On 05/10/2018 23:22, Klemens Nanni wrote:
> https://marc.info/?l=git&m=153875888916397&w=2
>
> These releases fix a security flaw (CVE-2018-17456), which allowed an
> attacker to execute arbitrary code by crafting a malicious .gitmodules
> file in a project cloned with --recurse-submodules.
>
> OK?
ok benoit@
>
> Index: Makefile
> ===================================================================
> RCS file: /cvs/ports/devel/git/Makefile,v
> retrieving revision 1.193
> diff -u -p -r1.193 Makefile
> --- Makefile 13 Sep 2018 05:59:22 -0000 1.193
> +++ Makefile 5 Oct 2018 21:10:09 -0000
> @@ -4,7 +4,7 @@ COMMENT-main = GIT - Tree History Storag
> COMMENT-svn = GIT - subversion interoperability tools
> COMMENT-x11 = GIT - graphical tools
>
> -V = 2.19.0
> +V = 2.19.1
> DISTNAME = git-${V}
> PKGNAME-main = ${DISTNAME}
> PKGNAME-svn = git-svn-${V}
> Index: distinfo
> ===================================================================
> RCS file: /cvs/ports/devel/git/distinfo,v
> retrieving revision 1.146
> diff -u -p -r1.146 distinfo
> --- distinfo 13 Sep 2018 05:59:22 -0000 1.146
> +++ distinfo 5 Oct 2018 21:10:33 -0000
> @@ -1,4 +1,4 @@
> -SHA256 (git-2.19.0.tar.gz) = 4OGFsZ1ubKpY3eBaGjMhSXddaKmUbydPQaG9fblyz1U=
> -SHA256 (git-manpages-2.19.0.tar.gz) = CC23Rz05ALeD5nHaCU3atZN8VZ9zIagJh6Q5rDzoTfQ=
> -SIZE (git-2.19.0.tar.gz) = 7708477
> -SIZE (git-manpages-2.19.0.tar.gz) = 702323
> +SHA256 (git-2.19.1.tar.gz) = 7E3JZFZhLGW/bZRM7prGQBRexyRTdoMreBywPpfLt5Y=
> +SHA256 (git-manpages-2.19.1.tar.gz) = vSf1jckKZh4wgLlzZetzIr+hhd6VY0/FnZgxGSWn2JQ=
> +SIZE (git-2.19.1.tar.gz) = 7708143
> +SIZE (git-manpages-2.19.1.tar.gz) = 702313
>
No comments:
Post a Comment