git 1:2.7.4-0ubuntu1.4 source package in Ubuntu

Changelog

git (1:2.7.4-0ubuntu1.4) xenial-security; urgency=medium

  * SECURITY UPDATE: arbitrary code execution via
    submodule names in .gitsubmodules.
    - 0014-fsck-simplify-.git-check.patch
    - 0015-fsck-actually-fsck-blob-data.patch
    - 0016-fsck-detect-gitmodules-files.patch
    - 0017-fsck-check-.gitmodules-content.patch
    - 0018-fsck-call-fsck_finish-after-fscking-objects.patch
    - 0019-unpack-objects-call-fsck_finish-after-fscking-object.patch
    - 0020-index-pack-check-.gitmodules-files-with-strict.patch
    - CVE-2018-11235 (LP: #1774061)
  * SECURITY UPDATE: out-of-bounds memory access when sanity-checking
    pathnames on NTFS
    - 0002-is_ntfs_dotgit-use-a-size_t-for-traversing-string.patch
    - CVE-2018-11233
  * Do not allow .gitmodules to be a symlink:
    - 0003-is_hfs_dotgit-match-other-.git-files.patch
    - 0004-is_ntfs_dotgit-match-other-.git-files.patch
    - 0005-is_-hfs-ntfs-_dotgitmodules-add-tests.patch
    - 0006-skip_prefix-add-case-insensitive-variant.patch
    - 0007-verify_path-drop-clever-fallthrough.patch
    - 0008-verify_dotfile-mention-case-insensitivity-in-comment.patch
    - 0009-update-index-stat-updated-files-earlier.patch
    - 0010-verify_path-disallow-symlinks-in-.gitmodules.patch
    - 0011-sha1_file-add-read_loose_object-function.patch
    - 0012-fsck-parse-loose-object-paths-directly.patch
    - 0013-index-pack-make-fsck-error-message-more-specific.patch
    - 0021-fsck-complain-when-.gitmodules-is-a-symlink.patch
  * debian/rules: ensure added tests are executable.

 -- Steve Beattie <email address hidden>  Fri, 01 Jun 2018 23:44:15 -0700

Upload details

Uploaded by:
Steve Beattie
Uploaded to:
Xenial
Original maintainer:
Ubuntu Developers
Architectures:
any all
Section:
vcs
Urgency:
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section

Downloads

File Size SHA-256 Checksum
git_2.7.4.orig.tar.xz 3.7 MiB dee574defbe05ec7356a0842ddbda51315926f2fa7e39c2539f2c3dcc52e457b
git_2.7.4-0ubuntu1.4.debian.tar.xz 517.5 KiB bad59432397385fb7357168d8ec0e1b7bd933f3dbab88e3a8d7df2ca6b907df9
git_2.7.4-0ubuntu1.4.dsc 2.8 KiB 626c3e8fe4667cbdce808bc4ee156db020a1e3aa8c0e9c9b526f6296cd554464

View changes file

Binary packages built by this source

git: fast, scalable, distributed revision control system

 Git is popular version control system designed to handle very large
 projects with speed and efficiency; it is used for many high profile
 open source projects, most notably the Linux kernel.
 .
 Git falls in the category of distributed source code management tools.
 Every Git working directory is a full-fledged repository with full
 revision tracking capabilities, not dependent on network access or a
 central server.
 .
 This package provides the git main components with minimal dependencies.
 Additional functionality, e.g. a graphical user interface and revision
 tree visualizer, tools for interoperating with other VCS's, or a web
 interface, is provided as separate git* packages.

git-all: fast, scalable, distributed revision control system (all subpackages)

 Git is popular version control system designed to handle very large
 projects with speed and efficiency; it is used for many high profile
 open source projects, most notably the Linux kernel.
 .
 Git falls in the category of distributed source code management tools.
 Every Git working directory is a full-fledged repository with full
 revision tracking capabilities, not dependent on network access or a
 central server.
 .
 This is a dummy package which brings in all subpackages.

git-arch: fast, scalable, distributed revision control system (arch interoperability)

 Git is popular version control system designed to handle very large
 projects with speed and efficiency; it is used for many high profile
 open source projects, most notably the Linux kernel.
 .
 Git falls in the category of distributed source code management tools.
 Every Git working directory is a full-fledged repository with full
 revision tracking capabilities, not dependent on network access or a
 central server.
 .
 This package provides tools for importing development history from arch
 repositories.

git-core: fast, scalable, distributed revision control system (obsolete)

 Git is popular version control system designed to handle very large
 projects with speed and efficiency; it is used for many high profile
 open source projects, most notably the Linux kernel.
 .
 Git falls in the category of distributed source code management tools.
 Every Git working directory is a full-fledged repository with full
 revision tracking capabilities, not dependent on network access or a
 central server.
 .
 This is a transitional dummy package. The 'git-core' package has been
 renamed to 'git', which has been installed automatically. This
 git-core package is now obsolete, and can safely be removed from the
 system if no other package depends on it.

git-cvs: fast, scalable, distributed revision control system (cvs interoperability)

 Git is popular version control system designed to handle very large
 projects with speed and efficiency; it is used for many high profile
 open source projects, most notably the Linux kernel.
 .
 Git falls in the category of distributed source code management tools.
 Every Git working directory is a full-fledged repository with full
 revision tracking capabilities, not dependent on network access or a
 central server.
 .
 This package provides the git cvsimport, cvsexportcommit, and cvsserver
 tools, which allow Git to read from and write to CVS repositories and
 offer access over CVS protocol to Git repositories.
 .
 The git cvsimport tool can incrementally import from a repository that
 is being actively developed and only requires remote access over CVS
 protocol. Unfortunately, in many situations the import leads to
 incorrect results. For reliable, one-shot imports, cvs2git from the
 cvs2svn package or parsecvs may be a better fit.

git-daemon-run: fast, scalable, distributed revision control system (git-daemon service)

 Git is popular version control system designed to handle very large
 projects with speed and efficiency; it is used for many high profile
 open source projects, most notably the Linux kernel.
 .
 Git falls in the category of distributed source code management tools.
 Every Git working directory is a full-fledged repository with full
 revision tracking capabilities, not dependent on network access or a
 central server.
 .
 git-daemon, as provided by the git package, is a simple server for git
 repositories, ideally suited for read-only updates, i.e. pulling from git
 repositories through the network. This package provides a runit service
 for running git-daemon permanently.

git-daemon-sysvinit: fast, scalable, distributed revision control system (git-daemon service)

 Git is popular version control system designed to handle very large
 projects with speed and efficiency; it is used for many high profile
 open source projects, most notably the Linux kernel.
 .
 Git falls in the category of distributed source code management tools.
 Every Git working directory is a full-fledged repository with full
 revision tracking capabilities, not dependent on network access or a
 central server.
 .
 git-daemon, as provided by the git package, is a simple server for git
 repositories, ideally suited for read-only updates, i.e. pulling from git
 repositories through the network. This package provides a sysvinit service
 for running git-daemon permanently.

git-doc: fast, scalable, distributed revision control system (documentation)

 Git is popular version control system designed to handle very large
 projects with speed and efficiency; it is used for many high profile
 open source projects, most notably the Linux kernel.
 .
 Git falls in the category of distributed source code management tools.
 Every Git working directory is a full-fledged repository with full
 revision tracking capabilities, not dependent on network access or a
 central server.
 .
 This package provides the documentation.

git-el: fast, scalable, distributed revision control system (emacs support)

 Git is popular version control system designed to handle very large
 projects with speed and efficiency; it is used for many high profile
 open source projects, most notably the Linux kernel.
 .
 Git falls in the category of distributed source code management tools.
 Every Git working directory is a full-fledged repository with full
 revision tracking capabilities, not dependent on network access or a
 central server.
 .
 This package provides two modules for integration with Emacs:
 .
  * git.el:
 .
    Status manager that displays the state of all the files of the
    project and provides easy access to the most frequently used git
    commands. The user interface is intended to be similar to the
    pcl-cvs mode. It can be started with `M-x git-status'.
 .
  * git-blame.el:
 .
    Emacs implementation of incremental "git blame". When you turn it
    on while viewing a file, the editor buffer will be updated by
    setting the background of individual lines to a color that reflects
    which commit it comes from.
 .
 This package does not contain the VC-mode backend for git. That is
 part of standard Emacs distributions, starting with version 22.2.
 .
 For a more polished Emacs interface for Git, see the magit package.

git-email: fast, scalable, distributed revision control system (email add-on)

 Git is popular version control system designed to handle very large
 projects with speed and efficiency; it is used for many high profile
 open source projects, most notably the Linux kernel.
 .
 Git falls in the category of distributed source code management tools.
 Every Git working directory is a full-fledged repository with full
 revision tracking capabilities, not dependent on network access or a
 central server.
 .
 This package provides the git-send-email program for sending series of
 patch emails.

git-gui: fast, scalable, distributed revision control system (GUI)

 Git is popular version control system designed to handle very large
 projects with speed and efficiency; it is used for many high profile
 open source projects, most notably the Linux kernel.
 .
 Git falls in the category of distributed source code management tools.
 Every Git working directory is a full-fledged repository with full
 revision tracking capabilities, not dependent on network access or a
 central server.
 .
 This package provides the git graphical user interface.
 .
 If aspell is installed, it can check the spelling of commit messages
 as the user types.

git-man: fast, scalable, distributed revision control system (manual pages)

 Git is popular version control system designed to handle very large
 projects with speed and efficiency; it is used for many high profile
 open source projects, most notably the Linux kernel.
 .
 Git falls in the category of distributed source code management tools.
 Every Git working directory is a full-fledged repository with full
 revision tracking capabilities, not dependent on network access or a
 central server.
 .
 This package provides reference documentation for use by the 'man'
 utility and the 'git help' command.

git-mediawiki: fast, scalable, distributed revision control system (MediaWiki interoperability)

 Git is popular version control system designed to handle very large
 projects with speed and efficiency; it is used for many high profile
 open source projects, most notably the Linux kernel.
 .
 Git falls in the category of distributed source code management tools.
 Every Git working directory is a full-fledged repository with full
 revision tracking capabilities, not dependent on network access or a
 central server.
 .
 This package provides the mediawiki remote helper, which allows Git to
 read from and write to a wiki such as Wikipedia as though it were a
 remote Git repository, and a 'git mw' command that can show a preview
 of how wiki markup will be rendered before pushing.

git-svn: fast, scalable, distributed revision control system (svn interoperability)

 Git is popular version control system designed to handle very large
 projects with speed and efficiency; it is used for many high profile
 open source projects, most notably the Linux kernel.
 .
 Git falls in the category of distributed source code management tools.
 Every Git working directory is a full-fledged repository with full
 revision tracking capabilities, not dependent on network access or a
 central server.
 .
 This package provides tools for interoperating with Subversion repositories,
 and importing SVN development history.

gitk: fast, scalable, distributed revision control system (revision tree visualizer)

 Git is popular version control system designed to handle very large
 projects with speed and efficiency; it is used for many high profile
 open source projects, most notably the Linux kernel.
 .
 Git falls in the category of distributed source code management tools.
 Every Git working directory is a full-fledged repository with full
 revision tracking capabilities, not dependent on network access or a
 central server.
 .
 This package provides the gitk program, a tcl/tk revision tree visualizer.

gitweb: fast, scalable, distributed revision control system (web interface)

 Git is popular version control system designed to handle very large
 projects with speed and efficiency; it is used for many high profile
 open source projects, most notably the Linux kernel.
 .
 Git falls in the category of distributed source code management tools.
 Every Git working directory is a full-fledged repository with full
 revision tracking capabilities, not dependent on network access or a
 central server.
 .
 This package configures a web interface for browsing git repositories.
 .
 If apache2 is installed, the web interface is automatically made
 available at http://localhost/gitweb. Other servers that support CGI
 or mod_perl are supported through manual configuration.
 .
 If libcgi-fast-perl is installed, gitweb can also be run over FastCGI
 (and served by nginx, for example).