rpms/git
6
0
Fork 0
Code Issues Pull Requests Releases Activity

update to 2.40.1 (CVE-2023-25652, CVE-2023-25815, CVE-2023-29007)

Browse Source 
Refer to the release notes for 2.30.9 for details of each CVE as well as
the following security advisories from the git project:

https://github.com/git/git/security/advisories/GHSA-2hvf-7c8p-28fx (CVE-2023-25652)
https://github.com/git/git/security/advisories/GHSA-v48j-4xgg-4844 (CVE-2023-29007)

(At this time there is no upstream advisory for CVE-2023-25815.  This
issue does not affect the Fedora packages as we do not use the runtime
prefix support.)

Release notes:
https://github.com/git/git/raw/v2.30.9/Documentation/RelNotes/2.30.9.txt
https://github.com/git/git/raw/v2.40.1/Documentation/RelNotes/2.40.1.txt
This commit is contained in:
Todd Zullinger 2023-04-25 13:12:02 -04:00
parent 459d08b118
commit b477fc3318
2 changed files with 6 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
git.spec
View File

@ -80,7 +80,7 @@
%global _package_note_file %{_builddir}/%{name}-%{version}%{?rcrev}/.package_note-%{name}-%{version}-%{release}.%{_arch}.ld
Name: git
Version: 2.40.0
Version: 2.40.1
Release: 1%{?rcrev}%{?dist}
Summary: Fast Version Control System
License: BSD-3-Clause AND GPL-2.0-only AND GPL-2.0-or-later AND LGPL-2.1-or-later AND MIT
@ -1035,6 +1035,9 @@ rmdir --ignore-fail-on-non-empty "$testdir"
%{?with_docs:%{_pkgdocdir}/git-svn.html}
%changelog
* Tue Apr 25 2023 Todd Zullinger <tmz@pobox.com> - 2.40.1-1
- update to 2.40.1 (CVE-2023-25652, CVE-2023-25815, CVE-2023-29007)
* Mon Mar 13 2023 Todd Zullinger <tmz@pobox.com> - 2.40.0-1
- update to 2.40.0

4
sources
View File

@ -1,2 +1,2 @@
SHA512 (git-2.40.0.tar.xz) = a2720f8f9a0258c0bb5e23badcfd68a147682e45a5d039a42c47128296c508109d5039029db89311a35db97a9008585e84ed11b400846502c9be913d67f0fd90
SHA512 (git-2.40.0.tar.sign) = 30376e2487abb247d32b080b37c008dca59067f94f93769197fc2c096ac6a433598578af852f6b343a18e57587f7ff9eac30899393abae0658d68317a5b2fe65
SHA512 (git-2.40.1.tar.xz) = 9ab41c64c6e666c314683bc4925535e037d43f947b8d327ff7d0379ac12899f4effcc2fe4e47b1ce652ad7140aa4f01f3b99f9cc0cf854cfeface1a5d3e1893e
SHA512 (git-2.40.1.tar.sign) = b8becacee3736bf2f5c661da4d3f86042544717556e8924a4f385c4966886ffe7558ef05bf5ce58c38e404c477b299f952fd83ed249802ddaf6bd4bf9f3885f8