Publishing details
Changelog
git (1:2.25.1-1ubuntu3~ubuntu18.04.1~ppa1) bionic; urgency=medium
* No-change backport to bionic
git (1:2.25.1-1ubuntu3) focal; urgency=medium
* SECURITY UPDATE: credential helper issue with missing host or scheme
- debian/patches/CVE-2020-11008-1.patch: make "quit" helper more
realistic in t/t0300-credentials.sh.
- debian/patches/CVE-2020-11008-2.patch: use more realistic inputs in
t/t0300-credentials.sh.
- debian/patches/CVE-2020-11008-3.patch: parse URL without host as
empty host, not unset in credential.c, http.c,
t/t0300-credentials.sh.
- debian/patches/CVE-2020-11008-4.patch: refuse to operate when missing
host or protocol in credential.c, t/t0300-credentials.sh.
- debian/patches/CVE-2020-11008-5.patch: convert gitmodules url to URL
passed to curl in fsck.c, t/t7416-submodule-dash-url.sh.
- debian/patches/CVE-2020-11008-6.patch: die() when parsing invalid
urls in credential.c, t/t0300-credentials.sh.
- debian/patches/CVE-2020-11008-7.patch: treat URL without scheme as
invalid in credential.c, fsck.c, t/t5550-http-fetch-dumb.sh,
t/t7416-submodule-dash-url.sh.
- debian/patches/CVE-2020-11008-8.patch: treat URL with empty scheme as
invalid in credential.c, t/t5550-http-fetch-dumb.sh,
t/t7416-submodule-dash-url.sh.
- debian/patches/CVE-2020-11008-9.patch: reject URL with empty host in
.gitmodules in fsck.c, t/t7416-submodule-dash-url.sh.
- CVE-2020-11008
git (1:2.25.1-1ubuntu2) focal; urgency=medium
* SECURITY UPDATE: credential helper issue with newlines in URL
- debian/patches/CVE-2020-5260-1.patch: avoid writing values with
newlines in credential.c, t/t0300-credentials.sh.
- debian/patches/CVE-2020-5260-2.patch: use test_i18ncmp to check
stderr in t/lib-credential.sh.
- debian/patches/CVE-2020-5260-3.patch: detect unrepresentable values
when parsing urls in credential.c, credential.h,
t/t0300-credentials.sh.
- debian/patches/CVE-2020-5260-4.patch: detect gitmodules URLs with
embedded newlines in fsck.c, t/t7416-submodule-dash-url.sh.
- CVE-2020-5260
git (1:2.25.1-1ubuntu1) focal; urgency=low
* Merge from Debian unstable. Remaining changes:
- Build diff-highlight in the contrib dir (closes: #868871, LP: #1713690)
- Don't build-depend on subversion on i386, it is not reasonable to
support on the partial arch.
git (1:2.25.1-1) unstable; urgency=low
* new upstream point release (see RelNotes/2.25.1.txt).
* update debian/copyright.
* debian/control: remove Gerrit Pape from the Maintainer field,
as requested. Thanks to Gerrit for putting together this
package in a way that has been pleasant to maintain.
* debian/rules: use "dpkg-architecture" instead of "uname -m" to
retrieve host arch. This makes the resulting "git version
--build-options" more predictable when building for i386 on an
amd64 machine (thx to Ceridwen for detecting this in reprotest).
git (1:2.25.0-1ubuntu1) focal; urgency=medium
* Resynchronise with Debian. Remaining changes:
- Build diff-highlight in the contrib dir (closes: #868871, LP: #1713690)
- Don't build-depend on subversion on i386, it is not reasonable to
support on the partial arch.
git (1:2.25.0-1) unstable; urgency=low
* new upstream release (see RelNotes/2.25.0.txt).
* build against Python 3 (thx Steve Langasek, closes: #948832).
git (1:2.25.0~rc2-1) unstable; urgency=low
* new upstream release candidate.
git (1:2.25.0~rc1-1) unstable; urgency=low
* new upstream release candidate.
git (1:2.25.0~rc0-1) unstable; urgency=low
* new upstream release candidate (see RelNotes/2.25.0.txt).
git (1:2.24.1-1) unstable; urgency=low
* update to use upstream tarball for 2.24.1.
git (1:2.24.0-2) unstable; urgency=high
* new upstream point release (see RelNotes/2.24.1.txt).
* Addresses the security issues CVE-2019-1348, CVE-2019-1349,
CVE-2019-1350, CVE-2019-1351, CVE-2019-1352, CVE-2019-1353,
CVE-2019-1354, and CVE-2019-1387.
Credit for finding these vulnerabilities goes to Microsoft
Security Response Center, in particular to Nicolas Joly. Fixes
were provided by Jeff King and Johannes Schindelin with help
from Garima Singh.
* Addresses CVE-2019-19604, arbitrary code execution via the
"update" field in .gitmodules.
Credit for finding this vulnerability goes to Joern
Schneeweisz from GitLab.
git (1:2.24.0-1ubuntu2) focal; urgency=medium
* Don't build-depend on subversion on i386, it is not reasonable to
support on the partial arch.
* Set PYTHON_PATH=/usr/bin/python2 and build-depend on python2 not python.
git (1:2.24.0-1ubuntu1) focal; urgency=medium
* Resynchronise with Debian. Remaining changes:
- Build diff-highlight in the contrib dir (closes: #868871, LP: #1713690)
git (1:2.24.1-1) unstable; urgency=low
* update to use upstream tarball for 2.24.1.
git (1:2.24.0-2) unstable; urgency=high
* new upstream point release (see RelNotes/2.24.1.txt).
* Addresses the security issues CVE-2019-1348, CVE-2019-1349,
CVE-2019-1350, CVE-2019-1351, CVE-2019-1352, CVE-2019-1353,
CVE-2019-1354, and CVE-2019-1387.
Credit for finding these vulnerabilities goes to Microsoft
Security Response Center, in particular to Nicolas Joly. Fixes
were provided by Jeff King and Johannes Schindelin with help
from Garima Singh.
* Addresses CVE-2019-19604, arbitrary code execution via the
"update" field in .gitmodules.
Credit for finding this vulnerability goes to Joern
Schneeweisz from GitLab.
git (1:2.24.0-1) unstable; urgency=medium
* new upstream release (see RelNotes/2.24.0.txt).
git (1:2.24.0~rc2-1) unstable; urgency=low
* new upstream release candidate.
git (1:2.24.0~rc1-1) unstable; urgency=medium
* new upstream release candidate.
* test-tool: read --total as an int, not uint64 (thx John Paul Adrian
Glaubitz; closes: #942674)
git (1:2.24.0~rc0-1) unstable; urgency=medium
* new upstream release candidate (see RelNotes/2.24.0.txt).
git (1:2.23.0-1) unstable; urgency=medium
* new upstream release (see RelNotes/2.23.0.txt).
git (1:2.23.0~rc1-1) unstable; urgency=low
* new upstream release candidate.
* tests: sort output of hashmap iteration (closes: #933519)
git (1:2.23.0~rc0-1) unstable; urgency=low
* new upstream release candidate (see RelNotes/2.23.0.txt).
git (1:2.22.0-1) unstable; urgency=low
* new upstream release (see RelNotes/2.21.0.txt, RelNotes/2.22.0.txt).
git (1:2.20.1-2ubuntu1) disco; urgency=medium
* Merge with Debian; remaining change:
- Build diff-highlight in the contrib dir (closes: #868871, LP: #1713690)
* Dropped change:
- Build against pcre3 (pcre2 is now in main) (LP: #1792544)
git (1:2.20.1-2) unstable; urgency=low
* package git-gui: actually Suggests: meld for mergetool support;
describe what meld is used for in package description (thx Jens
Reyer; closes: #707790).
* package gitweb: Depends: libhttp-date-perl | libtime-parsedate-perl
instead of ... | libtime-modules-perl (thx gregor herrmann; closes:
#879165).
* debian/control: use https in Vcs-Browser URL.
* debian/rules: build and test quietly if DEB_BUILD_OPTIONS=terse.
* debian/control: Standards-Version: 4.3.0.1.
git (1:2.20.1-1) unstable; urgency=medium
* new upstream point release (see RelNotes/2.20.1.txt).
* package git-gui: Suggests: meld for mergetool support (thx Jens
Reyer; closes: #707790).
git (1:2.20.0-1) unstable; urgency=medium
* new upstream release (see RelNotes/2.20.0.txt).
* package git: Recommends: ca-certificates for https support (thx HJ;
closes: #915644).
git (1:2.20.0~rc2-1) unstable; urgency=low
* new upstream release candidate.
* rebase: specify 'rebase -i' in reflog for interactive rebase
(closes: #914695).
git (1:2.20.0~rc1-1) unstable; urgency=low
* new upstream release candidate (see RelNotes/2.20.0.txt).
* debian/rules: target clean: don't remove t/t4256/1/mailinfo.c.orig.
git (1:2.19.2-1) unstable; urgency=high
* new upstream point release (see RelNotes/2.19.2.txt).
* run-command: do not fall back to cwd when command is not in $PATH.
git (1:2.19.1-1ubuntu1) cosmic; urgency=medium
* Merge with Debian; remaining changes:
- debian/control: build against pcre v3 only
- debian/rules: s390x libpcre3 library has JIT disabled, set
NO_LIBPCRE1_JIT on that arch to stop the build from failing.
- Build diff-highlight in the contrib dir (closes: #868871, LP: #1713690)
git (1:2.19.1-1) unstable; urgency=high
* new upstream point release (see RelNotes/2.19.1.txt,
CVE-2018-17456).
git (1:2.19.0-1ubuntu1) cosmic; urgency=medium
* Merge with Debian; remaining changes:
- debian/control: build against pcre v3 only
- debian/rules: s390x libpcre3 library has JIT disabled, set
NO_LIBPCRE1_JIT on that arch to stop the build from failing.
- Build diff-highlight in the contrib dir (closes: #868871, LP: #1713690)
git (1:2.19.0-1) unstable; urgency=low
* new upstream release (see RelNotes/2.19.0.txt).
* debian/patches/0001-*, 0002-*: remove; applied upstream.
git (1:2.19.0~rc2-2) unstable; urgency=low
* debian/patches:
* 0001-http-backend-allow-empty-CONTENT_LENGTH: new from
upstream: http-backend: treat empty CONTENT_LENGTH as absent
(closes: #907587).
* 0002-Revert-Merge-branch-sb-submodule-core-worktree.diff: new
from upstream: stop setting and unsetting core.worktree in
submodules, since the code to do so does not handle submodules
with an embedded .git directory (thx Allan Sandfeld Jensen).
git (1:2.19.0~rc2-1) unstable; urgency=low
* new upstream release candidate.
git (1:2.19.0~rc1-1) unstable; urgency=low
* new upstream release candidate (see RelNotes/2.19.0.txt).
* debian/control: Standards-Version: 4.1.5.0.
git (1:2.18.0-1) unstable; urgency=low
* new upstream release (see RelNotes/2.18.0.txt).
git (1:2.18.0~rc2-2) unstable; urgency=low
* debian/control: Breaks: dgit (<< 5.1~) that lacks support
for working-tree-encoding attribute (thx Ian Jackson;
closes: #901897).
git (1:2.18.0~rc2-1) unstable; urgency=low
* new upstream release candidate.
* debian/README.emacs: describe removed emacs support.
* debian/control: package git-el: describe transitional
modules; Recommends: elpa-magit.
git (1:2.17.1-1ubuntu2) cosmic; urgency=medium
* Build diff-highlight in the contrib dir (closes: #868871, LP: #1713690)
git (1:2.17.1-1ubuntu1) cosmic; urgency=medium
* Merge with Debian; remaining changes:
- debian/control: build against pcre v3 only
- debian/rules: s390x libpcre3 library has JIT disabled, set
NO_LIBPCRE1_JIT on that arch to stop the build from failing.
-- Thiago F Pappacena <email address hidden> Tue, 11 Aug 2020 12:05:36 -0300
Builds
Built packages
-
git
fast, scalable, distributed revision control system
-
git-all
fast, scalable, distributed revision control system (all subpackages)
-
git-cvs
fast, scalable, distributed revision control system (cvs interoperability)
-
git-daemon-run
fast, scalable, distributed revision control system (git-daemon service)
-
git-daemon-sysvinit
fast, scalable, distributed revision control system (git-daemon service)
-
git-doc
fast, scalable, distributed revision control system (documentation)
-
git-el
fast, scalable, distributed revision control system (emacs support)
-
git-email
fast, scalable, distributed revision control system (email add-on)
-
git-gui
fast, scalable, distributed revision control system (GUI)
-
git-man
fast, scalable, distributed revision control system (manual pages)
-
git-mediawiki
fast, scalable, distributed revision control system (MediaWiki remote helper)
-
git-svn
fast, scalable, distributed revision control system (svn interoperability)
-
gitk
fast, scalable, distributed revision control system (revision tree visualizer)
-
gitweb
fast, scalable, distributed revision control system (web interface)
Package files