*** This bug is a security vulnerability *** Public security bug reported:
The fix for CVE-2022-24765 introduced a few regressions in safe.directory. The '-c' option is not respected with safe.directory, and therefore this commit needs to be backported on jammy and below: https://github.com/git/git/commit/6061601d9f1f1c95da5f9304c319218f7cc3ec75 Additionally, on focal and below, the backport of the following commit is incomplete as the config options aren't checked, which means that the fix is incomplete: https://github.com/git/git/commit/800a7f99a8776b18a48cf9c1b0f9418bf4644bbd ** Affects: git (Ubuntu) Importance: Undecided Assignee: Hlib Korzhynskyy (hlibk) Status: In Progress ** Changed in: git (Ubuntu) Status: New => In Progress ** Changed in: git (Ubuntu) Assignee: (unassigned) => Hlib Korzhynskyy (hlibk) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2142239 Title: CVE-2022-24765 regression for setting safe.directory To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/git/+bug/2142239/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
