Accepted git 1:2.30.2-1+deb11u2 (source) into proposed-updates
- To: debian-changes@lists.debian.org
- Subject: Accepted git 1:2.30.2-1+deb11u2 (source) into proposed-updates
- From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
- Date: Thu, 23 Feb 2023 19:32:26 +0000
- Debian: DAK
- Debian-architecture: source
- Debian-archive-action: accept
- Debian-changes: git_2.30.2-1+deb11u2_source.changes
- Debian-source: git
- Debian-suite: proposed-updates
- Debian-version: 1:2.30.2-1+deb11u2
- Dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=ftp-master.debian.org; s=smtpauto.fasolo; h=Date:Message-Id: Content-Transfer-Encoding:Content-Type:Subject:MIME-Version:To:Reply-To:From: Cc:Content-ID:Content-Description:In-Reply-To:References; bh=55mmpdSIbRCSxp8DXvL+9OQ3xfJVrjXr92v5MpOeO2Y=; b=nxBoD1rIHS/Nau0H2NOydshbl7 7NlxUBzc/eO24JhunBRQ1olwXQabxmDGmDtM2mOh8PmyaxixY5IehrdL6Zav/2AC/bB78OTwHzhVI OIvDXWdLNsRF+xeJ7ZeJM1UWfkeWfk3c/mQcTHINw/AXR0nshhTkHhgUYCibHhZzAhWWEYLn86m1N MV13GxqMK0V/ho3siHy7gvMSI8hMbizhmAIrNp/pJDkQZNSuZ8xP4EXFlwKPcdj4mjcdwsNiK+ayD grmMMX4SlSUlHCqPFVBuhhHObkmWTeYj75ZXjK16hGnx0N41Ty1nhjtN7lo0kBzIoVDwvjsCvRypi H8MkZ9Dw==;
- Mail-followup-to: debian-devel@lists.debian.org
- Message-id: <E1pVHKM-002L6L-Dv@fasolo.debian.org>
- Reply-to: debian-devel@lists.debian.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Wed, 22 Feb 2023 17:51:09 +0800
Source: git
Architecture: source
Version: 1:2.30.2-1+deb11u2
Distribution: bullseye-security
Urgency: high
Maintainer: Jonathan Nieder <jrnieder@gmail.com>
Changed-By: Aron Xu <aron@debian.org>
Changes:
git (1:2.30.2-1+deb11u2) bullseye-security; urgency=high
.
* Non-maintainer upload by the Security Team.
* CVE-2023-22490: data exfiltration while performing local clone from
malicious repository
* CVE-2023-23946: path traversal vulnerbility in git-apply that a path
outside the working tree can be overwritten as the acting user
Checksums-Sha1:
d70cf7b6d7911420705654d67c905be7a625bfbd 2525 git_2.30.2-1+deb11u2.dsc
edacf69b3db1153a083dde7c4f4e58d567a9290b 698392 git_2.30.2-1+deb11u2.debian.tar.xz
4ab4bcb5f3fdd6625b44b1cedc22c091ac01ade7 7429 git_2.30.2-1+deb11u2_source.buildinfo
Checksums-Sha256:
81c919ef1a321ae7c6eb9ecbb29d1c0fc052ffe96d4c8540c04d64cdcc5ed5c6 2525 git_2.30.2-1+deb11u2.dsc
ca456459c18359a34008db6f68cd0f7bf470e3e4eb7093a982b67c51277a0f58 698392 git_2.30.2-1+deb11u2.debian.tar.xz
c118c9d47adbd0d4e58f95696d3d094d2f450730f0b55fd24cebdbad068069ff 7429 git_2.30.2-1+deb11u2_source.buildinfo
Files:
28d001269b7b8b85e55e017dd1d631fe 2525 vcs optional git_2.30.2-1+deb11u2.dsc
311b49f3834c1333bc55c3bc2742200e 698392 vcs optional git_2.30.2-1+deb11u2.debian.tar.xz
aefc9965b634558de2484e07ff46ca65 7429 vcs optional git_2.30.2-1+deb11u2_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iQEzBAEBCAAdFiEEhhz+aYQl/Bp4OTA7O1LKKgqv2VQFAmP16E0ACgkQO1LKKgqv
2VRUtQgAsVpJFEMOxjmXhcHX4QYIF9xjUosic4popvuBvbk+3raflcSkGFCYzIeg
dNmWltgUgwVcWdcA3HjpQ/2FZzGcJINbKJMJtQsVHRQ3Z7f5LQmdECKC8pCDW/Ro
a96ht0qOZF2KpzQMCFFScZv8cc9OqEOMBpkE6ORfa4XZ8qJPc7GOcqDGCecDlh8O
pWAOMi4wHtJxOVCv7qx1YMob2rlx9OTEQ1ldUAq9o9lnPeic22Phkb++3j1SbVeJ
rJx9Bwh+wUzeeGNwFGje1JJU+itgms/vkSzJ+8BGQMEWqdMRGffiQva5T/RLt1Im
EgbLsEwO4bXg71YgiEtiXM0vbhc+cw==
=6MQU
-----END PGP SIGNATURE-----