-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Sun, 08 Dec 2019 22:56:16 -0800
Source: git
Binary: git git-all git-cvs git-daemon-run git-daemon-sysvinit git-dbgsym git-doc git-el git-email git-gui git-man git-mediawiki git-svn gitk gitweb
Architecture: source all amd64
Version: 1:2.20.1-2+deb10u1
Distribution: buster-security
Urgency: high
Maintainer: Gerrit Pape <pape@smarden.org>
Changed-By: Jonathan Nieder <jrnieder@gmail.com>
Description:
git - fast, scalable, distributed revision control system
git-all - fast, scalable, distributed revision control system (all subpacka
git-cvs - fast, scalable, distributed revision control system (cvs interope
git-daemon-run - fast, scalable, distributed revision control system (git-daemon s
git-daemon-sysvinit - fast, scalable, distributed revision control system (git-daemon s
git-doc - fast, scalable, distributed revision control system (documentatio
git-el - fast, scalable, distributed revision control system (emacs suppor
git-email - fast, scalable, distributed revision control system (email add-on
git-gui - fast, scalable, distributed revision control system (GUI)
git-man - fast, scalable, distributed revision control system (manual pages
git-mediawiki - fast, scalable, distributed revision control system (MediaWiki re
git-svn - fast, scalable, distributed revision control system (svn interope
gitk - fast, scalable, distributed revision control system (revision tre
gitweb - fast, scalable, distributed revision control system (web interfac
Changes:
git (1:2.20.1-2+deb10u1) buster-security; urgency=high
.
* new upstream point release (see RelNotes/2.20.2.txt).
* Addresses the security issues CVE-2019-1348, CVE-2019-1349,
CVE-2019-1350, CVE-2019-1351, CVE-2019-1352, CVE-2019-1353,
CVE-2019-1354, and CVE-2019-1387.
.
Credit for finding these vulnerabilities goes to Microsoft
Security Response Center, in particular to Nicolas Joly. Fixes
were provided by Jeff King and Johannes Schindelin with help
from Garima Singh.
.
* Addresses CVE-2019-19604, arbitrary code execution via the
"update" field in .gitmodules.
.
Credit for finding this vulnerability goes to Joern
Schneeweisz from GitLab.
Checksums-Sha1:
a996c9cba0dfa51389c8fe4ddef3449597fdc454 2923 git_2.20.1-2+deb10u1.dsc
58dca49db21f4bebf56f8861f15800f1c57c5ee3 5359872 git_2.20.1.orig.tar.xz
34352587f55634b3d97a4fb195c10f3a484a0e5f 632804 git_2.20.1-2+deb10u1.debian.tar.xz
1b9edf69ee54b72f31bc9838ad02be56af7af380 792524 git-all_2.20.1-2+deb10u1_all.deb
43d9a5533acd73c701ce25bd73419618a9c536fc 855532 git-cvs_2.20.1-2+deb10u1_all.deb
45a50d756b4e4b3874b46a165cd28f05b65b4e09 794148 git-daemon-run_2.20.1-2+deb10u1_all.deb
0e6432ad495f7f96e7ac3122dbdfb6ff82985096 795180 git-daemon-sysvinit_2.20.1-2+deb10u1_all.deb
b48e5cd08db5d59d233308b26eac62b571d4937a 45482520 git-dbgsym_2.20.1-2+deb10u1_amd64.deb
70d8a35e6995bdf30883348872078857a1ba0c10 1736832 git-doc_2.20.1-2+deb10u1_all.deb
ae6266f924c835b6d77892c702f7995417edd4db 794904 git-el_2.20.1-2+deb10u1_all.deb
728b5eb81bece206505e14e4f3395a6a789c73b7 816620 git-email_2.20.1-2+deb10u1_all.deb
b2623fe41dcf46f078691af7351e10d3502e8025 1001908 git-gui_2.20.1-2+deb10u1_all.deb
67281f55cf5b9a39f8d5e76b22bfbabd58346f17 1619784 git-man_2.20.1-2+deb10u1_all.deb
3278cdfb2569af544f099138e155af3e577e0a6a 807696 git-mediawiki_2.20.1-2+deb10u1_all.deb
4fdf78eb8978f1720cd893e758f0b9379e5aef8e 866760 git-svn_2.20.1-2+deb10u1_all.deb
44e64ef9bf4edb765abbd4eab445d6d6976e9190 12297 git_2.20.1-2+deb10u1_amd64.buildinfo
4cf56a4e843d85980aa712564c771f9a9b699631 5619704 git_2.20.1-2+deb10u1_amd64.deb
d186269ce3a55d16cd4e7c02f615f3f5e3e09b31 922196 gitk_2.20.1-2+deb10u1_all.deb
6c8bc2ade1bd36d4648961b02bd653fa6950f463 796776 gitweb_2.20.1-2+deb10u1_all.deb
Checksums-Sha256:
d019a11d3826d5dc1f004cfcfeaad392c22cbd86956bca53271252014b0bd874 2923 git_2.20.1-2+deb10u1.dsc
9d2e91e2faa2ea61ba0a70201d023b36f54d846314591a002c610ea2ab81c3e9 5359872 git_2.20.1.orig.tar.xz
3fe13b0b41f04e9029d6f3e396a610ddf79271c285cc8b0b7f644b563b6f1368 632804 git_2.20.1-2+deb10u1.debian.tar.xz
0cef2b15617f9fa197c6d15e968444127c9b50db0cce71d05fd95b3674a0afc1 792524 git-all_2.20.1-2+deb10u1_all.deb
7d0f82e708779736ea3dd90bf43ff05e6d93398f2e5388ebffc5f6290eb313ad 855532 git-cvs_2.20.1-2+deb10u1_all.deb
33922ec3dd34bbb25bc32afdbeced15697f001af43cbb4c9b8429a5b82922a68 794148 git-daemon-run_2.20.1-2+deb10u1_all.deb
a8f63c4701f360303fa1da62cbda0b4a1c6505760019c83a68e64a0179a099b7 795180 git-daemon-sysvinit_2.20.1-2+deb10u1_all.deb
f075e8585505b10ba4c253347aecfa3f2868cea28a3cb04e040bf9aa8ed7f25c 45482520 git-dbgsym_2.20.1-2+deb10u1_amd64.deb
a3f9b8456d758bd09d6949ce1e49d69fff7126a39db5cb162e11aaeb94a12ad4 1736832 git-doc_2.20.1-2+deb10u1_all.deb
62214a3318b0ac0126fbaa5cb8b8765c029d795de7e3674cca3353f6e0cfed9f 794904 git-el_2.20.1-2+deb10u1_all.deb
95141c4084d2f4f1c1715a99ba9fa14308a146cb5a2dec8411cf1c8c5fade3ad 816620 git-email_2.20.1-2+deb10u1_all.deb
26d77a10de5932d5c25eed76a1f9c40994d01f6156780e27b8257f12d4725700 1001908 git-gui_2.20.1-2+deb10u1_all.deb
1eb18ed61e8812bee205b12ff605b76117ce094a337f39e9f3009284eddd6ea1 1619784 git-man_2.20.1-2+deb10u1_all.deb
efdd37960f73b369f599a7f8a7adb1c51026123e6789101aa50e9332fa72fd20 807696 git-mediawiki_2.20.1-2+deb10u1_all.deb
a19faa68c83336619633fa1eb07f4644a324ff81b4dd7cea0c01cb02f203a4fc 866760 git-svn_2.20.1-2+deb10u1_all.deb
56ecfd2adca6d5d58df59830327dba0ca7b919b372b3f4696ca7509ecc02edcf 12297 git_2.20.1-2+deb10u1_amd64.buildinfo
02d1269a1defb84544b89e37b15d5f1363bfbb8df6cbe834f5095282f85d719f 5619704 git_2.20.1-2+deb10u1_amd64.deb
9470594a12946a2e64e2426294e62ef4454080c6ddbeb821eff67c32d2ee372b 922196 gitk_2.20.1-2+deb10u1_all.deb
619de202c6b0bbb02f083dbaf42bd0c4920609fac56c0f3165fd619fb51f8fcb 796776 gitweb_2.20.1-2+deb10u1_all.deb
Files:
810837388e14533bc4a0257a34766716 2923 vcs optional git_2.20.1-2+deb10u1.dsc
5fb4ff92b56ce3172b99c1c74c046c1a 5359872 vcs optional git_2.20.1.orig.tar.xz
a7e53c3dafd41232abe6f139fefcd7c1 632804 vcs optional git_2.20.1-2+deb10u1.debian.tar.xz
c2f8684bc0794996c61a99f8aa5ef018 792524 vcs optional git-all_2.20.1-2+deb10u1_all.deb
63f74cca9bc1cbf0d4721e6f2b0f3f23 855532 vcs optional git-cvs_2.20.1-2+deb10u1_all.deb
1946b6975c153858d22621fe626dfbc3 794148 vcs optional git-daemon-run_2.20.1-2+deb10u1_all.deb
2110a4c53fcce2911bed1b72eb3824ba 795180 vcs optional git-daemon-sysvinit_2.20.1-2+deb10u1_all.deb
c2034567537613e4e1905f1c98cd862c 45482520 debug optional git-dbgsym_2.20.1-2+deb10u1_amd64.deb
ea962e33d662ef2fde1485538040336d 1736832 doc optional git-doc_2.20.1-2+deb10u1_all.deb
32e86cd78a2bb1cc19d8527b55a2bf93 794904 vcs optional git-el_2.20.1-2+deb10u1_all.deb
8d6368f7218e4c2875230dddbd792814 816620 vcs optional git-email_2.20.1-2+deb10u1_all.deb
1d52249a20673f436ae76cf5cb7c89c7 1001908 vcs optional git-gui_2.20.1-2+deb10u1_all.deb
a02450bd9540ee425e930ced6d4ac9ea 1619784 doc optional git-man_2.20.1-2+deb10u1_all.deb
3887b1fe372d1b83bb21f9b1dcf77f16 807696 vcs optional git-mediawiki_2.20.1-2+deb10u1_all.deb
d45de2b08773f8e6075b1fdbc3e16ce1 866760 vcs optional git-svn_2.20.1-2+deb10u1_all.deb
8a58e53519c11696a91ec9e2a612f88f 12297 vcs optional git_2.20.1-2+deb10u1_amd64.buildinfo
7c536cbc387081fededcf9244e1b0f50 5619704 vcs optional git_2.20.1-2+deb10u1_amd64.deb
1d3567c1f97b9e6cfc32fcb77b12b716 922196 vcs optional gitk_2.20.1-2+deb10u1_all.deb
0347c67192a6b8cc6ca7141140aa6a1d 796776 vcs optional gitweb_2.20.1-2+deb10u1_all.deb
-----BEGIN PGP SIGNATURE-----
iQJHBAEBCAAxFiEEUh5Y8X6W1xKqD/EC38Zx7rMz+iUFAl3t/+MTHGpybmllZGVy
QGdtYWlsLmNvbQAKCRDfxnHuszP6JdBZEACMqh4q+Ac0KlQynyKcVFkT/NhB3UR0
hhVACajJR6saVvpc73gwfJX/0cuXHA3oouV6nNCJ1O6mZznVpVmvtc8d9rkj1KNE
sl8dBldtLo3IaiTOsVKAD8xi6DHKgfFnqkDa8FwAfNHDejFD3aJuCnVaEPK448TL
pgIm3fgoV4yAeraYx6fK7E4v9fONdKe9Im8PRdLoj6wBtROHBFFGkf5C890qd8dl
AJWTRokmd8EXOiHwyoYsV17GPz/d1X6g9jbuD2yPWwKf0q9EaRC3+EV+L3rziUux
k65IRjGN8Yl2n1RTynJn+rm+9FDYdyRv9gh5Yib+xlIFiC5PqT3YC3BVJI9SluMC
6U9z65PChUhP6t5nbf5iFOCfZtLKjB+Nsu66OOC7IRXvXLYT7Uvzo5zs+Z0VGvmN
ZKTXzWdxrpWXVkXIR1ZSrTsQOuQ2SO5ru7VVbEM3XrGAiBjLdMaSv2VTLCg5SnX1
kmxCr0kTnvOCYlwnVLiUK+yWO5n1PIZDPOEKpOihjE860g5LgIUkioL8BAbI11a4
DgzB8kYeAwCDAVImvhuqdFTVWYJjslnBtR0FOXclKZFFcgxJnAyokH4kNZIe6Qow
Z6z9WcBFAL0lo7jQbmJ8PyvZb8oBKKuNvaafF5Wb1vI1Bh5qbECLPkvgv9zeeiFn
uAWvEAckhbHDBA==
=HXse
-----END PGP SIGNATURE-----
