-
git (1:2.5.0-1ubuntu0.2) wily-security; urgency=medium
* SECURITY UPDATE: Fix denial of service or possible arbitrary remote code
execution (LP: #1557787)
- debian/diff/0013-CVE-2016-2315.patch: Be explicit about the amount of
memory being copied
- CVE-2016-2315
* SECURITY UPDATE: Fix denial of service or possible arbitrary remote code
execution
- debian/diff/0014-CVE-2016-2324.patch: Use the correct type and maximum
size checks when calculating string lengths to prevent integer overflow
- CVE-2016-2324
-- Tyler Hicks <email address hidden> Mon, 21 Mar 2016 09:40:02 -0500
-
git (1:2.5.0-1ubuntu0.1) wily-security; urgency=medium
* SECURITY UPDATE: arbitrary code execution issues via URLs
- debian/diff/0008-CVE-2015-7545-1.patch: add a protocol-whitelist
environment variable.
- debian/diff/0009-CVE-2015-7545-2.patch: allow only certain protocols
for submodule fetches.
- debian/diff/0010-CVE-2015-7545-3.patch: refactor protocol whitelist
code.
- debian/diff/0011-CVE-2015-7545-4.patch: limit redirection to
protocol-whitelist.
- debian/diff/0012-CVE-2015-7545-5.patch: limit redirection depth.
- debian/rules: make new tests executable.
- CVE-2015-7545
-- Marc Deslauriers <email address hidden> Fri, 11 Dec 2015 12:48:13 -0500
-
git (1:2.5.0-1) unstable; urgency=low
* new upstream release (see RelNotes/2.5.0.txt).
-- Jonathan Nieder <email address hidden> Tue, 28 Jul 2015 10:47:13 -0700
-
git (1:2.4.6-1) unstable; urgency=medium
* new upstream release (see RelNotes/2.[234].*.txt).
* debian/rules: use install-html target for git-subtree docs
(see #768795).
* gitweb: Pre-Depends: dpkg 1.16.1 for -noawait support.
* gitweb.apache2.conf: make configuration conditional on MIME
support (thx Uwe Storbeck; closes: #775236).
-- Jonathan Nieder <email address hidden> Tue, 21 Jul 2015 12:08:09 -0700
-
git (1:2.1.4-2.1) unstable; urgency=medium
* Non-maintainer upload.
* Use interest-noawait triggers for gitweb to avoid a
trigger cycle. (Closes: #774607)
-- Niels Thykier <email address hidden> Mon, 02 Feb 2015 19:42:37 +0100
