From a5e5a352fef879bbc8b0efc1e50f2c94ca4069ad Mon Sep 17 00:00:00 2001 From: Petr Stodulka Date: Wed, 29 Mar 2017 13:28:22 +0200 Subject: [PATCH] Resolves: CVE-2014-9938 do not put unsanitized branch names in $PS1 --- 0007-git-prompt.patch | 53 +++++++++++++++++++++++++++++++++++++++++++ git.spec | 9 +++++++- 2 files changed, 61 insertions(+), 1 deletion(-) create mode 100644 0007-git-prompt.patch diff --git a/0007-git-prompt.patch b/0007-git-prompt.patch new file mode 100644 index 0000000..a179403 --- /dev/null +++ b/0007-git-prompt.patch @@ -0,0 +1,53 @@ +From 7e546ae76da784185ba9515ed86e435ba17fdd65 Mon Sep 17 00:00:00 2001 +From: Petr Stodulka +Date: Wed, 29 Mar 2017 13:08:28 +0200 +Subject: [PATCH] git-prompt.sh: don't put unsanitized branch names in $PS1 + +--- + contrib/completion/git-prompt.sh | 9 ++++++--- + 1 file changed, 6 insertions(+), 3 deletions(-) + +diff --git a/contrib/completion/git-prompt.sh b/contrib/completion/git-prompt.sh +index eaf5c36..2c872e5 100644 +--- a/contrib/completion/git-prompt.sh ++++ b/contrib/completion/git-prompt.sh +@@ -360,8 +360,11 @@ __git_ps1 () + fi + + local f="$w$i$s$u" ++ b=${b##refs/heads/} + if [ $pcmode = yes ]; then + local gitstring= ++ __git_ps1_branch_name=$b ++ b="\${__git_ps1_branch_name}" + if [ -n "${GIT_PS1_SHOWCOLORHINTS-}" ]; then + local c_red='\e[31m' + local c_green='\e[32m' +@@ -371,7 +374,7 @@ __git_ps1 () + local ok_color=$c_green + local branch_color="$c_clear" + local flags_color="$c_lblue" +- local branchstring="$c${b##refs/heads/}" ++ local branchstring="$c$b" + + if [ $detached = no ]; then + branch_color="$ok_color" +@@ -400,13 +403,13 @@ __git_ps1 () + fi + gitstring="$gitstring\[$c_clear\]$r$p" + else +- gitstring="$c${b##refs/heads/}${f:+ $f}$r$p" ++ gitstring="$c$b${f:+ $f}$r$p" + fi + gitstring=$(printf -- "$printf_format" "$gitstring") + PS1="$ps1pc_start$gitstring$ps1pc_end" + else + # NO color option unless in PROMPT_COMMAND mode +- printf -- "$printf_format" "$c${b##refs/heads/}${f:+ $f}$r$p" ++ printf -- "$printf_format" "$c$b${f:+ $f}$r$p" + fi + fi + } +-- +2.5.5 + diff --git a/git.spec b/git.spec index 41c3be9..5cd6728 100644 --- a/git.spec +++ b/git.spec @@ -44,7 +44,7 @@ Name: git Version: 1.8.2.3 -Release: 1%{?dist} +Release: 2%{?dist} Summary: Fast Version Control System License: GPLv2 Group: Development/Tools @@ -73,6 +73,8 @@ Patch10: 0004-http-limit-redirection-to-protocol-whitelist.patch Patch11: 0005-http-limit-redirection-depth.patch # CVE-2016-2315 / CVE-2016-2324 Patch12: 0001-Fix-CVE-2016-2315-CVE-2016-2324.patch +# CVE-2014-9938 +Patch13: 0007-git-prompt.patch BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) @@ -286,6 +288,7 @@ Requires: emacs-git = %{version}-%{release} %patch10 -p1 %patch11 -p1 %patch12 -p1 +%patch13 -p1 %if %{use_prebuilt_docs} mkdir -p prebuilt_docs/{html,man} @@ -577,6 +580,10 @@ rm -rf %{buildroot} # No files for you! %changelog +* Wed Mar 29 2017 Petr Stodulka - 1.8.2.3-2 +- do not put unsanitized branch names in $PS1 + Resolves: CVE-2014-9938 + * Mon Apr 18 2016 Todd Zullinger - 1.8.2.3-1 - Update to 1.8.2.3 - Apply Petr's fix for CVE-2016-2315 CVE-2016-2324 from el6 (#1318252)