stable

git-2.34.3-1.fc34

FEDORA-2022-2fec5f30be created by tmz 2 years ago for Fedora 34

Update to 2.34.3 (release notes)

This release addresses CVE-2022-24765. Per the release announcement:

On multi-user machines, Git users might find themselves unexpectedly in a Git worktree, e.g. when another user created a repository in C:\.git, in a mounted network drive or in a scratch space. Merely having a Git-aware prompt that runs git status (or git diff) and navigating to a directory which is supposedly not a Git worktree, or opening such a directory in an editor or IDE such as VS Code or Atom, will potentially run commands defined by that other user.

A broad "escape hatch" is available in cases where all the repositories you may enter are considered safe, regardless of their ownership. Quoting another release announcement:

* can be used as the value for the safe.directory variable to signal that the user considers that any directory is safe.

How to install

Updates may require up to 24 hours to propagate to mirrors. If the following command doesn't work, please retry later:

sudo dnf upgrade --refresh --advisory=FEDORA-2022-2fec5f30be

This update has been submitted for testing by tmz.

2 years ago

This update's test gating status has been changed to 'waiting'.

2 years ago

This update's test gating status has been changed to 'passed'.

2 years ago

This update has been pushed to testing.

2 years ago

This update can be pushed to stable now if the maintainer wishes

2 years ago

This update has been submitted for stable by tmz.

2 years ago

This update has been pushed to stable.

2 years ago

Please login to add feedback.

Metadata
Type
security
Severity
medium
Karma
0
Signed
Content Type
RPM
Test Gating
Settings
Unstable by Karma
-3
Stable by Karma
disabled
Stable by Time
disabled
Dates
submitted
2 years ago
in testing
2 years ago
in stable
2 years ago

Automated Test Results