import UBI git-2.43.7-1.el8_10

.git.metadata

@@ -1,2 +1,2 @@
-7577a22e233e892dba5cf19a3a57cef2062d01e6 SOURCES/git-2.43.5.tar.sign
+ee5544e5682b2dd8bc7cfe0cf8952eb4f04a308f SOURCES/git-2.43.7.tar.sign
-31decef72034ae36c8098a9e6bb13a7dd4859fd9 SOURCES/git-2.43.5.tar.xz
+4034a9389fe34767a272d7085e9e7d93fb5ff18f SOURCES/git-2.43.7.tar.xz

.gitignore

@@ -1,2 +1,2 @@
-SOURCES/git-2.43.5.tar.sign
+SOURCES/git-2.43.7.tar.sign
-SOURCES/git-2.43.5.tar.xz
+SOURCES/git-2.43.7.tar.xz

SOURCES/git-2.43.5-sanitize-sideband-channel-messages.patch

@@ -0,0 +1,219 @@
+From 13bb730859857c97f298e9a8c7b68fe00074b3d0 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Ond=C5=99ej=20Poho=C5=99elsk=C3=BD?= <opohorel@redhat.com>
+Date: Thu, 3 Apr 2025 14:46:53 +0200
+Subject: [PATCH] Adds the option to sanitize sideband channel messages
+
+CVE-2024-52005 wasn't fixed by upstream. This patch adds the option
+to harden Git against it.
+The default behaviour of Git remains unchanged.
+
+Changes are taken from Git for Windows. The only differences are that
+by default we are allowing all control characters, the documentation
+reflects it and one of the tests has to be invoked with a config
+change: `sideband.allowControlCharacters=color`
+
+These commits can also be seen in this upstream PR:
+https://github.com/gitgitgadget/git/pull/1853
+---
+ Documentation/config.txt            |  2 +
+ Documentation/config/sideband.txt   | 16 ++++++
+ sideband.c                          | 78 ++++++++++++++++++++++++++++-
+ t/t5409-colorize-remote-messages.sh | 30 +++++++++++
+ 4 files changed, 124 insertions(+), 2 deletions(-)
+ create mode 100644 Documentation/config/sideband.txt
+
+diff --git a/Documentation/config.txt b/Documentation/config.txt
+index e3a74dd1c1..5b8bbdee82 100644
+--- a/Documentation/config.txt
++++ b/Documentation/config.txt
+@@ -513,6 +513,8 @@ include::config/sequencer.txt[]
+ 
+ include::config/showbranch.txt[]
+ 
++include::config/sideband.txt[]
++
+ include::config/sparse.txt[]
+ 
+ include::config/splitindex.txt[]
+diff --git a/Documentation/config/sideband.txt b/Documentation/config/sideband.txt
+new file mode 100644
+index 0000000000..1adc831667
+--- /dev/null
++++ b/Documentation/config/sideband.txt
+@@ -0,0 +1,16 @@
++sideband.allowControlCharacters::
++	By default, control characters that are delivered via the sideband
++	are NOT masked. Use this config setting to prevent potentially
++	unwanted ANSI escape sequences from being sent to the terminal:
+++
++--
++	color::
++		Allow ANSI color sequences, line feeds and horizontal tabs,
++		but mask all other control characters.
++	false::
++		Mask all control characters other than line feeds and
++		horizontal tabs.
++	true::
++		Allow all control characters to be sent to the terminal.
++        This is the default.
++--
+\ No newline at end of file
+diff --git a/sideband.c b/sideband.c
+index 266a67342b..316a401a5d 100644
+--- a/sideband.c
++++ b/sideband.c
+@@ -23,6 +23,12 @@ static struct keyword_entry keywords[] = {
+ 	{ "error",	GIT_COLOR_BOLD_RED },
+ };
+ 
++static enum {
++	ALLOW_NO_CONTROL_CHARACTERS = 0,
++	ALLOW_ALL_CONTROL_CHARACTERS = 1,
++	ALLOW_ANSI_COLOR_SEQUENCES = 2
++} allow_control_characters = ALLOW_ALL_CONTROL_CHARACTERS;
++
+ /* Returns a color setting (GIT_COLOR_NEVER, etc). */
+ static int use_sideband_colors(void)
+ {
+@@ -36,6 +42,25 @@ static int use_sideband_colors(void)
+ 	if (use_sideband_colors_cached >= 0)
+ 		return use_sideband_colors_cached;
+ 
++	switch (git_config_get_maybe_bool("sideband.allowcontrolcharacters", &i)) {
++	case 0: /* Boolean value */
++		allow_control_characters = i ? ALLOW_ALL_CONTROL_CHARACTERS :
++			ALLOW_NO_CONTROL_CHARACTERS;
++		break;
++	case -1: /* non-Boolean value */
++		if (git_config_get_string_tmp("sideband.allowcontrolcharacters",
++							&value))
++			; /* huh? `get_maybe_bool()` returned -1 */
++		else if (!strcmp(value, "color"))
++			allow_control_characters = ALLOW_ANSI_COLOR_SEQUENCES;
++		else
++			warning(_("unrecognized value for `sideband."
++					"allowControlCharacters`: '%s'"), value);
++		break;
++	default:
++		break; /* not configured */
++	}
++
+ 	if (!git_config_get_string(key, &value)) {
+ 		use_sideband_colors_cached = git_config_colorbool(key, value);
+ 	} else if (!git_config_get_string("color.ui", &value)) {
+@@ -64,6 +89,55 @@ void list_config_color_sideband_slots(struct string_list *list, const char *pref
+ 		list_config_item(list, prefix, keywords[i].keyword);
+ }
+ 
++static int handle_ansi_color_sequence(struct strbuf *dest, const char *src, int n)
++{
++	int i;
++
++	/*
++	 * Valid ANSI color sequences are of the form
++	 *
++	 * ESC [ [<n> [; <n>]*] m
++	 */
++
++	if (allow_control_characters != ALLOW_ANSI_COLOR_SEQUENCES ||
++	    n < 3 || src[0] != '\x1b' || src[1] != '[')
++		return 0;
++
++	for (i = 2; i < n; i++) {
++		if (src[i] == 'm') {
++			strbuf_add(dest, src, i + 1);
++			return i;
++		}
++		if (!isdigit(src[i]) && src[i] != ';')
++			break;
++	}
++
++	return 0;
++}
++
++static void strbuf_add_sanitized(struct strbuf *dest, const char *src, int n)
++{
++	int i;
++
++	if (allow_control_characters == ALLOW_ALL_CONTROL_CHARACTERS) {
++			strbuf_add(dest, src, n);
++			return;
++		}
++	
++	strbuf_grow(dest, n);
++	for (; n && *src; src++, n--) {
++		if (!iscntrl(*src) || *src == '\t' || *src == '\n')
++			strbuf_addch(dest, *src);
++		else if ((i = handle_ansi_color_sequence(dest, src, n))) {
++				src += i;
++				n -= i;
++		} else {
++			strbuf_addch(dest, '^');
++			strbuf_addch(dest, 0x40 + *src);
++		}
++	}
++}
++
+ /*
+  * Optionally highlight one keyword in remote output if it appears at the start
+  * of the line. This should be called for a single line only, which is
+@@ -79,7 +153,7 @@ static void maybe_colorize_sideband(struct strbuf *dest, const char *src, int n)
+ 	int i;
+ 
+ 	if (!want_color_stderr(use_sideband_colors())) {
+-		strbuf_add(dest, src, n);
++		strbuf_add_sanitized(dest, src, n);
+ 		return;
+ 	}
+ 
+@@ -112,7 +186,7 @@ static void maybe_colorize_sideband(struct strbuf *dest, const char *src, int n)
+ 		}
+ 	}
+ 
+-	strbuf_add(dest, src, n);
++	strbuf_add_sanitized(dest, src, n);
+ }
+ 
+ 
+diff --git a/t/t5409-colorize-remote-messages.sh b/t/t5409-colorize-remote-messages.sh
+index fa5de4500a..3b5ff00363 100755
+--- a/t/t5409-colorize-remote-messages.sh
++++ b/t/t5409-colorize-remote-messages.sh
+@@ -98,4 +98,34 @@ test_expect_success 'fallback to color.ui' '
+ 	grep "<BOLD;RED>error<RESET>: error" decoded
+ '
+ 
++test_expect_success 'disallow (color) control sequences in sideband' '
++	write_script .git/color-me-surprised <<-\EOF &&
++	printf "error: Have you \\033[31mread\\033[m this?\\a\\n" >&2
++	exec "$@"
++	EOF
++	test_config_global uploadPack.packObjectshook ./color-me-surprised &&
++	test_commit need-at-least-one-commit &&
++	git -c sideband.allowControlCharacters=color \
++		clone --no-local . throw-away 2>stderr &&
++	test_decode_color <stderr >decoded &&
++	test_grep RED decoded &&
++	test_grep "\\^G" stderr &&
++	tr -dc "\\007" <stderr >actual &&
++	test_must_be_empty actual &&
++
++	rm -rf throw-away &&
++	git -c sideband.allowControlCharacters=false \
++		clone --no-local . throw-away 2>stderr &&
++	test_decode_color <stderr >decoded &&
++	test_grep ! RED decoded &&
++	test_grep "\\^G" stderr &&
++
++	rm -rf throw-away &&
++	git -c sideband.allowControlCharacters clone --no-local . throw-away 2>stderr &&
++	test_decode_color <stderr >decoded &&
++	test_grep RED decoded &&
++	tr -dc "\\007" <stderr >actual &&
++	test_file_not_empty actual
++'
++
+ test_done
+-- 
+2.49.0
+

SOURCES/git-2.43.7-t-avoid-git-config-syntax-from-newer-releases.patch

@@ -0,0 +1,59 @@
+From 428c9241c6918f52ac22fb8e83ce7c736a2f5e00 Mon Sep 17 00:00:00 2001
+From: Todd Zullinger <tmz@pobox.com>
+Date: Tue, 8 Jul 2025 17:05:27 -0400
+Subject: [PATCH] t: avoid git config syntax from newer releases
+
+In a recent security release, 05e9cd64ee (config: quote values
+containing CR character, 2025-05-19) added calls to `git config get`,
+`git config set`, and `git config unset` which are not present on the
+maint-2.43 branch.
+
+These subcommands were added in the following commits, released in
+git-2.46.0:
+
+  4e51389000 (builtin/config: introduce "get" subcommand, 2024-05-06),
+  00bbdde141 (builtin/config: introduce "set" subcommand, 2024-05-06),
+  95ea69c67b (builtin/config: introduce "unset" subcommand, 2024-05-06)
+
+Revert to the previous `git config` syntax for older maintenance
+branches.
+
+Signed-off-by: Todd Zullinger <tmz@pobox.com>
+Signed-off-by: Junio C Hamano <gitster@pobox.com>
+---
+ t/t1300-config.sh           | 4 ++--
+ t/t7450-bad-git-dotfiles.sh | 4 ++--
+ 2 files changed, 4 insertions(+), 4 deletions(-)
+
+diff --git a/t/t1300-config.sh b/t/t1300-config.sh
+index 1010410b7e2926..baf9b4823111d5 100755
+--- a/t/t1300-config.sh
++++ b/t/t1300-config.sh
+@@ -2595,8 +2595,8 @@ test_expect_success 'writing value with trailing CR not stripped on read' '
+ 
+ 	printf "bar\r\n" >expect &&
+ 	git init cr-test &&
+-	git -C cr-test config set core.foo $(printf "bar\r") &&
+-	git -C cr-test config get core.foo >actual &&
++	git -C cr-test config core.foo $(printf "bar\r") &&
++	git -C cr-test config --get core.foo >actual &&
+ 
+ 	test_cmp expect actual
+ '
+diff --git a/t/t7450-bad-git-dotfiles.sh b/t/t7450-bad-git-dotfiles.sh
+index 20262855664a97..d1546e3311b27f 100755
+--- a/t/t7450-bad-git-dotfiles.sh
++++ b/t/t7450-bad-git-dotfiles.sh
+@@ -362,10 +362,10 @@ test_expect_success SYMLINKS,!WINDOWS,!MINGW 'submodule must not checkout into d
+ 	git -C repo mv sub $(printf "sub\r") &&
+ 
+ 	# Ensure config values containing CR are wrapped in quotes.
+-	git config unset -f repo/.gitmodules submodule.sub.path &&
++	git config --unset -f repo/.gitmodules submodule.sub.path &&
+ 	printf "\tpath = \"sub\r\"\n" >>repo/.gitmodules &&
+ 
+-	git config unset -f repo/.git/modules/sub/config core.worktree &&
++	git config --unset -f repo/.git/modules/sub/config core.worktree &&
+ 	{
+ 		printf "[core]\n" &&
+ 		printf "\tworktree = \"../../../sub\r\"\n"

SPECS/git.spec

@@ -92,8 +92,8 @@
 #global rcrev   .rc0
 
 Name:           git
-Version:        2.43.5
+Version:        2.43.7
-Release:        2%{?rcrev}%{?dist}
+Release:        1%{?rcrev}%{?dist}
 Summary:        Fast Version Control System
 License:        GPLv2
 URL:            https://git-scm.com/
@@ -143,6 +143,18 @@ Patch5:         0003-t-lib-git-svn-try-harder-to-find-a-port.patch
 # https://github.com/git/git/commit/2386535511d1181afd4e892e2a866ffe5e1d7d21
 Patch6:         git-2.43.0-slow-shallow-clones.patch
 
+# Adds the option to sanitize sideband channel messages
+# CVE-2024-52005 wasn't fixed by upstream. This patch adds the option to harden Git against it.
+# The default behaviour of Git remains unchanged.
+#
+# https://github.com/gitgitgadget/git/pull/1853
+Patch7:         git-2.43.5-sanitize-sideband-channel-messages.patch
+
+# t: avoid git config syntax from newer releases
+#
+# https://github.com/git/git/commit/428c9241c6918f52ac22fb8e83ce7c736a2f5e00
+Patch8:         git-2.43.7-t-avoid-git-config-syntax-from-newer-releases.patch
+
 %if %{with docs}
 # pod2man is needed to build Git.3pm
 BuildRequires:  %{_bindir}/pod2man
@@ -1104,6 +1116,14 @@ rmdir --ignore-fail-on-non-empty "$testdir"
 %{?with_docs:%{_pkgdocdir}/git-svn.html}
 
 %changelog
+* Fri Jul 11 2025 Ondřej Pohořelský <opohorel@redhat.com> - 2.43.7-1
+- update to 2.43.7
+- Resolves: RHEL-102440, RHEL-102454, RHEL-102674, RHEL-102680
+
+* Fri Apr 04 2025 Ondřej Pohořelský <opohorel@redhat.com> - 2.43.5-3
+- add the option to sanitize sideband channel messages
+- Resolves: RHEL-74177
+
 * Fri Nov 15 2024 Ondřej Pohořelský <opohorel@redhat.com> - 2.43.5-2
 - Sync version with the hotfix branch
 - Related: RHEL-64984