#12888: git-2.24.1
-------------------------+-----------------------
Reporter: ken@… | Owner: blfs-book
Type: enhancement | Status: new
Priority: high | Milestone: 9.1
Component: BOOK | Version: SVN
Severity: normal | Keywords:
-------------------------+-----------------------
Announced on lkml among other places
Today, the Git project is releasing the following Git versions:
v2.24.1, v2.23.1, v2.22.2, v2.21.1, v2.20.2, v2.19.3, v2.18.2,
v2.17.3, v2.16.6, v2.15.4, and v2.14.6
These releases fix various security flaws, which allowed an attacker
to overwrite arbitrary paths, remotely execute code, and/or overwrite
files in the .git/ directory etc. See the release notes attached for
the list for their descriptions and CVE identifiers.
Users of the affected maintenance tracks are urged to upgrade.
These flaws were discovered and reported by Joern Schneeweisz of
GitLab and by Microsoft Security Response Center (and in particular
Nicolas Joly), and were fixed by Johannes Schindelin, Jeff King,
Garima Singh and Jonathan Nieder on the git-security mailing list.
The release engineering and coordination was led by Johannes
Schindelin.
Git v2.24.1 Release Notes
=========================
This release merges up the fixes that appear in v2.14.6, v2.15.4,
v2.17.3, v2.20.2 and in v2.21.1, addressing the security issues
CVE-2019-1348, CVE-2019-1349, CVE-2019-1350, CVE-2019-1351,
CVE-2019-1352, CVE-2019-1353, CVE-2019-1354, CVE-2019-1387, and
CVE-2019-19604; see the release notes for those versions for details.
--
Ticket URL: <http://wiki.linuxfromscratch.org/blfs/ticket/12888>
BLFS Trac <http://wiki.linuxfromscratch.org/blfs>
Beyond Linux From Scratch
--
http://lists.linuxfromscratch.org/listinfo/blfs-book
FAQ: http://www.linuxfromscratch.org/blfs/faq.html
Unsubscribe: See the above information page
