* [bug#55001] [PATCH] gnu: git: Update to 2.35.2 [fixes CVE-2022-24765].
@ 2022-04-18 13:42 Zhu Zihao
[not found] ` <handler.55001.B.165028941728102.ack@debbugs.gnu.org>
2022-04-18 15:53 ` [bug#55001] " Greg Hogan
0 siblings, 2 replies; 10+ messages in thread
From: Zhu Zihao @ 2022-04-18 13:42 UTC (permalink / raw)
To: 55001
[-- Attachment #1.1: Type: text/plain, Size: 0 bytes --]
[-- Attachment #1.2: signature.asc --]
[-- Type: application/pgp-signature, Size: 255 bytes --]
[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #2: 0001-gnu-git-Update-to-2.35.2-fixes-CVE-2022-24765.patch --]
[-- Type: text/x-patch, Size: 1620 bytes --]
From c1ced93b4acc56f9a33d10ebed8b1cefc7dc1b9d Mon Sep 17 00:00:00 2001
From: Zhu Zihao <all_but_last@163.com>
Date: Mon, 18 Apr 2022 21:40:19 +0800
Subject: [PATCH] gnu: git: Update to 2.35.2 [fixes CVE-2022-24765].
See https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24765
* gnu/packages/version-control.scm (git): Update to 2.35.2.
---
gnu/packages/version-control.scm | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/gnu/packages/version-control.scm b/gnu/packages/version-control.scm
index d77c2e51f6..9902483d76 100644
--- a/gnu/packages/version-control.scm
+++ b/gnu/packages/version-control.scm
@@ -221,14 +221,14 @@ (define git-cross-configure-flags
(define-public git
(package
(name "git")
- (version "2.35.1")
+ (version "2.35.2")
(source (origin
(method url-fetch)
(uri (string-append "mirror://kernel.org/software/scm/git/git-"
version ".tar.xz"))
(sha256
(base32
- "100h37cpw49pmlpf6lcpm1xi578gllf6y9in60h5mxj3cj754s6p"))))
+ "1wq0wrdg81b324y17fr4jaw5zk2i4fah0f99rhndpsywlm7hqgf7"))))
(build-system gnu-build-system)
(native-inputs
`(("native-perl" ,perl)
@@ -248,7 +248,7 @@ (define-public git
version ".tar.xz"))
(sha256
(base32
- "00rqdj2bc3i7pfc16pciiz50ww41jkqg18iy5hi5jnf0y98sgqz4"))))
+ "1s3fbnl2slwd3b5j2281z8jwypsqydd1n7yg90v7vb369njvmsd0"))))
;; For subtree documentation.
("asciidoc" ,asciidoc)
("docbook-xsl" ,docbook-xsl)
--
2.35.1
[-- Attachment #3: Type: text/plain, Size: 100 bytes --]
--
Retrieve my PGP public key:
gpg --recv-keys D47A9C8B2AE3905B563D9135BE42B352A9F6821F
Zihao
^ permalink raw reply related [flat|nested] 10+ messages in thread
[parent not found: <handler.55001.B.165028941728102.ack@debbugs.gnu.org>]
* [bug#55001] Acknowledgement ([PATCH] gnu: git: Update to 2.35.2 [fixes CVE-2022-24765].)
[not found] ` <handler.55001.B.165028941728102.ack@debbugs.gnu.org>
@ 2022-04-18 14:23 ` Zhu Zihao
2022-04-18 17:33 ` Greg Hogan
0 siblings, 1 reply; 10+ messages in thread
From: Zhu Zihao @ 2022-04-18 14:23 UTC (permalink / raw)
To: 55001
[-- Attachment #1.1: Type: text/plain, Size: 28 bytes --]
Update to 2.35.3 instead.
[-- Attachment #1.2: signature.asc --]
[-- Type: application/pgp-signature, Size: 255 bytes --]
[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #2: 0001-gnu-git-Update-to-2.35.3-fixes-CVE-2022-24765.patch --]
[-- Type: text/x-patch, Size: 1620 bytes --]
From ecae314a30e43a4d706b68dc3345a2b32303e8fe Mon Sep 17 00:00:00 2001
From: Zhu Zihao <all_but_last@163.com>
Date: Mon, 18 Apr 2022 21:40:19 +0800
Subject: [PATCH] gnu: git: Update to 2.35.3 [fixes CVE-2022-24765].
See https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24765
* gnu/packages/version-control.scm (git): Update to 2.35.3.
---
gnu/packages/version-control.scm | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/gnu/packages/version-control.scm b/gnu/packages/version-control.scm
index d77c2e51f6..1fbfe0b9bd 100644
--- a/gnu/packages/version-control.scm
+++ b/gnu/packages/version-control.scm
@@ -221,14 +221,14 @@ (define git-cross-configure-flags
(define-public git
(package
(name "git")
- (version "2.35.1")
+ (version "2.35.3")
(source (origin
(method url-fetch)
(uri (string-append "mirror://kernel.org/software/scm/git/git-"
version ".tar.xz"))
(sha256
(base32
- "100h37cpw49pmlpf6lcpm1xi578gllf6y9in60h5mxj3cj754s6p"))))
+ "18hgw3g4vc78nk6lic2sbw0h22bwbh6a0qnb63zrzvgjkd7xps8m"))))
(build-system gnu-build-system)
(native-inputs
`(("native-perl" ,perl)
@@ -248,7 +248,7 @@ (define-public git
version ".tar.xz"))
(sha256
(base32
- "00rqdj2bc3i7pfc16pciiz50ww41jkqg18iy5hi5jnf0y98sgqz4"))))
+ "0973y7g356fjyrqxgvac04g3qhf6fbs3lzpizl1skkri0zh7x357"))))
;; For subtree documentation.
("asciidoc" ,asciidoc)
("docbook-xsl" ,docbook-xsl)
--
2.35.1
[-- Attachment #3: Type: text/plain, Size: 100 bytes --]
--
Retrieve my PGP public key:
gpg --recv-keys D47A9C8B2AE3905B563D9135BE42B352A9F6821F
Zihao
^ permalink raw reply related [flat|nested] 10+ messages in thread
* [bug#55001] Acknowledgement ([PATCH] gnu: git: Update to 2.35.2 [fixes CVE-2022-24765].)
2022-04-18 14:23 ` [bug#55001] Acknowledgement ([PATCH] gnu: git: Update to 2.35.2 [fixes CVE-2022-24765].) Zhu Zihao
@ 2022-04-18 17:33 ` Greg Hogan
2022-04-19 9:19 ` [bug#55001] gnu: git: Update to 2.36.0 [fixes CVE-2022-24765] Was: " Zhu Zihao
0 siblings, 1 reply; 10+ messages in thread
From: Greg Hogan @ 2022-04-18 17:33 UTC (permalink / raw)
To: Zhu Zihao; +Cc: 55001
[-- Attachment #1: Type: text/plain, Size: 255 bytes --]
And now git 2.36 has been released.
On Mon, Apr 18, 2022 at 10:25 AM Zhu Zihao <all_but_last@163.com> wrote:
>
> Update to 2.35.3 instead.
>
>
> --
> Retrieve my PGP public key:
>
> gpg --recv-keys D47A9C8B2AE3905B563D9135BE42B352A9F6821F
>
> Zihao
>
[-- Attachment #2: Type: text/html, Size: 570 bytes --]
^ permalink raw reply [flat|nested] 10+ messages in thread
* [bug#55001] gnu: git: Update to 2.36.0 [fixes CVE-2022-24765] Was: Acknowledgement ([PATCH] gnu: git: Update to 2.35.2 [fixes CVE-2022-24765].)
2022-04-18 17:33 ` Greg Hogan
@ 2022-04-19 9:19 ` Zhu Zihao
2022-04-19 14:08 ` Greg Hogan
0 siblings, 1 reply; 10+ messages in thread
From: Zhu Zihao @ 2022-04-19 9:19 UTC (permalink / raw)
To: Greg Hogan; +Cc: 55001
[-- Attachment #1.1: Type: text/plain, Size: 155 bytes --]
Greg Hogan <code@greghogan.com> writes:
> And now git 2.36 has been released.
A new patch that updates to 2.36 is uploaded. Thanks for your mention :)
[-- Attachment #1.2: signature.asc --]
[-- Type: application/pgp-signature, Size: 255 bytes --]
[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #2: 0001-gnu-git-Update-to-2.36.0-fixes-CVE-2022-24765.patch --]
[-- Type: text/x-patch, Size: 1620 bytes --]
From bad9eea70d56ec9ace36f7f62c5ea7c8f3e399a3 Mon Sep 17 00:00:00 2001
From: Zhu Zihao <all_but_last@163.com>
Date: Mon, 18 Apr 2022 21:40:19 +0800
Subject: [PATCH] gnu: git: Update to 2.36.0 [fixes CVE-2022-24765].
See https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24765
* gnu/packages/version-control.scm (git): Update to 2.36.0.
---
gnu/packages/version-control.scm | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/gnu/packages/version-control.scm b/gnu/packages/version-control.scm
index d77c2e51f6..ff9c6f7c14 100644
--- a/gnu/packages/version-control.scm
+++ b/gnu/packages/version-control.scm
@@ -221,14 +221,14 @@ (define git-cross-configure-flags
(define-public git
(package
(name "git")
- (version "2.35.1")
+ (version "2.36.0")
(source (origin
(method url-fetch)
(uri (string-append "mirror://kernel.org/software/scm/git/git-"
version ".tar.xz"))
(sha256
(base32
- "100h37cpw49pmlpf6lcpm1xi578gllf6y9in60h5mxj3cj754s6p"))))
+ "1ly13j37h1y8bgcj3h0cl43vcpwk9j4gsasssk8gar44cp0vypmg"))))
(build-system gnu-build-system)
(native-inputs
`(("native-perl" ,perl)
@@ -248,7 +248,7 @@ (define-public git
version ".tar.xz"))
(sha256
(base32
- "00rqdj2bc3i7pfc16pciiz50ww41jkqg18iy5hi5jnf0y98sgqz4"))))
+ "0p6vc6nyaibx2lxirjj2nm5spk5q6svz8l3w0pqnaa3i7l7c6qy0"))))
;; For subtree documentation.
("asciidoc" ,asciidoc)
("docbook-xsl" ,docbook-xsl)
--
2.35.1
[-- Attachment #3: Type: text/plain, Size: 100 bytes --]
--
Retrieve my PGP public key:
gpg --recv-keys D47A9C8B2AE3905B563D9135BE42B352A9F6821F
Zihao
^ permalink raw reply related [flat|nested] 10+ messages in thread
* [bug#55001] [PATCH] gnu: git: Update to 2.35.2 [fixes CVE-2022-24765].
2022-04-18 13:42 [bug#55001] [PATCH] gnu: git: Update to 2.35.2 [fixes CVE-2022-24765] Zhu Zihao
[not found] ` <handler.55001.B.165028941728102.ack@debbugs.gnu.org>
@ 2022-04-18 15:53 ` Greg Hogan
2022-04-18 16:02 ` Zhu Zihao
1 sibling, 1 reply; 10+ messages in thread
From: Greg Hogan @ 2022-04-18 15:53 UTC (permalink / raw)
To: Zhu Zihao; +Cc: 55001
[-- Attachment #1: Type: text/plain, Size: 286 bytes --]
Hi Zihao,
Is this not a Windows-only vulnerability and bugfix release (also
CVE-2022-24767)?
Greg
On Mon, Apr 18, 2022 at 9:44 AM Zhu Zihao <all_but_last@163.com> wrote:
>
> --
> Retrieve my PGP public key:
>
> gpg --recv-keys D47A9C8B2AE3905B563D9135BE42B352A9F6821F
>
> Zihao
>
[-- Attachment #2: Type: text/html, Size: 638 bytes --]
^ permalink raw reply [flat|nested] 10+ messages in thread
end of thread, other threads:[~2022-04-27 9:34 UTC | newest]
Thread overview: 10+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2022-04-18 13:42 [bug#55001] [PATCH] gnu: git: Update to 2.35.2 [fixes CVE-2022-24765] Zhu Zihao
[not found] ` <handler.55001.B.165028941728102.ack@debbugs.gnu.org>
2022-04-18 14:23 ` [bug#55001] Acknowledgement ([PATCH] gnu: git: Update to 2.35.2 [fixes CVE-2022-24765].) Zhu Zihao
2022-04-18 17:33 ` Greg Hogan
2022-04-19 9:19 ` [bug#55001] gnu: git: Update to 2.36.0 [fixes CVE-2022-24765] Was: " Zhu Zihao
2022-04-19 14:08 ` Greg Hogan
2022-04-23 4:20 ` Zhu Zihao
2022-04-27 9:33 ` bug#55001: [PATCH] gnu: git: Update to 2.35.2 [fixes CVE-2022-24765] Mathieu Othacehe
2022-04-18 15:53 ` [bug#55001] " Greg Hogan
2022-04-18 16:02 ` Zhu Zihao
2022-04-18 18:03 ` Maxime Devos
Code repositories for project(s) associated with this public inbox
https://git.savannah.gnu.org/cgit/guix.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).