* [PATCH 1/1] git: update to v2.7.4 @ 2016-03-17 21:27 list 2016-03-18 20:49 ` peter 0 siblings, 1 reply; 6+ messages in thread From: list @ 2016-03-17 21:27 UTC (permalink / raw) From: Christian Hesse <mail at eworm.de> Update to git version v2.7.4, no changes required. Signed-off-by: Christian Hesse <mail at eworm.de> --- Makefile | 2 +- git | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/Makefile b/Makefile index c01701c..87d82b6 100644 --- a/Makefile +++ b/Makefile @@ -14,7 +14,7 @@ htmldir = $(docdir) pdfdir = $(docdir) mandir = $(prefix)/share/man SHA1_HEADER = <openssl/sha.h> -GIT_VER = 2.7.2 +GIT_VER = 2.7.4 GIT_URL = https://www.kernel.org/pub/software/scm/git/git-$(GIT_VER).tar.gz INSTALL = install COPYTREE = cp -r diff --git a/git b/git index 326e5bc..937978e 160000 --- a/git +++ b/git @@ -1 +1 @@ -Subproject commit 326e5bc91eecf73234ead29636207bc516573e79 +Subproject commit 937978e0f3e750d917768c77665d5f8cfbd802b6 -- 2.7.3 ^ permalink raw reply [flat|nested] 6+ messages in thread
* [PATCH 1/1] git: update to v2.7.4 2016-03-17 21:27 [PATCH 1/1] git: update to v2.7.4 list @ 2016-03-18 20:49 ` peter 2016-03-18 22:21 ` Jason 0 siblings, 1 reply; 6+ messages in thread From: peter @ 2016-03-18 20:49 UTC (permalink / raw) On Thu, Mar 17, 2016 at 10:27:02PM +0100, Christian Hesse wrote: > Update to git version v2.7.4, no changes required. Could you tag a new cgit version based on this commit? git v2.7.4 resolves multiple vulnerabilities: https://raw.githubusercontent.com/git/git/master/Documentation/RelNotes/2.7.4.txt Peter ^ permalink raw reply [flat|nested] 6+ messages in thread
* [PATCH 1/1] git: update to v2.7.4 2016-03-18 20:49 ` peter @ 2016-03-18 22:21 ` Jason 2016-05-31 22:11 ` peter 0 siblings, 1 reply; 6+ messages in thread From: Jason @ 2016-03-18 22:21 UTC (permalink / raw) Yes, I'll try to get that done this weekend. ^ permalink raw reply [flat|nested] 6+ messages in thread
* [PATCH 1/1] git: update to v2.7.4 2016-03-18 22:21 ` Jason @ 2016-05-31 22:11 ` peter 2016-06-01 4:39 ` Jason 0 siblings, 1 reply; 6+ messages in thread From: peter @ 2016-05-31 22:11 UTC (permalink / raw) On Fri, Mar 18, 2016 at 11:21:56PM +0100, Jason A. Donenfeld wrote: > Yes, I'll try to get that done this weekend. Any chance you could tag a new release in June? The latest cgit release (0.12) still contains a git version (2.7.0) with known security vulnerabilities. Thanks, Peter ^ permalink raw reply [flat|nested] 6+ messages in thread
* [PATCH 1/1] git: update to v2.7.4 2016-05-31 22:11 ` peter @ 2016-06-01 4:39 ` Jason 2016-06-01 9:01 ` john 0 siblings, 1 reply; 6+ messages in thread From: Jason @ 2016-06-01 4:39 UTC (permalink / raw) Does that vuln apply to our usage of libgit? -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.zx2c4.com/pipermail/cgit/attachments/20160601/63628501/attachment.html> ^ permalink raw reply [flat|nested] 6+ messages in thread
* [PATCH 1/1] git: update to v2.7.4 2016-06-01 4:39 ` Jason @ 2016-06-01 9:01 ` john 0 siblings, 0 replies; 6+ messages in thread From: john @ 2016-06-01 9:01 UTC (permalink / raw) On Wed, Jun 01, 2016 at 01:39:01PM +0900, Jason A. Donenfeld wrote: > Does that vuln apply to our usage of libgit? Yes, I think CVE-2016-2315 affects anything that uses libgit's tree reading code. ^ permalink raw reply [flat|nested] 6+ messages in thread
end of thread, other threads:[~2016-06-01 9:01 UTC | newest] Thread overview: 6+ messages (download: mbox.gz / follow: Atom feed) -- links below jump to the message on this page -- 2016-03-17 21:27 [PATCH 1/1] git: update to v2.7.4 list 2016-03-18 20:49 ` peter 2016-03-18 22:21 ` Jason 2016-05-31 22:11 ` peter 2016-06-01 4:39 ` Jason 2016-06-01 9:01 ` john
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox; as well as URLs for NNTP newsgroup(s).