update to 2.21.1

Per the upstream release announcement¹, this release fixes "various
security flaws, which allowed an attacker to overwrite arbitrary paths,
remotely execute code, and/or overwrite files in the .git/ directory
etc.  See the release notes attached for the list for their descriptions
and CVE identifiers."

Refer to the 2.14.6 release notes² for details on these vulnerabilities.

¹ https://lore.kernel.org/git/xmqqr21cqcn9.fsf@gitster-ct.c.googlers.com/
² https://www.kernel.org/pub/software/scm/git/docs/RelNotes/2.14.6.txt
This commit is contained in:
Todd Zullinger 2019-12-10 13:40:55 -05:00
commit 89edc4e1e3
2 changed files with 7 additions and 3 deletions

View file

@ -87,7 +87,7 @@
#global rcrev .rc0
Name: git
Version: 2.21.0
Version: 2.21.1
Release: 1%{?rcrev}%{?dist}
Summary: Fast Version Control System
License: GPLv2
@ -955,6 +955,10 @@ rmdir --ignore-fail-on-non-empty "$testdir"
%{?with_docs:%{_pkgdocdir}/git-svn.html}
%changelog
* Tue Dec 10 2019 Todd Zullinger <tmz@pobox.com> - 2.21.1-1
- update to 2.21.1 (CVE-2019-1348, CVE-2019-1349, CVE-2019-1350, CVE-2019-1351,
CVE-2019-1352, CVE-2019-1353, CVE-2019-1354, and CVE-2019-1387)
* Sun Feb 24 2019 Todd Zullinger <tmz@pobox.com> - 2.21.0-1
- Update to 2.21.0
- Move gitweb manpages to gitweb package

View file

@ -1,2 +1,2 @@
SHA512 (git-2.21.0.tar.xz) = 83f57c3950a07f6773a3aea66611d22daba0e5599e5d8f0751a16f6fdbeab0f3844d942a39a5642051212df99d1d4513253c36829b1454b4f0977cc6026fd973
SHA512 (git-2.21.0.tar.sign) = fbde8164e0c6d5f1447849ab573d5fe6d3585c1c463b75a81ce3f65cba0559cb84a2c63f13663e5c7fe5119e607a304e52cb13183babc40da72421a5c1a5db1b
SHA512 (git-2.21.1.tar.xz) = c4f1930effe4b7cddbdc3a5ea0f1503683089d5dfdae491dd7f752f35b655b31fbef569a993ef412962cf9c74a225eafe095f792d493f37b20789e5c643261a1
SHA512 (git-2.21.1.tar.sign) = c27dc5a4de9ee136cd5a97d7fca7349de7c94c18e809925584c6bf0df9e71325c4d6706f20cae9101d1a8eb437f45cf9d1b4c00689c116a9fba1e36e870ed345