diff --git a/backport-CVE-2024-50349-credential-sanitize-the-user-prompt.patch b/backport-CVE-2024-50349-credential-sanitize-the-user-prompt.patch index 74d21406157999d3cf2e3d53779d333fe0906f84..d84011186b2f643e38780af721804cd4ee80ecfa 100644 --- a/backport-CVE-2024-50349-credential-sanitize-the-user-prompt.patch +++ b/backport-CVE-2024-50349-credential-sanitize-the-user-prompt.patch @@ -106,7 +106,7 @@ index 935b28a7..0364d436 100644 +#define CREDENTIAL_INIT { \ + .helpers = STRING_LIST_INIT_DUP, \ + .sanitize_prompt = 1, \ -+}; ++} /* Initialize a credential structure, setting all fields to empty. */ void credential_init(struct credential *); diff --git a/backport-CVE-2024-52006-credential-disallow-Carriage-Returns-in-the-protocol.patch b/backport-CVE-2024-52006-credential-disallow-Carriage-Returns-in-the-protocol.patch index c973f85e5b6965c0f7bfe57e361e31c94d2a32f8..69eb534f245b42c56298885017f6a7523fba23f0 100644 --- a/backport-CVE-2024-52006-credential-disallow-Carriage-Returns-in-the-protocol.patch +++ b/backport-CVE-2024-52006-credential-disallow-Carriage-Returns-in-the-protocol.patch @@ -126,7 +126,7 @@ index 0364d436..2c0b39a9 100644 .helpers = STRING_LIST_INIT_DUP, \ .sanitize_prompt = 1, \ + .protect_protocol = 1, \ - }; + } /* Initialize a credential structure, setting all fields to empty. */ diff --git a/t/t0300-credentials.sh b/t/t0300-credentials.sh diff --git a/git.spec b/git.spec index eea8551d6dfa3f457103628fb2e32191efa23122..b73efbabb69f158ffecd304aa0f9154835321726 100644 --- a/git.spec +++ b/git.spec @@ -1,7 +1,7 @@ %global gitexecdir %{_libexecdir}/git-core Name: git Version: 2.27.0 -Release: 22 +Release: 23 Summary: A popular and widely used Version Control System License: GPLv2+ or LGPLv2.1 URL: https://git-scm.com/ @@ -329,6 +329,12 @@ make %{?_smp_mflags} test %{_mandir}/man7/git*.7.* %changelog +* Thu Jan 23 2025 fuanan - 2.27.0-23 +- Type:bugfix +- ID:NA +- SUG:NA +- DESC:fix syntax error + * Fri Jan 17 2025 fuanan - 2.27.0-22 - Type:CVE - ID:CVE-2024-52005