-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Mon, 25 Sep 2017 18:23:18 -0700
Source: git
Binary: git git-man git-core git-doc git-cvs git-svn git-mediawiki git-email git-daemon-run git-daemon-sysvinit git-gui gitk git-el gitweb git-all
Architecture: source all amd64
Version: 1:2.14.2-1
Distribution: unstable
Urgency: high
Maintainer: Gerrit Pape <pape@smarden.org>
Changed-By: Jonathan Nieder <jrnieder@gmail.com>
Description:
git - fast, scalable, distributed revision control system
git-all - fast, scalable, distributed revision control system (all subpacka
git-core - fast, scalable, distributed revision control system (obsolete)
git-cvs - fast, scalable, distributed revision control system (cvs interope
git-daemon-run - fast, scalable, distributed revision control system (git-daemon s
git-daemon-sysvinit - fast, scalable, distributed revision control system (git-daemon s
git-doc - fast, scalable, distributed revision control system (documentatio
git-el - fast, scalable, distributed revision control system (emacs suppor
git-email - fast, scalable, distributed revision control system (email add-on
git-gui - fast, scalable, distributed revision control system (GUI)
git-man - fast, scalable, distributed revision control system (manual pages
git-mediawiki - fast, scalable, distributed revision control system (MediaWiki re
git-svn - fast, scalable, distributed revision control system (svn interope
gitk - fast, scalable, distributed revision control system (revision tre
gitweb - fast, scalable, distributed revision control system (web interfac
Changes:
git (1:2.14.2-1) unstable; urgency=high
.
* new upstream point release (see RelNotes/2.14.1.txt). Among other
changes, this fixes a remote shell command execution vulnerability
via CVS protocol:
- git-shell: drop cvsserver support by default
- git-cvsserver: harden backtick captures against user input
.
Thanks to joernchen of Phenoelit for discovering, reporting, and
fixing this vulnerability, and to Junio C Hamano and Jeff King for
the fixes to related issues.
Checksums-Sha1:
8b0184f8569068febb01eb9d846aeac699df0e22 2845 git_2.14.2-1.dsc
9515fd4a068027f2c3d6ea9b8a8a298e990123a0 4800208 git_2.14.2.orig.tar.xz
54e263609d5ecb671d570cd8b17b2d78a6f513fe 546660 git_2.14.2-1.debian.tar.xz
b4e91395eda99ac247fb26237c63d09bba737785 712622 git-all_2.14.2-1_all.deb
25ac844a7aa5573a2bf14862a0f88ebb5079d726 1408 git-core_2.14.2-1_all.deb
ab1ffda4035b3f765d4519a9cb0d9f08e1f6a26b 775826 git-cvs_2.14.2-1_all.deb
145ed9deaaabe58d0373f8ab8501881203436b5e 714218 git-daemon-run_2.14.2-1_all.deb
3b7c0dfe8c8139b604a6c15716c4cc5657ab7148 715390 git-daemon-sysvinit_2.14.2-1_all.deb
62293f6395df09a42615f5a0147fb08d3a1542c9 31919580 git-dbgsym_2.14.2-1_amd64.deb
865902cb1361c239b302f64aa919c03a0ef7f990 1588498 git-doc_2.14.2-1_all.deb
12e78a0d72da9a8742a6393451fd1a2bdab870cc 732202 git-el_2.14.2-1_all.deb
24e5818579aa0922bee7cf677db0203512708fb6 736260 git-email_2.14.2-1_all.deb
9b93c1a02b03cfe1f589655f7282fae8f1a68c2f 921320 git-gui_2.14.2-1_all.deb
6cfd73dcd78c680d98ba8d7b06647324f0db7694 1494852 git-man_2.14.2-1_all.deb
3dbf38f7b43d8b2fe0fe3238791d869a3d61bc4e 728296 git-mediawiki_2.14.2-1_all.deb
9e006c0ecc88d9c0061219f07470606906bb0aaf 798510 git-svn_2.14.2-1_all.deb
ad5fb3accfdcabf64d30f1f55e0352fcc1eb3fcf 10686 git_2.14.2-1_amd64.buildinfo
27dd5556e97672d8ca1fe51e1d91b53f59ed93b0 4408370 git_2.14.2-1_amd64.deb
203fdeaf8f655589d950fae36a383636e6ef4ce3 843002 gitk_2.14.2-1_all.deb
fe2af792021e4804c4f0030a8d3019edb79a1ed6 716886 gitweb_2.14.2-1_all.deb
Checksums-Sha256:
0fa137a90497970e94c05c3bccb5cb93d23a2fa27543456cb5db50c9492c45ce 2845 git_2.14.2-1.dsc
50e9723996114ad1eec4dda89960d9fe34461749ae42031008a261fedd03c7a1 4800208 git_2.14.2.orig.tar.xz
b150a25b6bde086fe4bb10ebe5f90f81e5c075d3fcd8aebe8ce50bdbf3ed5c3d 546660 git_2.14.2-1.debian.tar.xz
1c02c8aa25b910cddd32fc1b055ef921823ce4b39fe86df947e10b5fdc2e0fa5 712622 git-all_2.14.2-1_all.deb
d321de453ecd4d8e37fd5ac1d5be44f5395aff5922e4b5236082ba8f06cd5cf7 1408 git-core_2.14.2-1_all.deb
220ecc5ed5e578a4452f6d9ae116d0516e70a767425e6eb698742caa81f2bf5c 775826 git-cvs_2.14.2-1_all.deb
a829150ea88d8f7146bc7e85ee525c0f1af07b7b42b11a835f79839159202ba5 714218 git-daemon-run_2.14.2-1_all.deb
d4228fadeecbd200f7e33cee5221ba98dcf770819d346611effaa5e36bca468c 715390 git-daemon-sysvinit_2.14.2-1_all.deb
a92074f03a9ae64eff37c815efeaa367156c457d0f91bb3fb2602c9a72c7a79a 31919580 git-dbgsym_2.14.2-1_amd64.deb
48200b1b1d586ebd983101dea55a2329932fe001aaa6f480d11d9d481f6e04f2 1588498 git-doc_2.14.2-1_all.deb
f92902605c14f48c358d8bd5c94dadae35f04ef30e963ee6e137c3040ddd3384 732202 git-el_2.14.2-1_all.deb
8f46390623cd0d3a7d27c1a716d1045f61a8ee92d9a4c010ab092834d2855216 736260 git-email_2.14.2-1_all.deb
b36f2abd1d94b4d7220cd98b63c063af15ff2f50dc53c75b6d5c48f5e389ed8e 921320 git-gui_2.14.2-1_all.deb
1c71324d5c355a3afa0cd12b3e4e4043645a5f3244327f8f2049be5aa804bc0a 1494852 git-man_2.14.2-1_all.deb
27873cb5e2fbd89ec88f69d3c6f55d7888bff115c5ee99617c28c6b9224124fa 728296 git-mediawiki_2.14.2-1_all.deb
0a4ca04dee3c18fa56b7385002a108484b0a4f6f4b0cdd52290e432af9e00d1a 798510 git-svn_2.14.2-1_all.deb
855bbe1747e6b3883faa6c202ea020caf13f140b41d1788c5a94f2bc37aaee3c 10686 git_2.14.2-1_amd64.buildinfo
4af9540f2b4ea5812c8fe98103f4fc34d437efae5cbc1a6cb4e860314233101d 4408370 git_2.14.2-1_amd64.deb
a070addc85f695645d3ef9250ea96f09f0a24ee499c364b924aac4913b18b8bd 843002 gitk_2.14.2-1_all.deb
4d757c19dd97ce959cb969de1d6b19f7025765651603c211944181ba9003b970 716886 gitweb_2.14.2-1_all.deb
Files:
22b1d7662e718f29a800238440c2e50b 2845 vcs optional git_2.14.2-1.dsc
694dd05c8d82b1444ee54c6dbebb1250 4800208 vcs optional git_2.14.2.orig.tar.xz
b7ecff1260ad87ed73edfd7578c40324 546660 vcs optional git_2.14.2-1.debian.tar.xz
5ca6306e10731c3e719ba96b3ace6dac 712622 vcs optional git-all_2.14.2-1_all.deb
090e8baeef2f79f31dbf55c87d995fb0 1408 vcs optional git-core_2.14.2-1_all.deb
51b1f7931992f9868e6544fa6e1a1391 775826 vcs optional git-cvs_2.14.2-1_all.deb
a99a90f4cc415eda3eb2f24d1c168172 714218 vcs optional git-daemon-run_2.14.2-1_all.deb
c956a8cb9d44de212ddace65ba77a050 715390 vcs optional git-daemon-sysvinit_2.14.2-1_all.deb
b33da04a98d1e57297f7a50f9d7fed2a 31919580 debug optional git-dbgsym_2.14.2-1_amd64.deb
df0487ae6a05dd2476cec835cdb2876c 1588498 doc optional git-doc_2.14.2-1_all.deb
3960164f6500c5f36ffe678310416bf0 732202 vcs optional git-el_2.14.2-1_all.deb
58f6dd471fa4eb843719559573bc9ba4 736260 vcs optional git-email_2.14.2-1_all.deb
cd5e17e2be28219332be8d6d0cf7df74 921320 vcs optional git-gui_2.14.2-1_all.deb
17a741b2fef4f1918cc7ad28a4ac15ce 1494852 doc optional git-man_2.14.2-1_all.deb
ccd3482c008868e5eb27316be65774b7 728296 vcs optional git-mediawiki_2.14.2-1_all.deb
b47e607a34979b8160d5ee6b7753e930 798510 vcs optional git-svn_2.14.2-1_all.deb
796a08296d43ea9828553ea11a5e2777 10686 vcs optional git_2.14.2-1_amd64.buildinfo
c15ed17eb214e00f1209b074f7ebf758 4408370 vcs optional git_2.14.2-1_amd64.deb
3f6e9858a284c26193126246bd784893 843002 vcs optional gitk_2.14.2-1_all.deb
fb57dbec48160fd840ef794a49bce21c 716886 vcs optional gitweb_2.14.2-1_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAEBCAAGBQJZyfJlAAoJEN/Gce6zM/olmh0P/j2i3wB996LTBQ7JmShBvljd
JwPxevF/atbG563w3OB4jcwLpMRxmrmVAk256o2QAywKOPqRTij62vguTg/chBSY
63k6e2e8YJoWU6V5zyBFt7Y+9Xt3JSJswXXxRnjCL/8wtDAUfOu/bxDB46ZLafiq
oUA+Ye0du3i3pGCROESEue2v3JmKFDchI6CMKFLbl5x9nEcGmxWo3pJnGX+UcQqd
BbW6yl/JMysTkqPgHwz9dGjliP4F0jjVdbx3x/6MYZxfsDKW51PtpmZTtHmy/zX4
H3WRRvLFhWomtBPyrqINLAl+c5MRG2Snigf3M/hQcY1bTyslao6b4eEPefgXKPX6
t6375WuZRxmHxIGtM+KlP69oKfrJg8QdNa0keUHiZ8w5U1dmsE/m4diQOahzgBhd
JxHsu0YstZLPHfPhgo19cNAb2NOSAWc4ecpvWaeqJImOQQ83WZ1HTMlFyuQzmCzu
LrU8Cu3usMqyLMpPCtMKGwp+AVLMl/DUlWzQT2XzUgKrVykSAHX/CgWPPuoemNG0
ZspeVoJug/ZgMS7UWjnRAU8GGcTGHQI7THMG5blT1cFkpbdWOXstOS4ZoeuSqDV3
uZiuJP09utUJEUKR1GzXLpgr7L8Rz69sD7Zc05oTTSgC7NE5XrgwIFnLG/F3yMNv
eX+BCv0+u6fg8FJuubI9
=Qv6W
-----END PGP SIGNATURE-----
