:1.7... 
X-Git-Tag: archive/raspbian/1%1.7.10.4-1+wheezy6+rpi1^0
X-Git-Url: https://dgit.raspbian.org/?a=commitdiff_plain;h=00bdf36a8acc703279dd3390004e857a398fe458;p=git.git

Merge version 1:1.7.10.4-1+wheezy5+rpi1 and 1:1.7.10.4-1+wheezy6 to produce 1:1.7.10.4-1+wheezy6+rpi1
---

00bdf36a8acc703279dd3390004e857a398fe458
diff --cc debian/changelog
index 425eb8e,6b84d7f..20957df
--- a/debian/changelog
+++ b/debian/changelog
@@@ -1,25 -1,13 +1,36 @@@
- git (1:1.7.10.4-1+wheezy5+rpi1) wheezy-staging; urgency=medium
++git (1:1.7.10.4-1+wheezy6+rpi1) wheezy-staging; urgency=medium
 +
 +  [changes brought forward from 1:1.7.10.4-1+wheezy1+rpi1 by Peter Michael Green <plugwash@raspbian.org> at Sun, 25 Nov 2012 13:13:58 +0000]
 +  * Disable testsuite
 +
 +  [changes brought forward from 1:1.7.10.4-1+wheezy1+rpi2 by Peter Michael Green <plugwash@raspbian.org> at Sun, 14 Apr 2013 13:54:01 +0000]
 +  * Adopt patches from sid version 1:1.7.10.4-2 for new subversion, renumber
 +    them to high numbers so they stay at the end of the list in the face of
 +    future wheezy changes.
 +    * 0113...0130: new from the upstream 'master' branch: git svn:
 +      adapt to svn 1.7 changes:
 +      * normalize paths and URLs passed to Subversion (thx Michael G.
 +        Schwern; closes: #678137)
 +      * use correct "svn cp" syntax when checking git svn's mangling
 +        of @-signs in branch names (svn became stricter).
 +      * commit filetype changes between a regular file and symlink as
 +        replacement (deletion followed by addition) instead of
 +        modification of files.  Otherwise, clients pulling the change
 +        with "svn update" hit an assertion failure (svn issue 4091).
 +  * Renable testsuite
 +
-  -- Raspbian forward porter <root@raspbian.org>  Fri, 01 Sep 2017 04:07:56 +0000
++ -- Raspbian forward porter <root@raspbian.org>  Tue, 03 Oct 2017 01:50:14 +0000
++
+ git (1:1.7.10.4-1+wheezy6) wheezy-security; urgency=high
+ 
+   * Non-maintainer upload by the LTS Security Team.
+   * Fix CVE-2017-14867: Git uses unsafe Perl scripts to support
+     subcommands such as cvsserver, which allows attackers to execute
+     arbitrary OS commands via shell metacharacters in a module name. The
+     vulnerable code is reachable via git-shell even without CVS
+     support. (Closes: #876854)
+ 
+  -- Antoine Beaupré <anarcat@debian.org>  Mon, 02 Oct 2017 15:47:26 -0400
  
  git (1:1.7.10.4-1+wheezy5) wheezy-security; urgency=high