Per the upstream release announcement¹, this release fixes "various security flaws, which allowed an attacker to overwrite arbitrary paths, remotely execute code, and/or overwrite files in the .git/ directory etc. See the release notes attached for the list for their descriptions and CVE identifiers."
Refer to the 2.14.6 release notes² for details on these vulnerabilities.
¹ https://lore.kernel.org/git/xmqqr21cqcn9.fsf@gitster-ct.c.googlers.com/
² https://www.kernel.org/pub/software/scm/git/docs/RelNotes/2.14.6.txt
Updates may require up to 24 hours to propagate to mirrors. If the following command doesn't work, please retry later:
sudo dnf upgrade --refresh --advisory=FEDORA-2019-1cec196e20
Please login to add feedback.
This update has been submitted for testing by tmz.
This update's test gating status has been changed to 'waiting'.
This update's test gating status has been changed to 'ignored'.
tmz edited this update.
This update has been pushed to testing.
tmz edited this update.
Works great.
Seems to work great.
Seems to work great.
This update's test gating status has been changed to 'greenwave_failed'.
This update's test gating status has been changed to 'ignored'.
This update can be pushed to stable now if the maintainer wishes
This update has been submitted for stable by bodhi.
works fine for me
works fine for me
FEDORA-2019-1cec196e20 ejected from the push because "Cannot find relevant tag for git-2.21.1-1.fc30. None of ['f30-updates', 'f30-updates-pending'] are in ['dist-6E-epel-testing', 'epel7-testing', 'dist-5E-epel-testing', 'f27-modular-updates-testing', 'f30-modular-updates-testing', 'f30-container-updates-testing', 'f30-flatpak-updates-testing', 'f28-modular-updates-testing', 'f28-container-updates-testing', 'epel8-testing', 'f31-modular-updates-testing', 'f32-container-updates-testing', 'f31-container-updates-testing', 'f31-flatpak-updates-testing', 'f29-modular-updates-testing', 'f29-container-updates-testing', 'f29-flatpak-updates-testing', 'f22-updates-testing', 'f21-updates-testing', 'f25-updates-testing', 'f24-updates-testing', 'f23-updates-testing', 'f26-updates-testing', 'f27-updates-testing', 'f30-updates-testing', 'f28-updates-testing', 'f31-updates-testing', 'f32-updates-testing', 'f29-updates-testing', 'epel8-modular-updates-testing']."
This update has been pushed to stable.