Hello community, here is the log from the commit of package git for openSUSE:Factory checked in at 2019-10-03 14:10:04 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/git (Old) and /work/SRC/openSUSE:Factory/.git.new.2352 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "git" Thu Oct 3 14:10:04 2019 rev:238 rq:734750 version:2.23.0 Changes: -------- --- /work/SRC/openSUSE:Factory/git/git.changes 2019-08-27 15:20:02.860881288 +0200 +++ /work/SRC/openSUSE:Factory/.git.new.2352/git.changes 2019-10-03 14:10:05.312003217 +0200 @@ -1,0 +2,9 @@ +Thu Oct 3 08:51:28 UTC 2019 - Marketa Calabkova <[email protected]> + +- These patches have been merged upstream a long time ago, no longer needed: + * 0001-submodule-helper-use-to-signal-end-of-clone-options.patch + * 0002-submodule-config-ban-submodule-urls-that-start-with-.patch + * 0003-submodule-config-ban-submodule-paths-that-start-with.patch + * git-mark-path-lookup-errors.patch + +------------------------------------------------------------------- @@ -215,0 +225,6 @@ +Mon Nov 26 14:14:19 UTC 2018 - Marketa Calabkova <[email protected]> + +- fix CVE-2018-19486 (bsc#1117257) + * git-mark-path-lookup-errors.patch + +------------------------------------------------------------------- @@ -221,0 +237,9 @@ +Mon Oct 8 16:38:04 CEST 2018 - [email protected] + +- Fix VUL-0: arbitrary code execution via .gitmodules + (CVE-2018-17456, bsc#1110949): + 0001-submodule-helper-use-to-signal-end-of-clone-options.patch + 0002-submodule-config-ban-submodule-urls-that-start-with-.patch + 0003-submodule-config-ban-submodule-paths-that-start-with.patch + +------------------------------------------------------------------- @@ -313,0 +338,9 @@ + +------------------------------------------------------------------- +Wed May 30 16:11:19 CEST 2018 - [email protected] + +- Update to git 2.16.4: security fix release + * path sanity-checks on NTFS can read arbitrary memory + (CVE-2018-11233, bsc#1095218) + * arbitrary code execution when recursively cloning a malicious + repository (CVE-2018-11235, bsc#1095219) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------
