Format: 1.8
Date: Fri, 11 Dec 2015 12:48:13 -0500
Source: git
Binary: git git-man git-core git-doc git-arch git-cvs git-svn git-mediawiki git-email git-daemon-run git-daemon-sysvinit git-gui gitk git-el gitweb git-all
Architecture: i386 i386_translations
Version: 1:2.5.0-1ubuntu0.1
Distribution: wily
Urgency: medium
Maintainer: Launchpad Build Daemon <buildd@lgw01-39.buildd>
Changed-By: Marc Deslauriers <marc.deslauriers@ubuntu.com>
Description:
 git        - fast, scalable, distributed revision control system
 git-all    - fast, scalable, distributed revision control system (all subpacka
 git-arch   - fast, scalable, distributed revision control system (arch interop
 git-core   - fast, scalable, distributed revision control system (obsolete)
 git-cvs    - fast, scalable, distributed revision control system (cvs interope
 git-daemon-run - fast, scalable, distributed revision control system (git-daemon s
 git-daemon-sysvinit - fast, scalable, distributed revision control system (git-daemon s
 git-doc    - fast, scalable, distributed revision control system (documentatio
 git-el     - fast, scalable, distributed revision control system (emacs suppor
 git-email  - fast, scalable, distributed revision control system (email add-on
 git-gui    - fast, scalable, distributed revision control system (GUI)
 git-man    - fast, scalable, distributed revision control system (manual pages
 git-mediawiki - fast, scalable, distributed revision control system (MediaWiki in
 git-svn    - fast, scalable, distributed revision control system (svn interope
 gitk       - fast, scalable, distributed revision control system (revision tre
 gitweb     - fast, scalable, distributed revision control system (web interfac
Changes:
 git (1:2.5.0-1ubuntu0.1) wily-security; urgency=medium
 .
   * SECURITY UPDATE: arbitrary code execution issues via URLs
     - debian/diff/0008-CVE-2015-7545-1.patch: add a protocol-whitelist
       environment variable.
     - debian/diff/0009-CVE-2015-7545-2.patch: allow only certain protocols
       for submodule fetches.
     - debian/diff/0010-CVE-2015-7545-3.patch: refactor protocol whitelist
       code.
     - debian/diff/0011-CVE-2015-7545-4.patch: limit redirection to
       protocol-whitelist.
     - debian/diff/0012-CVE-2015-7545-5.patch: limit redirection depth.
     - debian/rules: make new tests executable.
     - CVE-2015-7545
Checksums-Sha1:
 0676256526ec41feec00754f38d713c2bc627a46 3129940 git_2.5.0-1ubuntu0.1_i386.deb
 5401ed73c09b3e08534484d6c1736aec87399fb4 1889701 git_2.5.0-1ubuntu0.1_i386_translations.tar.gz
Checksums-Sha256:
 b5baf366a74efb486461f7155cad2d0db2c7826c5fd11c01d7111882d23443be 3129940 git_2.5.0-1ubuntu0.1_i386.deb
 513a879a1bf2196cf26e23e840b5e1b33cadf8762bc5ad8fd55eeb780aa8a7f4 1889701 git_2.5.0-1ubuntu0.1_i386_translations.tar.gz
Files:
 3783367bd0cc5b6203e9f64640f145b1 3129940 vcs optional git_2.5.0-1ubuntu0.1_i386.deb
 8edf676eb42b5cf0d574f77afdca52ba 1889701 raw-translations - git_2.5.0-1ubuntu0.1_i386_translations.tar.gz
Original-Maintainer: Gerrit Pape <pape@smarden.org>