From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <cygwin-announce-resender@sourceware.org>
Received: from localhost.localdomain (localhost [IPv6:::1])
 by sourceware.org (Postfix) with ESMTP id 763D13857363
 for <cygwin@cygwin.com>; Thu, 14 Apr 2022 13:01:53 +0000 (GMT)
DMARC-Filter: OpenDMARC Filter v1.4.1 sourceware.org 5135B3858C2C
Authentication-Results: sourceware.org;
 dmarc=none (p=none dis=none) header.from=dinwoodie.org
Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=dinwoodie.org
Date: Thu, 14 Apr 2022 14:01:21 +0100
From: Adam Dinwoodie <adam@dinwoodie.org>
To: cygwin@cygwin.com
Subject: [ANNOUNCEMENT] Security update: Git v2.35.3-1
Message-Id: <announce.20220414130121.czttrtehqw2ylwy6@lucy.dinwoodie.org>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
X-Spam-Status: No, score=-1.7 required=5.0 tests=BAYES_00, KAM_DMARC_STATUS,
 KAM_NUMSUBJECT, SPF_HELO_NONE, SPF_PASS, TXREP,
 T_SCC_BODY_TEXT_LINE autolearn=no autolearn_force=no version=3.4.4
X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on
 server2.sourceware.org
X-BeenThere: cygwin-announce@cygwin.com
X-Mailman-Version: 2.1.29
Reply-To: cygwin@cygwin.com
Errors-To: cygwin-announce-bounces+cygwin-announce-resender=cygwin.com@cygwin.com
X-Mailer: Perl5 Mail::Internet v2.20
Sender: Kernel Overflow User <cygwin-announce-resender@sourceware.org>
X-BeenThere: cygwin@cygwin.com
Precedence: list
List-Id: General Cygwin discussions and problem reports <cygwin.cygwin.com>
List-Unsubscribe: <https://cygwin.com/mailman/options/cygwin>,
 <mailto:cygwin-request@cygwin.com?subject=unsubscribe>
List-Archive: <https://cygwin.com/pipermail/cygwin/>
List-Post: <mailto:cygwin@cygwin.com>
List-Help: <mailto:cygwin-request@cygwin.com?subject=help>
List-Subscribe: <https://cygwin.com/mailman/listinfo/cygwin>,
 <mailto:cygwin-request@cygwin.com?subject=subscribe>
X-List-Received-Date: Thu, 14 Apr 2022 13:01:53 -0000

Version 2.35.3-1 of Git has been uploaded and should be coming soon to a
mirror near you.

This is an update to the latest upstream release; it contains two fixes,
one improving the security of yesterday's security fix for
CVE-2022-24765, and one improving the usability of that fix:

> * The code that was meant to parse the new `safe.directory`
>   configuration variable was not checking what configuration
>   variable was being fed to it, which has been corrected.
>
> * '*' can be used as the value for the `safe.directory` variable to
>   signal that the user considers that any directory is safe.

This update includes the following patches:

- git
- git-cvs
- git-debuginfo
- git-email
- git-gui
- gitk
- git-p4
- git-svn

As ever, the full upstream changelogs are available with the source package, or
at:

https://git.kernel.org/cgit/git/git.git/tree/Documentation/RelNotes
https://github.com/git/git/tree/master/Documentation/RelNotes

Enjoy!