home bbs files messages ]

Forums before death by AOL, social media and spammers... "We can't have nice things"

   linux.debian.changes      Debian changes... like the weather      791 messages   

[   << oldest   |   < older   |   list   |   newer >   |   newest >>   ]

   Message 35 of 791   
   Debian FTP Masters to All   
   Accepted git 1:2.47.3-0+deb13u1 (source)   
   22 Aug 25 12:50:03   
   
   From: ftpmaster@ftp-master.debian.org   
      
   -----BEGIN PGP SIGNED MESSAGE-----   
   Hash: SHA512   
      
   Format: 1.8   
   Date: Wed, 30 Jul 2025 21:10:52 +0300   
   Source: git   
   Architecture: source   
   Version: 1:2.47.3-0+deb13u1   
   Distribution: trixie   
   Urgency: medium   
   Maintainer: Jonathan Nieder    
   Changed-By: Adrian Bunk    
   Closes: 1108983   
   Changes:   
    git (1:2.47.3-0+deb13u1) trixie; urgency=medium   
    .   
      * Non-maintainer upload.   
      * New upstream release.   
        - CVE-2025-27613: gitk: file creation/truncation after cloning   
          untrusted repository   
        - CVE-2025-27614: gitk: user can be tricked into running any   
          script after cloning untrusted repository   
        - CVE-2025-46835: git-gui: file creation/overwriting after   
          cloning untrusted repository   
        - CVE-2025-48384: script execution after cloning untrusted   
          repository   
        - CVE-2025-48385: protocol injection when fetching   
        - Closes: #1108983   
   Checksums-Sha1:   
    ee3209ec18d30a2cd71330998debf84c51431edc 2702 git_2.47.3-0+deb13u1.dsc   
    408774745b5dadeddcf1e7223201927123e504ea 7657416 git_2.47.3.orig.tar.xz   
    7242067a7c86f70fbd239d3d479a855b0ce320b9 793112 git_2.47.3-0+de   
   13u1.debian.tar.xz   
   Checksums-Sha256:   
    41ee783af84774dfab31ff6af54a07f70513dd09914e2d622626f4dfecae0a86 2702   
   git_2.47.3-0+deb13u1.dsc   
    9c2eb1250781b3e5bfef098572d07fdf132d67e6c065e4307332ade9819a1501 7657416   
   git_2.47.3.orig.tar.xz   
    db44b90ab928d41959f5945a49fcaa101385a4bd085b118b5fd40162a0a84066 793112   
   git_2.47.3-0+deb13u1.debian.tar.xz   
   Files:   
    14b7604dd821e2f027cf46b336f9413b 2702 vcs optional git_2.47.3-0+deb13u1.dsc   
    467860ca61d8840cda3fb10db687f771 7657416 vcs optional git_2.47.3.orig.tar.xz   
    f42dbbc65c6800848bb2aa481e3fd8e4 793112 vcs optional git_2.47.3   
   0+deb13u1.debian.tar.xz   
      
   -----BEGIN PGP SIGNATURE-----   
      
   iQIzBAEBCgAdFiEEOvp1f6xuoR0v9F3wiNJCh6LYmLEFAmioOagACgkQiNJCh6LY   
   mLEntA/6A83dw3PrPSwn8BF8B+q/GVsTvYNRU5YfKiYTMdKp+8K3DP8BL15xxRqf   
   jU4EiOfZ29RixiBdwc868qw5xaJEZePmEYTC2oOaAygdzOnyfC9L9yAfHattD8XS   
   COTZs8+12CIYBuvGBMxdudHaMKypk6MRz++zg4Cd7qiP8/w/GflxfXp/vYVZnJF1   
   8E+iPmB/XlwXQkE5wNVbNSEJ9NpWxf1CAKXDe4sALS7kNRwj3Zfqdh6lZXfqspFe   
   xxYjlV2yzzdipohygkyQeBHaT9uT7dIU5UJ6g28gSODy9dZNsWrjAPsFJ9uIicix   
   AtXo1RSHdj1Nax1LU953J6NNUXImpTj8IbTgwaIGeyQo8bi82Lo0vQdX9/pnqIaS   
   bx7lI9cuTtgNaLFN3lAJVfzXLDP+ssr0Op5AL3soWxENLi3jNawctig2rE8Ned3Q   
   7OVz6u3Jv0G44Wfqoa7V+lzcpP0hkYtI4P8OEAB6zoPUrx2maKubSe1k+O+/Uwp3   
   OMbktEeVXE4aIXTPrW0CLVxXqty/A5jF9YXr4vq8Fj3Rg/7NoOnHfvZkwmci/Mm+   
   ubnFGHr+c9vY3ON+ias6hdTLj14MwALJ0hTDCdHdmcTuHOekNuMuK/ciWNcYRFve   
   a2FAhKGtWin0tHFgVfy4vZK3fhkjk+Xii8iQ9Z76JCI6SK+Xr54=   
   =0ZPE   
   -----END PGP SIGNATURE-----   
      
      
   --============== 42491723597690649=Content-Type: application/pgp-signature   
      
   -----BEGIN PGP SIGNATURE-----   
      
   iHUEABYIAB0WIQTziqJOuF8J+ZI8pJSb9qggYcy5IQUCaKhKrAAKCRCb9qggYcy5   
   IWB7AQCgkcPrmlEFe8dcDlYo7IA/j3s6lli5dA6lbD/YyR64lwEAuz+S+tgeRbCW   
   AHtz75cwnBQcKh3eMwCPcgBj9ozM8ww=rb7D   
   -----END PGP SIGNATURE-----   
      
   --- SoupGate-Win32 v1.05   
    * Origin: you cannot sedate... all the things you hate (1:229/2)   

[   << oldest   |   < older   |   list   |   newer >   |   newest >>   ]


(c) 1994,  bbs@darkrealms.ca