Security update: Git v2.30.2-1

public inbox for cygwin-announce@cygwin.com
 help / color / mirror / Atom feed

* Security update: Git v2.30.2-1
@ 2021-03-10 11:24 Adam Dinwoodie
  0 siblings, 0 replies; only message in thread
From: Adam Dinwoodie @ 2021-03-10 11:24 UTC (permalink / raw)
  To: cygwin-announce

Version 2.30.2-1 of Git has been uploaded and should be coming soon to
a mirror near you.

This update fixes CVE-2021-21300: On case-insensitive file systems
with support for symbolic links, if Git is configured globally to
apply delay-capable clean/smudge filters (such as Git LFS), Git could
be fooled into running remote code during a clone.

This update includes the following packages:

- git
- git-cvs
- git-debuginfo
- git-email
- git-gui
- gitk
- git-p4
- git-svn

This is an update to the latest upstream release.

For a full list of the upstream changes in this release, please refer to
the upstream changelogs:

https://git.kernel.org/cgit/git/git.git/tree/Documentation/RelNotes
https://kernel.googlesource.com/pub/scm/git/git.git/+/master/Documentation/RelNotes/
https://github.com/git/git/tree/master/Documentation/RelNotes

Enjoy!

^ permalink raw reply	[flat|nested] only message in thread

only message in thread, other threads:[~2021-03-10 11:24 UTC | newest]

Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-03-10 11:24 Security update: Git v2.30.2-1 Adam Dinwoodie

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).