Package: git
Version: 1:2.39.5-0+deb12u1
Severity: important
X-Debbugs-Cc: [email protected]
Hi!
The last upgrade break common usage of git-backend-server,
probably the 'fix' for CVE-2024-32465.
git clone https://.... does not work anymore
>From my apache log:
[Sun Sep 15 13:25:25.468431 2024] [core:notice] [pid 1874118:tid 1874118]
AH00094: Command line: '/usr/sbin/apache2'
fatal: detected dubious ownership in repository at
'/home/www/git/unimodular.git'
To add an exception for this directory, call:
git config --global --add safe.directory /home/www/git/unimodular.git
Obviously the git repository is not owned by www-data.
At minimum, the debian/changelog should include a mention of the issue and a
work-around.
Cheers,
--
Bill. <[email protected]>
Imagine a large red swirl here.