From 716550b90ac02764311b615f80b9af6cbb821f43 Mon Sep 17 00:00:00 2001 From: Yanko Kaneti Date: Wed, 5 Feb 2025 17:10:11 +0200 Subject: [PATCH 01/22] Keep gitk on tcl/tk 8.x until its ready for 9 --- git.spec | 13 +++++++++++-- 1 file changed, 11 insertions(+), 2 deletions(-) diff --git a/git.spec b/git.spec index 01250b4..b3c5c65 100644 --- a/git.spec +++ b/git.spec @@ -79,7 +79,7 @@ Name: git Version: 2.48.1 -Release: 2%{?dist} +Release: 3%{?dist} Summary: Fast Version Control System License: BSD-3-Clause AND GPL-2.0-only AND GPL-2.0-or-later AND LGPL-2.1-or-later AND MIT URL: https://git-scm.com/ @@ -429,7 +429,9 @@ Summary: Git repository browser BuildArch: noarch Requires: git = %{version}-%{release} Requires: git-gui = %{version}-%{release} -Requires: tk >= 8.4 +# Keep gitk on tcl/tk 8.x until its ready for 9 (also see below in config.mk) +# https://github.com/j6t/gitk/issues/5 +Requires: tk8 >= 8.4 %description -n gitk %{summary}. @@ -587,6 +589,10 @@ gitwebdir = %{_localstatedir}/www/git DEFAULT_TEST_TARGET = prove GIT_PROVE_OPTS = --verbose --normalize %{?_smp_mflags} --formatter=TAP::Formatter::File GIT_TEST_OPTS = -x --verbose-log + +# Keep gitk on tcl/tk 8.x until its ready for 9 (see more above in gitk requires) +TCLTK_PATH = wish8 +TCL_PATH = tclsh8 EOF # Filter bogus perl requires @@ -1040,6 +1046,9 @@ rmdir --ignore-fail-on-non-empty "$testdir" %{?with_docs:%{_pkgdocdir}/git-svn.html} %changelog +* Thu Feb 6 2025 Yanko Kaneti - 2.48.1-3 +- Keep gitk on tcl/tk 8.x until its ready for 9 + * Thu Jan 16 2025 Fedora Release Engineering - 2.48.1-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild From c32b31fe4f76087ff8b67c27388b3dcf04fddb88 Mon Sep 17 00:00:00 2001 From: Yanko Kaneti Date: Wed, 5 Feb 2025 17:10:11 +0200 Subject: [PATCH 02/22] Keep gitk on tcl/tk 8.x until its ready for 9 --- git.spec | 13 +++++++++++-- 1 file changed, 11 insertions(+), 2 deletions(-) diff --git a/git.spec b/git.spec index 01250b4..b3c5c65 100644 --- a/git.spec +++ b/git.spec @@ -79,7 +79,7 @@ Name: git Version: 2.48.1 -Release: 2%{?dist} +Release: 3%{?dist} Summary: Fast Version Control System License: BSD-3-Clause AND GPL-2.0-only AND GPL-2.0-or-later AND LGPL-2.1-or-later AND MIT URL: https://git-scm.com/ @@ -429,7 +429,9 @@ Summary: Git repository browser BuildArch: noarch Requires: git = %{version}-%{release} Requires: git-gui = %{version}-%{release} -Requires: tk >= 8.4 +# Keep gitk on tcl/tk 8.x until its ready for 9 (also see below in config.mk) +# https://github.com/j6t/gitk/issues/5 +Requires: tk8 >= 8.4 %description -n gitk %{summary}. @@ -587,6 +589,10 @@ gitwebdir = %{_localstatedir}/www/git DEFAULT_TEST_TARGET = prove GIT_PROVE_OPTS = --verbose --normalize %{?_smp_mflags} --formatter=TAP::Formatter::File GIT_TEST_OPTS = -x --verbose-log + +# Keep gitk on tcl/tk 8.x until its ready for 9 (see more above in gitk requires) +TCLTK_PATH = wish8 +TCL_PATH = tclsh8 EOF # Filter bogus perl requires @@ -1040,6 +1046,9 @@ rmdir --ignore-fail-on-non-empty "$testdir" %{?with_docs:%{_pkgdocdir}/git-svn.html} %changelog +* Thu Feb 6 2025 Yanko Kaneti - 2.48.1-3 +- Keep gitk on tcl/tk 8.x until its ready for 9 + * Thu Jan 16 2025 Fedora Release Engineering - 2.48.1-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild From 9a2fecfe2e676dc896cb02242d9b29b5643ce460 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ond=C5=99ej=20Poho=C5=99elsk=C3=BD?= Date: Mon, 17 Mar 2025 15:37:51 +0100 Subject: [PATCH 03/22] update to 2.49.0 --- git.spec | 45 +++++++++++++++++++++++++++++---------------- sources | 4 ++-- 2 files changed, 31 insertions(+), 18 deletions(-) diff --git a/git.spec b/git.spec index b3c5c65..b19d845 100644 --- a/git.spec +++ b/git.spec @@ -78,8 +78,8 @@ %global _package_note_file %{_builddir}/%{name}-%{real_version}/.package_note-%{name}-%{version}-%{release}.%{_arch}.ld Name: git -Version: 2.48.1 -Release: 3%{?dist} +Version: 2.49.0 +Release: 1%{?dist} Summary: Fast Version Control System License: BSD-3-Clause AND GPL-2.0-only AND GPL-2.0-or-later AND LGPL-2.1-or-later AND MIT URL: https://git-scm.com/ @@ -538,7 +538,7 @@ install -p -m 755 %{SOURCE99} print-failed-test-output # Remove git-archimport sed -i '/^SCRIPT_PERL += git-archimport\.perl$/d' Makefile sed -i '/^git-archimport/d' command-list.txt -rm git-archimport.perl Documentation/git-archimport.txt +rm git-archimport.perl Documentation/git-archimport.adoc %if %{without cvs} # Remove git-cvs* from command list @@ -615,7 +615,7 @@ sed -i 's@"++GITWEB_HOME_LINK_STR++"@$ENV{"SERVER_NAME"} ? "git://" . $ENV{"SERV # Move contrib/{contacts,subtree} docs to Documentation so they build with the # proper asciidoc/docbook/xmlto options -mv contrib/{contacts,subtree}/git-*.txt Documentation/ +mv contrib/{contacts,subtree}/git-*.adoc Documentation/ %build # Improve build reproducibility @@ -782,7 +782,7 @@ grep -E "$not_core_re" bin-man-doc-files > bin-man-doc-git-files # contrib not_core_doc_re="(git-(cvs|gui|citool|daemon|instaweb|subtree))|p4|svn|email|gitk|gitweb" mkdir -p %{buildroot}%{_pkgdocdir}/ -cp -pr CODE_OF_CONDUCT.md README.md Documentation/*.txt Documentation/RelNotes contrib %{buildroot}%{_pkgdocdir}/ +cp -pr CODE_OF_CONDUCT.md README.md Documentation/*.adoc Documentation/RelNotes contrib %{buildroot}%{_pkgdocdir}/ # Remove contrib/ files/dirs which have nothing useful for documentation rm -rf %{buildroot}%{_pkgdocdir}/contrib/{contacts,credential}/ cp -p gitweb/INSTALL %{buildroot}%{_pkgdocdir}/INSTALL.gitweb @@ -874,6 +874,16 @@ GIT_SKIP_TESTS="$GIT_SKIP_TESTS t5300.1[02348] t5300.2[03459] t5300.30 t5300.4[5 %endif # endif rhel == 8 && arch == s390x +%if "%{_arch}" == "s390x" +# Skip tests which fail on s390x +# +# The following tests are failing on s390x. +# https://lore.kernel.org/git/Z8dIZmscTdi8dZAY@teonanacatl.net/ +# +# t5620.4 'do partial clone 2, backfill min batch size' +GIT_SKIP_TESTS="$GIT_SKIP_TESTS t5620.4" +%endif +# endif "%{_arch}" == "s390x" export GIT_SKIP_TESTS # Set LANG so various UTF-8 tests are run @@ -959,7 +969,7 @@ rmdir --ignore-fail-on-non-empty "$testdir" %if %{with cvs} %files cvs -%{_pkgdocdir}/*git-cvs*.txt +%{_pkgdocdir}/*git-cvs*.adoc %{_bindir}/git-cvsserver %{gitexecdir}/*cvs* %{?with_docs:%{_mandir}/man1/*cvs*.1*} @@ -968,7 +978,7 @@ rmdir --ignore-fail-on-non-empty "$testdir" # endif with cvs %files daemon -%{_pkgdocdir}/git-daemon*.txt +%{_pkgdocdir}/git-daemon*.adoc %{_unitdir}/git.socket %config(noreplace) %{_unitdir}/git@.service %{gitexecdir}/git-daemon @@ -977,13 +987,13 @@ rmdir --ignore-fail-on-non-empty "$testdir" %{?with_docs:%{_pkgdocdir}/git-daemon*.html} %files email -%{_pkgdocdir}/*email*.txt +%{_pkgdocdir}/*email*.adoc %{gitexecdir}/*email* %{?with_docs:%{_mandir}/man1/*email*.1*} %{?with_docs:%{_pkgdocdir}/*email*.html} %files -n gitk -%{_pkgdocdir}/*gitk*.txt +%{_pkgdocdir}/*gitk*.adoc %{_bindir}/*gitk* %{_datadir}/gitk %{bash_completions_dir}/gitk @@ -992,7 +1002,7 @@ rmdir --ignore-fail-on-non-empty "$testdir" %files -n gitweb %{_pkgdocdir}/*.gitweb -%{_pkgdocdir}/gitweb*.txt +%{_pkgdocdir}/gitweb*.adoc %{?with_docs:%{_mandir}/man1/gitweb.1*} %{?with_docs:%{_mandir}/man5/gitweb.conf.5*} %{?with_docs:%{_pkgdocdir}/gitweb*.html} @@ -1005,8 +1015,8 @@ rmdir --ignore-fail-on-non-empty "$testdir" %{gitexecdir}/git-citool %{_datadir}/applications/*git-gui.desktop %{_datadir}/git-gui/ -%{_pkgdocdir}/git-gui.txt -%{_pkgdocdir}/git-citool.txt +%{_pkgdocdir}/git-gui.adoc +%{_pkgdocdir}/git-citool.adoc %{?with_docs:%{_mandir}/man1/git-gui.1*} %{?with_docs:%{_pkgdocdir}/git-gui.html} %{?with_docs:%{_mandir}/man1/git-citool.1*} @@ -1014,7 +1024,7 @@ rmdir --ignore-fail-on-non-empty "$testdir" %files instaweb %{gitexecdir}/git-instaweb -%{_pkgdocdir}/git-instaweb.txt +%{_pkgdocdir}/git-instaweb.adoc %{?with_docs:%{_mandir}/man1/git-instaweb.1*} %{?with_docs:%{_pkgdocdir}/git-instaweb.html} @@ -1022,7 +1032,7 @@ rmdir --ignore-fail-on-non-empty "$testdir" %files p4 %{gitexecdir}/*p4* %{gitexecdir}/mergetools/p4merge -%{_pkgdocdir}/*p4*.txt +%{_pkgdocdir}/*p4*.adoc %{?with_docs:%{_mandir}/man1/*p4*.1*} %{?with_docs:%{_pkgdocdir}/*p4*.html} %endif @@ -1035,17 +1045,20 @@ rmdir --ignore-fail-on-non-empty "$testdir" %files subtree %{gitexecdir}/git-subtree -%{_pkgdocdir}/git-subtree.txt +%{_pkgdocdir}/git-subtree.adoc %{?with_docs:%{_mandir}/man1/git-subtree.1*} %{?with_docs:%{_pkgdocdir}/git-subtree.html} %files svn %{gitexecdir}/git-svn -%{_pkgdocdir}/git-svn.txt +%{_pkgdocdir}/git-svn.adoc %{?with_docs:%{_mandir}/man1/git-svn.1*} %{?with_docs:%{_pkgdocdir}/git-svn.html} %changelog +* Mon Mar 17 2025 Ondřej Pohořelský - 2.49.0-1 +- update to 2.49.0 + * Thu Feb 6 2025 Yanko Kaneti - 2.48.1-3 - Keep gitk on tcl/tk 8.x until its ready for 9 diff --git a/sources b/sources index d6bf8a9..25bd2d3 100644 --- a/sources +++ b/sources @@ -1,2 +1,2 @@ -SHA512 (git-2.48.1.tar.xz) = 75c89ab4ca83adc46989a4b05a9b482b40a7ba69d15aa1c1f27d0cee37c2908e154a75d59b0a0a540647352b9c55020f1a5ad309f0eff78e9fd8e631ef9e4606 -SHA512 (git-2.48.1.tar.sign) = 6d2308a71970940288137df76122ac402d1e5fdd2250fce5e6d4681d68b630bcfc109e56e4539598c6b5113024c78a25193d3b8d38c39ee547a37c1d8b2f4d15 +SHA512 (git-2.49.0.tar.xz) = 81a16415890305fc6cfd14ade8bee76779feba01f51c5446f40c14211654342c68ef0911859fa6e8e9ff0a718847bb44ee4156d03a19c9165df19ba91e09e1f0 +SHA512 (git-2.49.0.tar.sign) = e956f83ee0973295ec608aa6ab1df11992d8fc10f1702a0cdbf849f7659d94666fe714f60a7b4aeeed064bc49e1345791e3d8b0a867c075544eb48f01b84fd27 From 98e46f1051db75a45cba51f587d38f62d08e3de0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ond=C5=99ej=20Poho=C5=99elsk=C3=BD?= Date: Mon, 17 Mar 2025 15:37:51 +0100 Subject: [PATCH 04/22] update to 2.49.0 --- git.spec | 45 +++++++++++++++++++++++++++++---------------- sources | 4 ++-- 2 files changed, 31 insertions(+), 18 deletions(-) diff --git a/git.spec b/git.spec index b3c5c65..b19d845 100644 --- a/git.spec +++ b/git.spec @@ -78,8 +78,8 @@ %global _package_note_file %{_builddir}/%{name}-%{real_version}/.package_note-%{name}-%{version}-%{release}.%{_arch}.ld Name: git -Version: 2.48.1 -Release: 3%{?dist} +Version: 2.49.0 +Release: 1%{?dist} Summary: Fast Version Control System License: BSD-3-Clause AND GPL-2.0-only AND GPL-2.0-or-later AND LGPL-2.1-or-later AND MIT URL: https://git-scm.com/ @@ -538,7 +538,7 @@ install -p -m 755 %{SOURCE99} print-failed-test-output # Remove git-archimport sed -i '/^SCRIPT_PERL += git-archimport\.perl$/d' Makefile sed -i '/^git-archimport/d' command-list.txt -rm git-archimport.perl Documentation/git-archimport.txt +rm git-archimport.perl Documentation/git-archimport.adoc %if %{without cvs} # Remove git-cvs* from command list @@ -615,7 +615,7 @@ sed -i 's@"++GITWEB_HOME_LINK_STR++"@$ENV{"SERVER_NAME"} ? "git://" . $ENV{"SERV # Move contrib/{contacts,subtree} docs to Documentation so they build with the # proper asciidoc/docbook/xmlto options -mv contrib/{contacts,subtree}/git-*.txt Documentation/ +mv contrib/{contacts,subtree}/git-*.adoc Documentation/ %build # Improve build reproducibility @@ -782,7 +782,7 @@ grep -E "$not_core_re" bin-man-doc-files > bin-man-doc-git-files # contrib not_core_doc_re="(git-(cvs|gui|citool|daemon|instaweb|subtree))|p4|svn|email|gitk|gitweb" mkdir -p %{buildroot}%{_pkgdocdir}/ -cp -pr CODE_OF_CONDUCT.md README.md Documentation/*.txt Documentation/RelNotes contrib %{buildroot}%{_pkgdocdir}/ +cp -pr CODE_OF_CONDUCT.md README.md Documentation/*.adoc Documentation/RelNotes contrib %{buildroot}%{_pkgdocdir}/ # Remove contrib/ files/dirs which have nothing useful for documentation rm -rf %{buildroot}%{_pkgdocdir}/contrib/{contacts,credential}/ cp -p gitweb/INSTALL %{buildroot}%{_pkgdocdir}/INSTALL.gitweb @@ -874,6 +874,16 @@ GIT_SKIP_TESTS="$GIT_SKIP_TESTS t5300.1[02348] t5300.2[03459] t5300.30 t5300.4[5 %endif # endif rhel == 8 && arch == s390x +%if "%{_arch}" == "s390x" +# Skip tests which fail on s390x +# +# The following tests are failing on s390x. +# https://lore.kernel.org/git/Z8dIZmscTdi8dZAY@teonanacatl.net/ +# +# t5620.4 'do partial clone 2, backfill min batch size' +GIT_SKIP_TESTS="$GIT_SKIP_TESTS t5620.4" +%endif +# endif "%{_arch}" == "s390x" export GIT_SKIP_TESTS # Set LANG so various UTF-8 tests are run @@ -959,7 +969,7 @@ rmdir --ignore-fail-on-non-empty "$testdir" %if %{with cvs} %files cvs -%{_pkgdocdir}/*git-cvs*.txt +%{_pkgdocdir}/*git-cvs*.adoc %{_bindir}/git-cvsserver %{gitexecdir}/*cvs* %{?with_docs:%{_mandir}/man1/*cvs*.1*} @@ -968,7 +978,7 @@ rmdir --ignore-fail-on-non-empty "$testdir" # endif with cvs %files daemon -%{_pkgdocdir}/git-daemon*.txt +%{_pkgdocdir}/git-daemon*.adoc %{_unitdir}/git.socket %config(noreplace) %{_unitdir}/git@.service %{gitexecdir}/git-daemon @@ -977,13 +987,13 @@ rmdir --ignore-fail-on-non-empty "$testdir" %{?with_docs:%{_pkgdocdir}/git-daemon*.html} %files email -%{_pkgdocdir}/*email*.txt +%{_pkgdocdir}/*email*.adoc %{gitexecdir}/*email* %{?with_docs:%{_mandir}/man1/*email*.1*} %{?with_docs:%{_pkgdocdir}/*email*.html} %files -n gitk -%{_pkgdocdir}/*gitk*.txt +%{_pkgdocdir}/*gitk*.adoc %{_bindir}/*gitk* %{_datadir}/gitk %{bash_completions_dir}/gitk @@ -992,7 +1002,7 @@ rmdir --ignore-fail-on-non-empty "$testdir" %files -n gitweb %{_pkgdocdir}/*.gitweb -%{_pkgdocdir}/gitweb*.txt +%{_pkgdocdir}/gitweb*.adoc %{?with_docs:%{_mandir}/man1/gitweb.1*} %{?with_docs:%{_mandir}/man5/gitweb.conf.5*} %{?with_docs:%{_pkgdocdir}/gitweb*.html} @@ -1005,8 +1015,8 @@ rmdir --ignore-fail-on-non-empty "$testdir" %{gitexecdir}/git-citool %{_datadir}/applications/*git-gui.desktop %{_datadir}/git-gui/ -%{_pkgdocdir}/git-gui.txt -%{_pkgdocdir}/git-citool.txt +%{_pkgdocdir}/git-gui.adoc +%{_pkgdocdir}/git-citool.adoc %{?with_docs:%{_mandir}/man1/git-gui.1*} %{?with_docs:%{_pkgdocdir}/git-gui.html} %{?with_docs:%{_mandir}/man1/git-citool.1*} @@ -1014,7 +1024,7 @@ rmdir --ignore-fail-on-non-empty "$testdir" %files instaweb %{gitexecdir}/git-instaweb -%{_pkgdocdir}/git-instaweb.txt +%{_pkgdocdir}/git-instaweb.adoc %{?with_docs:%{_mandir}/man1/git-instaweb.1*} %{?with_docs:%{_pkgdocdir}/git-instaweb.html} @@ -1022,7 +1032,7 @@ rmdir --ignore-fail-on-non-empty "$testdir" %files p4 %{gitexecdir}/*p4* %{gitexecdir}/mergetools/p4merge -%{_pkgdocdir}/*p4*.txt +%{_pkgdocdir}/*p4*.adoc %{?with_docs:%{_mandir}/man1/*p4*.1*} %{?with_docs:%{_pkgdocdir}/*p4*.html} %endif @@ -1035,17 +1045,20 @@ rmdir --ignore-fail-on-non-empty "$testdir" %files subtree %{gitexecdir}/git-subtree -%{_pkgdocdir}/git-subtree.txt +%{_pkgdocdir}/git-subtree.adoc %{?with_docs:%{_mandir}/man1/git-subtree.1*} %{?with_docs:%{_pkgdocdir}/git-subtree.html} %files svn %{gitexecdir}/git-svn -%{_pkgdocdir}/git-svn.txt +%{_pkgdocdir}/git-svn.adoc %{?with_docs:%{_mandir}/man1/git-svn.1*} %{?with_docs:%{_pkgdocdir}/git-svn.html} %changelog +* Mon Mar 17 2025 Ondřej Pohořelský - 2.49.0-1 +- update to 2.49.0 + * Thu Feb 6 2025 Yanko Kaneti - 2.48.1-3 - Keep gitk on tcl/tk 8.x until its ready for 9 diff --git a/sources b/sources index d6bf8a9..25bd2d3 100644 --- a/sources +++ b/sources @@ -1,2 +1,2 @@ -SHA512 (git-2.48.1.tar.xz) = 75c89ab4ca83adc46989a4b05a9b482b40a7ba69d15aa1c1f27d0cee37c2908e154a75d59b0a0a540647352b9c55020f1a5ad309f0eff78e9fd8e631ef9e4606 -SHA512 (git-2.48.1.tar.sign) = 6d2308a71970940288137df76122ac402d1e5fdd2250fce5e6d4681d68b630bcfc109e56e4539598c6b5113024c78a25193d3b8d38c39ee547a37c1d8b2f4d15 +SHA512 (git-2.49.0.tar.xz) = 81a16415890305fc6cfd14ade8bee76779feba01f51c5446f40c14211654342c68ef0911859fa6e8e9ff0a718847bb44ee4156d03a19c9165df19ba91e09e1f0 +SHA512 (git-2.49.0.tar.sign) = e956f83ee0973295ec608aa6ab1df11992d8fc10f1702a0cdbf849f7659d94666fe714f60a7b4aeeed064bc49e1345791e3d8b0a867c075544eb48f01b84fd27 From a0b3d1a02bfce4c9462e90e3c093b81dbbdd9e81 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ond=C5=99ej=20Poho=C5=99elsk=C3=BD?= Date: Mon, 24 Mar 2025 11:47:14 +0100 Subject: [PATCH 05/22] Adds the option to sanitize sideband channel messages CVE-2024-52005 wasn't fixed by upstream. This patch adds the option to harden Git against it. The default behaviour of Git remains unchanged. --- ...9-sanitize-sideband-channel-messages.patch | 471 ++++++++++++++++++ git.spec | 12 +- 2 files changed, 482 insertions(+), 1 deletion(-) create mode 100644 git-2.49-sanitize-sideband-channel-messages.patch diff --git a/git-2.49-sanitize-sideband-channel-messages.patch b/git-2.49-sanitize-sideband-channel-messages.patch new file mode 100644 index 0000000..f3be95a --- /dev/null +++ b/git-2.49-sanitize-sideband-channel-messages.patch @@ -0,0 +1,471 @@ +From 328ff864183cdd0a4b779b5b88a3271b39a1b1a2 Mon Sep 17 00:00:00 2001 +From: Johannes Schindelin +Date: Wed, 6 Nov 2024 20:34:50 +0100 +Subject: [PATCH 1/4] sideband: mask control characters + +The output of `git clone` is a vital component for understanding what +has happened when things go wrong. However, these logs are partially +under the control of the remote server (via the "sideband", which +typically contains what the remote `git pack-objects` process sends to +`stderr`), and is currently not sanitized by Git. + +This makes Git susceptible to ANSI escape sequence injection (see +CWE-150, https://cwe.mitre.org/data/definitions/150.html), which allows +attackers to corrupt terminal state, to hide information, and even to +insert characters into the input buffer (i.e. as if the user had typed +those characters). + +To plug this vulnerability, disallow any control character in the +sideband, replacing them instead with the common `^` +(e.g. `^[` for `\x1b`, `^A` for `\x01`). + +There is likely a need for more fine-grained controls instead of using a +"heavy hammer" like this, which will be introduced subsequently. + +Signed-off-by: Johannes Schindelin +--- + sideband.c | 17 +++++++++++++++-- + t/t5409-colorize-remote-messages.sh | 12 ++++++++++++ + 2 files changed, 27 insertions(+), 2 deletions(-) + +diff --git a/sideband.c b/sideband.c +index 251e9615ed..81b1ff0805 100644 +--- a/sideband.c ++++ b/sideband.c +@@ -66,6 +66,19 @@ void list_config_color_sideband_slots(struct string_list *list, const char *pref + list_config_item(list, prefix, keywords[i].keyword); + } + ++static void strbuf_add_sanitized(struct strbuf *dest, const char *src, int n) ++{ ++ strbuf_grow(dest, n); ++ for (; n && *src; src++, n--) { ++ if (!iscntrl(*src) || *src == '\t' || *src == '\n') ++ strbuf_addch(dest, *src); ++ else { ++ strbuf_addch(dest, '^'); ++ strbuf_addch(dest, 0x40 + *src); ++ } ++ } ++} ++ + /* + * Optionally highlight one keyword in remote output if it appears at the start + * of the line. This should be called for a single line only, which is +@@ -81,7 +94,7 @@ static void maybe_colorize_sideband(struct strbuf *dest, const char *src, int n) + int i; + + if (!want_color_stderr(use_sideband_colors())) { +- strbuf_add(dest, src, n); ++ strbuf_add_sanitized(dest, src, n); + return; + } + +@@ -114,7 +127,7 @@ static void maybe_colorize_sideband(struct strbuf *dest, const char *src, int n) + } + } + +- strbuf_add(dest, src, n); ++ strbuf_add_sanitized(dest, src, n); + } + + +diff --git a/t/t5409-colorize-remote-messages.sh b/t/t5409-colorize-remote-messages.sh +index fa5de4500a..d0745c391b 100755 +--- a/t/t5409-colorize-remote-messages.sh ++++ b/t/t5409-colorize-remote-messages.sh +@@ -98,4 +98,16 @@ test_expect_success 'fallback to color.ui' ' + grep "error: error" decoded + ' + ++test_expect_success 'disallow (color) control sequences in sideband' ' ++ write_script .git/color-me-surprised <<-\EOF && ++ printf "error: Have you \\033[31mread\\033[m this?\\n" >&2 ++ exec "$@" ++ EOF ++ test_config_global uploadPack.packObjectshook ./color-me-surprised && ++ test_commit need-at-least-one-commit && ++ git clone --no-local . throw-away 2>stderr && ++ test_decode_color decoded && ++ test_grep ! RED decoded ++' ++ + test_done +-- +2.49.0 + + +From ab2eb6c0043c643935ea0fbdaed68e15bc831b11 Mon Sep 17 00:00:00 2001 +From: Johannes Schindelin +Date: Wed, 6 Nov 2024 21:07:51 +0100 +Subject: [PATCH 2/4] sideband: introduce an "escape hatch" to allow control + characters + +The preceding commit fixed the vulnerability whereas sideband messages +(that are under the control of the remote server) could contain ANSI +escape sequences that would be sent to the terminal verbatim. + +However, this fix may not be desirable under all circumstances, e.g. +when remote servers deliberately add coloring to their messages to +increase their urgency. + +To help with those use cases, give users a way to opt-out of the +protections: `sideband.allowControlCharacters`. + +Signed-off-by: Johannes Schindelin +--- + Documentation/config.adoc | 2 ++ + Documentation/config/sideband.adoc | 5 +++++ + sideband.c | 10 ++++++++++ + t/t5409-colorize-remote-messages.sh | 8 +++++++- + 4 files changed, 24 insertions(+), 1 deletion(-) + create mode 100644 Documentation/config/sideband.adoc + +diff --git a/Documentation/config.adoc b/Documentation/config.adoc +index cc769251be..a8b04c4e51 100644 +--- a/Documentation/config.adoc ++++ b/Documentation/config.adoc +@@ -522,6 +522,8 @@ include::config/sequencer.adoc[] + + include::config/showbranch.adoc[] + ++include::config/sideband.adoc[] ++ + include::config/sparse.adoc[] + + include::config/splitindex.adoc[] +diff --git a/Documentation/config/sideband.adoc b/Documentation/config/sideband.adoc +new file mode 100644 +index 0000000000..3fb5045cd7 +--- /dev/null ++++ b/Documentation/config/sideband.adoc +@@ -0,0 +1,5 @@ ++sideband.allowControlCharacters:: ++ By default, control characters that are delivered via the sideband ++ are masked, to prevent potentially unwanted ANSI escape sequences ++ from being sent to the terminal. Use this config setting to override ++ this behavior. +diff --git a/sideband.c b/sideband.c +index 81b1ff0805..d1c326fa19 100644 +--- a/sideband.c ++++ b/sideband.c +@@ -26,6 +26,8 @@ static struct keyword_entry keywords[] = { + { "error", GIT_COLOR_BOLD_RED }, + }; + ++static int allow_control_characters; ++ + /* Returns a color setting (GIT_COLOR_NEVER, etc). */ + static int use_sideband_colors(void) + { +@@ -39,6 +41,9 @@ static int use_sideband_colors(void) + if (use_sideband_colors_cached >= 0) + return use_sideband_colors_cached; + ++ git_config_get_bool("sideband.allowcontrolcharacters", ++ &allow_control_characters); ++ + if (!git_config_get_string_tmp(key, &value)) + use_sideband_colors_cached = git_config_colorbool(key, value); + else if (!git_config_get_string_tmp("color.ui", &value)) +@@ -68,6 +73,11 @@ void list_config_color_sideband_slots(struct string_list *list, const char *pref + + static void strbuf_add_sanitized(struct strbuf *dest, const char *src, int n) + { ++ if (allow_control_characters) { ++ strbuf_add(dest, src, n); ++ return; ++ } ++ + strbuf_grow(dest, n); + for (; n && *src; src++, n--) { + if (!iscntrl(*src) || *src == '\t' || *src == '\n') +diff --git a/t/t5409-colorize-remote-messages.sh b/t/t5409-colorize-remote-messages.sh +index d0745c391b..fb31e85254 100755 +--- a/t/t5409-colorize-remote-messages.sh ++++ b/t/t5409-colorize-remote-messages.sh +@@ -105,9 +105,15 @@ test_expect_success 'disallow (color) control sequences in sideband' ' + EOF + test_config_global uploadPack.packObjectshook ./color-me-surprised && + test_commit need-at-least-one-commit && ++ + git clone --no-local . throw-away 2>stderr && + test_decode_color decoded && +- test_grep ! RED decoded ++ test_grep ! RED decoded && ++ ++ rm -rf throw-away && ++ git -c sideband.allowControlCharacters clone --no-local . throw-away 2>stderr && ++ test_decode_color decoded && ++ test_grep RED decoded + ' + + test_done +-- +2.49.0 + + +From a369672c2e6974590ad0561854318a4f255e6893 Mon Sep 17 00:00:00 2001 +From: Johannes Schindelin +Date: Mon, 18 Nov 2024 21:42:57 +0100 +Subject: [PATCH 3/4] sideband: do allow ANSI color sequences by default + +The preceding two commits introduced special handling of the sideband +channel to neutralize ANSI escape sequences before sending the payload +to the terminal, and `sideband.allowControlCharacters` to override that +behavior. + +However, some `pre-receive` hooks that are actively used in practice +want to color their messages and therefore rely on the fact that Git +passes them through to the terminal. + +In contrast to other ANSI escape sequences, it is highly unlikely that +coloring sequences can be essential tools in attack vectors that mislead +Git users e.g. by hiding crucial information. + +Therefore we can have both: Continue to allow ANSI coloring sequences to +be passed to the terminal, and neutralize all other ANSI escape +sequences. + +Signed-off-by: Johannes Schindelin +--- + Documentation/config/sideband.adoc | 17 ++++++-- + sideband.c | 61 ++++++++++++++++++++++++++--- + t/t5409-colorize-remote-messages.sh | 16 +++++++- + 3 files changed, 84 insertions(+), 10 deletions(-) + +diff --git a/Documentation/config/sideband.adoc b/Documentation/config/sideband.adoc +index 3fb5045cd7..f347fd6b33 100644 +--- a/Documentation/config/sideband.adoc ++++ b/Documentation/config/sideband.adoc +@@ -1,5 +1,16 @@ + sideband.allowControlCharacters:: + By default, control characters that are delivered via the sideband +- are masked, to prevent potentially unwanted ANSI escape sequences +- from being sent to the terminal. Use this config setting to override +- this behavior. ++ are masked, except ANSI color sequences. This prevents potentially ++ unwanted ANSI escape sequences from being sent to the terminal. Use ++ this config setting to override this behavior: +++ ++-- ++ color:: ++ Allow ANSI color sequences, line feeds and horizontal tabs, ++ but mask all other control characters. This is the default. ++ false:: ++ Mask all control characters other than line feeds and ++ horizontal tabs. ++ true:: ++ Allow all control characters to be sent to the terminal. ++-- +diff --git a/sideband.c b/sideband.c +index d1c326fa19..9084ca234d 100644 +--- a/sideband.c ++++ b/sideband.c +@@ -26,7 +26,11 @@ static struct keyword_entry keywords[] = { + { "error", GIT_COLOR_BOLD_RED }, + }; + +-static int allow_control_characters; ++static enum { ++ ALLOW_NO_CONTROL_CHARACTERS = 0, ++ ALLOW_ALL_CONTROL_CHARACTERS = 1, ++ ALLOW_ANSI_COLOR_SEQUENCES = 2 ++} allow_control_characters = ALLOW_ANSI_COLOR_SEQUENCES; + + /* Returns a color setting (GIT_COLOR_NEVER, etc). */ + static int use_sideband_colors(void) +@@ -41,8 +45,24 @@ static int use_sideband_colors(void) + if (use_sideband_colors_cached >= 0) + return use_sideband_colors_cached; + +- git_config_get_bool("sideband.allowcontrolcharacters", +- &allow_control_characters); ++ switch (git_config_get_maybe_bool("sideband.allowcontrolcharacters", &i)) { ++ case 0: /* Boolean value */ ++ allow_control_characters = i ? ALLOW_ALL_CONTROL_CHARACTERS : ++ ALLOW_NO_CONTROL_CHARACTERS; ++ break; ++ case -1: /* non-Boolean value */ ++ if (git_config_get_string_tmp("sideband.allowcontrolcharacters", ++ &value)) ++ ; /* huh? `get_maybe_bool()` returned -1 */ ++ else if (!strcmp(value, "color")) ++ allow_control_characters = ALLOW_ANSI_COLOR_SEQUENCES; ++ else ++ warning(_("unrecognized value for `sideband." ++ "allowControlCharacters`: '%s'"), value); ++ break; ++ default: ++ break; /* not configured */ ++ } + + if (!git_config_get_string_tmp(key, &value)) + use_sideband_colors_cached = git_config_colorbool(key, value); +@@ -71,9 +91,37 @@ void list_config_color_sideband_slots(struct string_list *list, const char *pref + list_config_item(list, prefix, keywords[i].keyword); + } + ++static int handle_ansi_color_sequence(struct strbuf *dest, const char *src, int n) ++{ ++ int i; ++ ++ /* ++ * Valid ANSI color sequences are of the form ++ * ++ * ESC [ [ [; ]*] m ++ */ ++ ++ if (allow_control_characters != ALLOW_ANSI_COLOR_SEQUENCES || ++ n < 3 || src[0] != '\x1b' || src[1] != '[') ++ return 0; ++ ++ for (i = 2; i < n; i++) { ++ if (src[i] == 'm') { ++ strbuf_add(dest, src, i + 1); ++ return i; ++ } ++ if (!isdigit(src[i]) && src[i] != ';') ++ break; ++ } ++ ++ return 0; ++} ++ + static void strbuf_add_sanitized(struct strbuf *dest, const char *src, int n) + { +- if (allow_control_characters) { ++ int i; ++ ++ if (allow_control_characters == ALLOW_ALL_CONTROL_CHARACTERS) { + strbuf_add(dest, src, n); + return; + } +@@ -82,7 +130,10 @@ static void strbuf_add_sanitized(struct strbuf *dest, const char *src, int n) + for (; n && *src; src++, n--) { + if (!iscntrl(*src) || *src == '\t' || *src == '\n') + strbuf_addch(dest, *src); +- else { ++ else if ((i = handle_ansi_color_sequence(dest, src, n))) { ++ src += i; ++ n -= i; ++ } else { + strbuf_addch(dest, '^'); + strbuf_addch(dest, 0x40 + *src); + } +diff --git a/t/t5409-colorize-remote-messages.sh b/t/t5409-colorize-remote-messages.sh +index fb31e85254..a755c49a74 100755 +--- a/t/t5409-colorize-remote-messages.sh ++++ b/t/t5409-colorize-remote-messages.sh +@@ -100,7 +100,7 @@ test_expect_success 'fallback to color.ui' ' + + test_expect_success 'disallow (color) control sequences in sideband' ' + write_script .git/color-me-surprised <<-\EOF && +- printf "error: Have you \\033[31mread\\033[m this?\\n" >&2 ++ printf "error: Have you \\033[31mread\\033[m this?\\a\\n" >&2 + exec "$@" + EOF + test_config_global uploadPack.packObjectshook ./color-me-surprised && +@@ -108,12 +108,24 @@ test_expect_success 'disallow (color) control sequences in sideband' ' + + git clone --no-local . throw-away 2>stderr && + test_decode_color decoded && ++ test_grep RED decoded && ++ test_grep "\\^G" stderr && ++ tr -dc "\\007" actual && ++ test_must_be_empty actual && ++ ++ rm -rf throw-away && ++ git -c sideband.allowControlCharacters=false \ ++ clone --no-local . throw-away 2>stderr && ++ test_decode_color decoded && + test_grep ! RED decoded && ++ test_grep "\\^G" stderr && + + rm -rf throw-away && + git -c sideband.allowControlCharacters clone --no-local . throw-away 2>stderr && + test_decode_color decoded && +- test_grep RED decoded ++ test_grep RED decoded && ++ tr -dc "\\007" actual && ++ test_file_not_empty actual + ' + + test_done +-- +2.49.0 + + +From b15d2255ed98eb6f75608c2f99f4ea3284ad250e Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Ond=C5=99ej=20Poho=C5=99elsk=C3=BD?= +Date: Mon, 24 Mar 2025 10:51:39 +0100 +Subject: [PATCH 4/4] sideband: default to allowControlCharacters=true +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +We don't want to change the default Git behaviour, just add the option +to filter control characters. + +Signed-off-by: Ondřej Pohořelský +--- + Documentation/config/sideband.adoc | 8 ++++---- + sideband.c | 2 +- + t/t5409-colorize-remote-messages.sh | 3 ++- + 3 files changed, 7 insertions(+), 6 deletions(-) + +diff --git a/Documentation/config/sideband.adoc b/Documentation/config/sideband.adoc +index f347fd6b33..a809e2de89 100644 +--- a/Documentation/config/sideband.adoc ++++ b/Documentation/config/sideband.adoc +@@ -1,16 +1,16 @@ + sideband.allowControlCharacters:: + By default, control characters that are delivered via the sideband +- are masked, except ANSI color sequences. This prevents potentially +- unwanted ANSI escape sequences from being sent to the terminal. Use +- this config setting to override this behavior: ++ are NOT masked. Use this config setting to prevent potentially ++ unwanted ANSI escape sequences from being sent to the terminal: + + + -- + color:: + Allow ANSI color sequences, line feeds and horizontal tabs, +- but mask all other control characters. This is the default. ++ but mask all other control characters. + false:: + Mask all control characters other than line feeds and + horizontal tabs. + true:: + Allow all control characters to be sent to the terminal. ++ This is the default. + -- +diff --git a/sideband.c b/sideband.c +index 9084ca234d..456cd3d8bc 100644 +--- a/sideband.c ++++ b/sideband.c +@@ -30,7 +30,7 @@ static enum { + ALLOW_NO_CONTROL_CHARACTERS = 0, + ALLOW_ALL_CONTROL_CHARACTERS = 1, + ALLOW_ANSI_COLOR_SEQUENCES = 2 +-} allow_control_characters = ALLOW_ANSI_COLOR_SEQUENCES; ++} allow_control_characters = ALLOW_ALL_CONTROL_CHARACTERS; + + /* Returns a color setting (GIT_COLOR_NEVER, etc). */ + static int use_sideband_colors(void) +diff --git a/t/t5409-colorize-remote-messages.sh b/t/t5409-colorize-remote-messages.sh +index a755c49a74..2d40d8c640 100755 +--- a/t/t5409-colorize-remote-messages.sh ++++ b/t/t5409-colorize-remote-messages.sh +@@ -106,7 +106,8 @@ test_expect_success 'disallow (color) control sequences in sideband' ' + test_config_global uploadPack.packObjectshook ./color-me-surprised && + test_commit need-at-least-one-commit && + +- git clone --no-local . throw-away 2>stderr && ++ git -c sideband.allowControlCharacters=color \ ++ clone --no-local . throw-away 2>stderr && + test_decode_color decoded && + test_grep RED decoded && + test_grep "\\^G" stderr && +-- +2.49.0 + diff --git a/git.spec b/git.spec index b19d845..b3b2184 100644 --- a/git.spec +++ b/git.spec @@ -79,7 +79,7 @@ Name: git Version: 2.49.0 -Release: 1%{?dist} +Release: 2%{?dist} Summary: Fast Version Control System License: BSD-3-Clause AND GPL-2.0-only AND GPL-2.0-or-later AND LGPL-2.1-or-later AND MIT URL: https://git-scm.com/ @@ -132,6 +132,13 @@ Patch3: 0003-t-lib-git-svn-try-harder-to-find-a-port.patch # Prevents t5540 failures on i686, s390x and ppc64le Patch5: git-test-apache-davlockdbtype-config.patch +# Adds the option to sanitize sideband channel messages +# CVE-2024-52005 wasn't fixed by upstream. This patch adds the option to harden Git against it. +# The default behaviour of Git remains unchanged. +# +# https://github.com/gitgitgadget/git/pull/1853 +Patch6: git-2.49-sanitize-sideband-channel-messages.patch + %if %{with docs} # pod2man is needed to build Git.3pm BuildRequires: perl-podlators @@ -1056,6 +1063,9 @@ rmdir --ignore-fail-on-non-empty "$testdir" %{?with_docs:%{_pkgdocdir}/git-svn.html} %changelog +* Mon Mar 24 2025 Ondřej Pohořelský - 2.49.0-2 +- add the option to sanitize sideband channel messages + * Mon Mar 17 2025 Ondřej Pohořelský - 2.49.0-1 - update to 2.49.0 From 001bf29ac7e222626c490dc9ffa4c5195e36f4d4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ond=C5=99ej=20Poho=C5=99elsk=C3=BD?= Date: Mon, 23 Jun 2025 14:16:09 +0200 Subject: [PATCH 06/22] update to 2.50.0 --- git.spec | 7 +++++-- sources | 4 ++-- 2 files changed, 7 insertions(+), 4 deletions(-) diff --git a/git.spec b/git.spec index b3b2184..203dced 100644 --- a/git.spec +++ b/git.spec @@ -78,8 +78,8 @@ %global _package_note_file %{_builddir}/%{name}-%{real_version}/.package_note-%{name}-%{version}-%{release}.%{_arch}.ld Name: git -Version: 2.49.0 -Release: 2%{?dist} +Version: 2.50.0 +Release: 1%{?dist} Summary: Fast Version Control System License: BSD-3-Clause AND GPL-2.0-only AND GPL-2.0-or-later AND LGPL-2.1-or-later AND MIT URL: https://git-scm.com/ @@ -1063,6 +1063,9 @@ rmdir --ignore-fail-on-non-empty "$testdir" %{?with_docs:%{_pkgdocdir}/git-svn.html} %changelog +* Mon Jun 23 2025 Ondřej Pohořelský - 2.50.0-1 +- update to 2.50.0 + * Mon Mar 24 2025 Ondřej Pohořelský - 2.49.0-2 - add the option to sanitize sideband channel messages diff --git a/sources b/sources index 25bd2d3..fbc63c3 100644 --- a/sources +++ b/sources @@ -1,2 +1,2 @@ -SHA512 (git-2.49.0.tar.xz) = 81a16415890305fc6cfd14ade8bee76779feba01f51c5446f40c14211654342c68ef0911859fa6e8e9ff0a718847bb44ee4156d03a19c9165df19ba91e09e1f0 -SHA512 (git-2.49.0.tar.sign) = e956f83ee0973295ec608aa6ab1df11992d8fc10f1702a0cdbf849f7659d94666fe714f60a7b4aeeed064bc49e1345791e3d8b0a867c075544eb48f01b84fd27 +SHA512 (git-2.50.0.tar.xz) = a8fdf5b0ab156822324b76aa7200071eb7244f7714807c39f05bc3361bc261272a6fdd1d0bc3a097dbbf27e92c02eda612aac17cb2a45ddfa222d74937cac67f +SHA512 (git-2.50.0.tar.sign) = 1cc17cc904587ff3c3c85a728ced51a04a92b194a7e5e69e0fd2f59bff24c643a3c4e5631b0cd870d4ad4229b1e9edc4c5cf671cde72bb37ef1cc04ebfac421c From 0cd22af43cc5e8445351294caf78ed526ddecb68 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ond=C5=99ej=20Poho=C5=99elsk=C3=BD?= Date: Mon, 23 Jun 2025 14:16:09 +0200 Subject: [PATCH 07/22] update to 2.50.0 --- git.spec | 5 ++++- sources | 4 ++-- 2 files changed, 6 insertions(+), 3 deletions(-) diff --git a/git.spec b/git.spec index b19d845..208bb44 100644 --- a/git.spec +++ b/git.spec @@ -78,7 +78,7 @@ %global _package_note_file %{_builddir}/%{name}-%{real_version}/.package_note-%{name}-%{version}-%{release}.%{_arch}.ld Name: git -Version: 2.49.0 +Version: 2.50.0 Release: 1%{?dist} Summary: Fast Version Control System License: BSD-3-Clause AND GPL-2.0-only AND GPL-2.0-or-later AND LGPL-2.1-or-later AND MIT @@ -1056,6 +1056,9 @@ rmdir --ignore-fail-on-non-empty "$testdir" %{?with_docs:%{_pkgdocdir}/git-svn.html} %changelog +* Mon Jun 23 2025 Ondřej Pohořelský - 2.50.0-1 +- update to 2.50.0 + * Mon Mar 17 2025 Ondřej Pohořelský - 2.49.0-1 - update to 2.49.0 diff --git a/sources b/sources index 25bd2d3..fbc63c3 100644 --- a/sources +++ b/sources @@ -1,2 +1,2 @@ -SHA512 (git-2.49.0.tar.xz) = 81a16415890305fc6cfd14ade8bee76779feba01f51c5446f40c14211654342c68ef0911859fa6e8e9ff0a718847bb44ee4156d03a19c9165df19ba91e09e1f0 -SHA512 (git-2.49.0.tar.sign) = e956f83ee0973295ec608aa6ab1df11992d8fc10f1702a0cdbf849f7659d94666fe714f60a7b4aeeed064bc49e1345791e3d8b0a867c075544eb48f01b84fd27 +SHA512 (git-2.50.0.tar.xz) = a8fdf5b0ab156822324b76aa7200071eb7244f7714807c39f05bc3361bc261272a6fdd1d0bc3a097dbbf27e92c02eda612aac17cb2a45ddfa222d74937cac67f +SHA512 (git-2.50.0.tar.sign) = 1cc17cc904587ff3c3c85a728ced51a04a92b194a7e5e69e0fd2f59bff24c643a3c4e5631b0cd870d4ad4229b1e9edc4c5cf671cde72bb37ef1cc04ebfac421c From 54ed4ea4ba7db573e5cccb672c50aed38b2fe49c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ond=C5=99ej=20Poho=C5=99elsk=C3=BD?= Date: Tue, 8 Jul 2025 22:41:07 +0200 Subject: [PATCH 08/22] update to 2.50.1 --- git.spec | 5 ++++- sources | 4 ++-- 2 files changed, 6 insertions(+), 3 deletions(-) diff --git a/git.spec b/git.spec index 203dced..b23d32b 100644 --- a/git.spec +++ b/git.spec @@ -78,7 +78,7 @@ %global _package_note_file %{_builddir}/%{name}-%{real_version}/.package_note-%{name}-%{version}-%{release}.%{_arch}.ld Name: git -Version: 2.50.0 +Version: 2.50.1 Release: 1%{?dist} Summary: Fast Version Control System License: BSD-3-Clause AND GPL-2.0-only AND GPL-2.0-or-later AND LGPL-2.1-or-later AND MIT @@ -1063,6 +1063,9 @@ rmdir --ignore-fail-on-non-empty "$testdir" %{?with_docs:%{_pkgdocdir}/git-svn.html} %changelog +* Tue Jul 08 2025 Ondřej Pohořelský - 2.50.1-1 +- update to 2.50.1 + * Mon Jun 23 2025 Ondřej Pohořelský - 2.50.0-1 - update to 2.50.0 diff --git a/sources b/sources index fbc63c3..8e5e30a 100644 --- a/sources +++ b/sources @@ -1,2 +1,2 @@ -SHA512 (git-2.50.0.tar.xz) = a8fdf5b0ab156822324b76aa7200071eb7244f7714807c39f05bc3361bc261272a6fdd1d0bc3a097dbbf27e92c02eda612aac17cb2a45ddfa222d74937cac67f -SHA512 (git-2.50.0.tar.sign) = 1cc17cc904587ff3c3c85a728ced51a04a92b194a7e5e69e0fd2f59bff24c643a3c4e5631b0cd870d4ad4229b1e9edc4c5cf671cde72bb37ef1cc04ebfac421c +SHA512 (git-2.50.1.tar.xz) = 09f37290c0d4d074b97363f4a4be1813426e93ac3fa993c4d671bb1462bcc9335713c17d1442196a35205a603eeb052662382935d27498875a251f4fe86f6b36 +SHA512 (git-2.50.1.tar.sign) = f03a588b4108a2f0eae949d8870a3f16da18dfdf23de547aeaa25cdbccf668cfe89d49bbfb3869571b261738482f32002d83b2760415d4c04a0285273b18e828 From f8bcf50ac88ad7dc9e6b853026fc45376b3a8975 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ond=C5=99ej=20Poho=C5=99elsk=C3=BD?= Date: Tue, 8 Jul 2025 22:41:07 +0200 Subject: [PATCH 09/22] update to 2.50.1 --- git.spec | 5 ++++- sources | 4 ++-- 2 files changed, 6 insertions(+), 3 deletions(-) diff --git a/git.spec b/git.spec index 208bb44..94ca5c7 100644 --- a/git.spec +++ b/git.spec @@ -78,7 +78,7 @@ %global _package_note_file %{_builddir}/%{name}-%{real_version}/.package_note-%{name}-%{version}-%{release}.%{_arch}.ld Name: git -Version: 2.50.0 +Version: 2.50.1 Release: 1%{?dist} Summary: Fast Version Control System License: BSD-3-Clause AND GPL-2.0-only AND GPL-2.0-or-later AND LGPL-2.1-or-later AND MIT @@ -1056,6 +1056,9 @@ rmdir --ignore-fail-on-non-empty "$testdir" %{?with_docs:%{_pkgdocdir}/git-svn.html} %changelog +* Tue Jul 08 2025 Ondřej Pohořelský - 2.50.1-1 +- update to 2.50.1 + * Mon Jun 23 2025 Ondřej Pohořelský - 2.50.0-1 - update to 2.50.0 diff --git a/sources b/sources index fbc63c3..8e5e30a 100644 --- a/sources +++ b/sources @@ -1,2 +1,2 @@ -SHA512 (git-2.50.0.tar.xz) = a8fdf5b0ab156822324b76aa7200071eb7244f7714807c39f05bc3361bc261272a6fdd1d0bc3a097dbbf27e92c02eda612aac17cb2a45ddfa222d74937cac67f -SHA512 (git-2.50.0.tar.sign) = 1cc17cc904587ff3c3c85a728ced51a04a92b194a7e5e69e0fd2f59bff24c643a3c4e5631b0cd870d4ad4229b1e9edc4c5cf671cde72bb37ef1cc04ebfac421c +SHA512 (git-2.50.1.tar.xz) = 09f37290c0d4d074b97363f4a4be1813426e93ac3fa993c4d671bb1462bcc9335713c17d1442196a35205a603eeb052662382935d27498875a251f4fe86f6b36 +SHA512 (git-2.50.1.tar.sign) = f03a588b4108a2f0eae949d8870a3f16da18dfdf23de547aeaa25cdbccf668cfe89d49bbfb3869571b261738482f32002d83b2760415d4c04a0285273b18e828 From fc75418e16da4919c30846f896122b7e08c85c92 Mon Sep 17 00:00:00 2001 From: Fedora Release Engineering Date: Wed, 23 Jul 2025 22:22:42 +0000 Subject: [PATCH 10/22] Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild --- git.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/git.spec b/git.spec index b23d32b..d19d51f 100644 --- a/git.spec +++ b/git.spec @@ -79,7 +79,7 @@ Name: git Version: 2.50.1 -Release: 1%{?dist} +Release: 2%{?dist} Summary: Fast Version Control System License: BSD-3-Clause AND GPL-2.0-only AND GPL-2.0-or-later AND LGPL-2.1-or-later AND MIT URL: https://git-scm.com/ @@ -1063,6 +1063,9 @@ rmdir --ignore-fail-on-non-empty "$testdir" %{?with_docs:%{_pkgdocdir}/git-svn.html} %changelog +* Wed Jul 23 2025 Fedora Release Engineering - 2.50.1-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild + * Tue Jul 08 2025 Ondřej Pohořelský - 2.50.1-1 - update to 2.50.1 From 1bf540bab483dc454810665066f85c0caebab098 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ond=C5=99ej=20Poho=C5=99elsk=C3=BD?= Date: Wed, 20 Aug 2025 11:46:09 +0200 Subject: [PATCH 11/22] update to 2.51.0 --- git.spec | 23 ++++------------------- sources | 4 ++-- 2 files changed, 6 insertions(+), 21 deletions(-) diff --git a/git.spec b/git.spec index 94ca5c7..02145da 100644 --- a/git.spec +++ b/git.spec @@ -78,7 +78,7 @@ %global _package_note_file %{_builddir}/%{name}-%{real_version}/.package_note-%{name}-%{version}-%{release}.%{_arch}.ld Name: git -Version: 2.50.1 +Version: 2.51.0 Release: 1%{?dist} Summary: Fast Version Control System License: BSD-3-Clause AND GPL-2.0-only AND GPL-2.0-or-later AND LGPL-2.1-or-later AND MIT @@ -733,13 +733,6 @@ mkdir -p %{buildroot}%{_datadir}/git-core/contrib/completion install -pm 644 contrib/completion/git-completion.tcsh \ %{buildroot}%{_datadir}/git-core/contrib/completion/ -# Move contrib/hooks out of %%docdir -mkdir -p %{buildroot}%{_datadir}/git-core/contrib -mv contrib/hooks %{buildroot}%{_datadir}/git-core/contrib -pushd contrib > /dev/null -ln -s ../../../git-core/contrib/hooks -popd > /dev/null - # Install git-prompt.sh mkdir -p %{buildroot}%{_datadir}/git-core/contrib/completion install -pm 644 contrib/completion/git-prompt.sh \ @@ -929,11 +922,6 @@ rmdir --ignore-fail-on-non-empty "$testdir" %files -f bin-man-doc-git-files %{_datadir}/git-core/contrib/diff-highlight -%{_datadir}/git-core/contrib/hooks/update-paranoid -%{_datadir}/git-core/contrib/hooks/setgitperms.perl -%{_datadir}/git-core/templates/hooks/fsmonitor-watchman.sample -%{_datadir}/git-core/templates/hooks/pre-rebase.sample -%{_datadir}/git-core/templates/hooks/prepare-commit-msg.sample %files all # No files for you! @@ -945,11 +933,6 @@ rmdir --ignore-fail-on-non-empty "$testdir" %license COPYING # exclude is best way here because of troubles with symlinks inside git-core/ %exclude %{_datadir}/git-core/contrib/diff-highlight -%exclude %{_datadir}/git-core/contrib/hooks/update-paranoid -%exclude %{_datadir}/git-core/contrib/hooks/setgitperms.perl -%exclude %{_datadir}/git-core/templates/hooks/fsmonitor-watchman.sample -%exclude %{_datadir}/git-core/templates/hooks/pre-rebase.sample -%exclude %{_datadir}/git-core/templates/hooks/prepare-commit-msg.sample %{bash_completions_dir}/git %{_datadir}/git-core/ @@ -959,7 +942,6 @@ rmdir --ignore-fail-on-non-empty "$testdir" %exclude %{_pkgdocdir}/contrib/*/*.py[co] %endif # endif rhel <= 7 -%{_pkgdocdir}/contrib/hooks %if %{with libsecret} %files credential-libsecret @@ -1056,6 +1038,9 @@ rmdir --ignore-fail-on-non-empty "$testdir" %{?with_docs:%{_pkgdocdir}/git-svn.html} %changelog +* Wed Aug 20 2025 Ondřej Pohořelský - 2.51.0-1 +- update to 2.51.0 + * Tue Jul 08 2025 Ondřej Pohořelský - 2.50.1-1 - update to 2.50.1 diff --git a/sources b/sources index 8e5e30a..9d8afae 100644 --- a/sources +++ b/sources @@ -1,2 +1,2 @@ -SHA512 (git-2.50.1.tar.xz) = 09f37290c0d4d074b97363f4a4be1813426e93ac3fa993c4d671bb1462bcc9335713c17d1442196a35205a603eeb052662382935d27498875a251f4fe86f6b36 -SHA512 (git-2.50.1.tar.sign) = f03a588b4108a2f0eae949d8870a3f16da18dfdf23de547aeaa25cdbccf668cfe89d49bbfb3869571b261738482f32002d83b2760415d4c04a0285273b18e828 +SHA512 (git-2.51.0.tar.xz) = 2b8c59589266c0c9e58a9f4fda4a970a8a492e2e0ecbafc414fcfacac4a04251f0115b3676f4599a415b53906f1dea312b18a42e9bde455286abd62ec327beaf +SHA512 (git-2.51.0.tar.sign) = 1fb0d30fb68227ec8a13364b07c3d4468269a2912a746d75704146690115cd9e13c41be4e6e97f65fc5fce40f433456a5e2529f28fe04d6280557970189ac135 From 90cb7985fdcd5d276f9d7f17efd93932116e578e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ond=C5=99ej=20Poho=C5=99elsk=C3=BD?= Date: Wed, 20 Aug 2025 11:46:09 +0200 Subject: [PATCH 12/22] update to 2.51.0 --- ...9-sanitize-sideband-channel-messages.patch | 471 ------------------ ...1-sanitize-sideband-channel-messages.patch | 274 ++++++++++ git.spec | 27 +- sources | 4 +- 4 files changed, 282 insertions(+), 494 deletions(-) delete mode 100644 git-2.49-sanitize-sideband-channel-messages.patch create mode 100644 git-2.51-sanitize-sideband-channel-messages.patch diff --git a/git-2.49-sanitize-sideband-channel-messages.patch b/git-2.49-sanitize-sideband-channel-messages.patch deleted file mode 100644 index f3be95a..0000000 --- a/git-2.49-sanitize-sideband-channel-messages.patch +++ /dev/null @@ -1,471 +0,0 @@ -From 328ff864183cdd0a4b779b5b88a3271b39a1b1a2 Mon Sep 17 00:00:00 2001 -From: Johannes Schindelin -Date: Wed, 6 Nov 2024 20:34:50 +0100 -Subject: [PATCH 1/4] sideband: mask control characters - -The output of `git clone` is a vital component for understanding what -has happened when things go wrong. However, these logs are partially -under the control of the remote server (via the "sideband", which -typically contains what the remote `git pack-objects` process sends to -`stderr`), and is currently not sanitized by Git. - -This makes Git susceptible to ANSI escape sequence injection (see -CWE-150, https://cwe.mitre.org/data/definitions/150.html), which allows -attackers to corrupt terminal state, to hide information, and even to -insert characters into the input buffer (i.e. as if the user had typed -those characters). - -To plug this vulnerability, disallow any control character in the -sideband, replacing them instead with the common `^` -(e.g. `^[` for `\x1b`, `^A` for `\x01`). - -There is likely a need for more fine-grained controls instead of using a -"heavy hammer" like this, which will be introduced subsequently. - -Signed-off-by: Johannes Schindelin ---- - sideband.c | 17 +++++++++++++++-- - t/t5409-colorize-remote-messages.sh | 12 ++++++++++++ - 2 files changed, 27 insertions(+), 2 deletions(-) - -diff --git a/sideband.c b/sideband.c -index 251e9615ed..81b1ff0805 100644 ---- a/sideband.c -+++ b/sideband.c -@@ -66,6 +66,19 @@ void list_config_color_sideband_slots(struct string_list *list, const char *pref - list_config_item(list, prefix, keywords[i].keyword); - } - -+static void strbuf_add_sanitized(struct strbuf *dest, const char *src, int n) -+{ -+ strbuf_grow(dest, n); -+ for (; n && *src; src++, n--) { -+ if (!iscntrl(*src) || *src == '\t' || *src == '\n') -+ strbuf_addch(dest, *src); -+ else { -+ strbuf_addch(dest, '^'); -+ strbuf_addch(dest, 0x40 + *src); -+ } -+ } -+} -+ - /* - * Optionally highlight one keyword in remote output if it appears at the start - * of the line. This should be called for a single line only, which is -@@ -81,7 +94,7 @@ static void maybe_colorize_sideband(struct strbuf *dest, const char *src, int n) - int i; - - if (!want_color_stderr(use_sideband_colors())) { -- strbuf_add(dest, src, n); -+ strbuf_add_sanitized(dest, src, n); - return; - } - -@@ -114,7 +127,7 @@ static void maybe_colorize_sideband(struct strbuf *dest, const char *src, int n) - } - } - -- strbuf_add(dest, src, n); -+ strbuf_add_sanitized(dest, src, n); - } - - -diff --git a/t/t5409-colorize-remote-messages.sh b/t/t5409-colorize-remote-messages.sh -index fa5de4500a..d0745c391b 100755 ---- a/t/t5409-colorize-remote-messages.sh -+++ b/t/t5409-colorize-remote-messages.sh -@@ -98,4 +98,16 @@ test_expect_success 'fallback to color.ui' ' - grep "error: error" decoded - ' - -+test_expect_success 'disallow (color) control sequences in sideband' ' -+ write_script .git/color-me-surprised <<-\EOF && -+ printf "error: Have you \\033[31mread\\033[m this?\\n" >&2 -+ exec "$@" -+ EOF -+ test_config_global uploadPack.packObjectshook ./color-me-surprised && -+ test_commit need-at-least-one-commit && -+ git clone --no-local . throw-away 2>stderr && -+ test_decode_color decoded && -+ test_grep ! RED decoded -+' -+ - test_done --- -2.49.0 - - -From ab2eb6c0043c643935ea0fbdaed68e15bc831b11 Mon Sep 17 00:00:00 2001 -From: Johannes Schindelin -Date: Wed, 6 Nov 2024 21:07:51 +0100 -Subject: [PATCH 2/4] sideband: introduce an "escape hatch" to allow control - characters - -The preceding commit fixed the vulnerability whereas sideband messages -(that are under the control of the remote server) could contain ANSI -escape sequences that would be sent to the terminal verbatim. - -However, this fix may not be desirable under all circumstances, e.g. -when remote servers deliberately add coloring to their messages to -increase their urgency. - -To help with those use cases, give users a way to opt-out of the -protections: `sideband.allowControlCharacters`. - -Signed-off-by: Johannes Schindelin ---- - Documentation/config.adoc | 2 ++ - Documentation/config/sideband.adoc | 5 +++++ - sideband.c | 10 ++++++++++ - t/t5409-colorize-remote-messages.sh | 8 +++++++- - 4 files changed, 24 insertions(+), 1 deletion(-) - create mode 100644 Documentation/config/sideband.adoc - -diff --git a/Documentation/config.adoc b/Documentation/config.adoc -index cc769251be..a8b04c4e51 100644 ---- a/Documentation/config.adoc -+++ b/Documentation/config.adoc -@@ -522,6 +522,8 @@ include::config/sequencer.adoc[] - - include::config/showbranch.adoc[] - -+include::config/sideband.adoc[] -+ - include::config/sparse.adoc[] - - include::config/splitindex.adoc[] -diff --git a/Documentation/config/sideband.adoc b/Documentation/config/sideband.adoc -new file mode 100644 -index 0000000000..3fb5045cd7 ---- /dev/null -+++ b/Documentation/config/sideband.adoc -@@ -0,0 +1,5 @@ -+sideband.allowControlCharacters:: -+ By default, control characters that are delivered via the sideband -+ are masked, to prevent potentially unwanted ANSI escape sequences -+ from being sent to the terminal. Use this config setting to override -+ this behavior. -diff --git a/sideband.c b/sideband.c -index 81b1ff0805..d1c326fa19 100644 ---- a/sideband.c -+++ b/sideband.c -@@ -26,6 +26,8 @@ static struct keyword_entry keywords[] = { - { "error", GIT_COLOR_BOLD_RED }, - }; - -+static int allow_control_characters; -+ - /* Returns a color setting (GIT_COLOR_NEVER, etc). */ - static int use_sideband_colors(void) - { -@@ -39,6 +41,9 @@ static int use_sideband_colors(void) - if (use_sideband_colors_cached >= 0) - return use_sideband_colors_cached; - -+ git_config_get_bool("sideband.allowcontrolcharacters", -+ &allow_control_characters); -+ - if (!git_config_get_string_tmp(key, &value)) - use_sideband_colors_cached = git_config_colorbool(key, value); - else if (!git_config_get_string_tmp("color.ui", &value)) -@@ -68,6 +73,11 @@ void list_config_color_sideband_slots(struct string_list *list, const char *pref - - static void strbuf_add_sanitized(struct strbuf *dest, const char *src, int n) - { -+ if (allow_control_characters) { -+ strbuf_add(dest, src, n); -+ return; -+ } -+ - strbuf_grow(dest, n); - for (; n && *src; src++, n--) { - if (!iscntrl(*src) || *src == '\t' || *src == '\n') -diff --git a/t/t5409-colorize-remote-messages.sh b/t/t5409-colorize-remote-messages.sh -index d0745c391b..fb31e85254 100755 ---- a/t/t5409-colorize-remote-messages.sh -+++ b/t/t5409-colorize-remote-messages.sh -@@ -105,9 +105,15 @@ test_expect_success 'disallow (color) control sequences in sideband' ' - EOF - test_config_global uploadPack.packObjectshook ./color-me-surprised && - test_commit need-at-least-one-commit && -+ - git clone --no-local . throw-away 2>stderr && - test_decode_color decoded && -- test_grep ! RED decoded -+ test_grep ! RED decoded && -+ -+ rm -rf throw-away && -+ git -c sideband.allowControlCharacters clone --no-local . throw-away 2>stderr && -+ test_decode_color decoded && -+ test_grep RED decoded - ' - - test_done --- -2.49.0 - - -From a369672c2e6974590ad0561854318a4f255e6893 Mon Sep 17 00:00:00 2001 -From: Johannes Schindelin -Date: Mon, 18 Nov 2024 21:42:57 +0100 -Subject: [PATCH 3/4] sideband: do allow ANSI color sequences by default - -The preceding two commits introduced special handling of the sideband -channel to neutralize ANSI escape sequences before sending the payload -to the terminal, and `sideband.allowControlCharacters` to override that -behavior. - -However, some `pre-receive` hooks that are actively used in practice -want to color their messages and therefore rely on the fact that Git -passes them through to the terminal. - -In contrast to other ANSI escape sequences, it is highly unlikely that -coloring sequences can be essential tools in attack vectors that mislead -Git users e.g. by hiding crucial information. - -Therefore we can have both: Continue to allow ANSI coloring sequences to -be passed to the terminal, and neutralize all other ANSI escape -sequences. - -Signed-off-by: Johannes Schindelin ---- - Documentation/config/sideband.adoc | 17 ++++++-- - sideband.c | 61 ++++++++++++++++++++++++++--- - t/t5409-colorize-remote-messages.sh | 16 +++++++- - 3 files changed, 84 insertions(+), 10 deletions(-) - -diff --git a/Documentation/config/sideband.adoc b/Documentation/config/sideband.adoc -index 3fb5045cd7..f347fd6b33 100644 ---- a/Documentation/config/sideband.adoc -+++ b/Documentation/config/sideband.adoc -@@ -1,5 +1,16 @@ - sideband.allowControlCharacters:: - By default, control characters that are delivered via the sideband -- are masked, to prevent potentially unwanted ANSI escape sequences -- from being sent to the terminal. Use this config setting to override -- this behavior. -+ are masked, except ANSI color sequences. This prevents potentially -+ unwanted ANSI escape sequences from being sent to the terminal. Use -+ this config setting to override this behavior: -++ -+-- -+ color:: -+ Allow ANSI color sequences, line feeds and horizontal tabs, -+ but mask all other control characters. This is the default. -+ false:: -+ Mask all control characters other than line feeds and -+ horizontal tabs. -+ true:: -+ Allow all control characters to be sent to the terminal. -+-- -diff --git a/sideband.c b/sideband.c -index d1c326fa19..9084ca234d 100644 ---- a/sideband.c -+++ b/sideband.c -@@ -26,7 +26,11 @@ static struct keyword_entry keywords[] = { - { "error", GIT_COLOR_BOLD_RED }, - }; - --static int allow_control_characters; -+static enum { -+ ALLOW_NO_CONTROL_CHARACTERS = 0, -+ ALLOW_ALL_CONTROL_CHARACTERS = 1, -+ ALLOW_ANSI_COLOR_SEQUENCES = 2 -+} allow_control_characters = ALLOW_ANSI_COLOR_SEQUENCES; - - /* Returns a color setting (GIT_COLOR_NEVER, etc). */ - static int use_sideband_colors(void) -@@ -41,8 +45,24 @@ static int use_sideband_colors(void) - if (use_sideband_colors_cached >= 0) - return use_sideband_colors_cached; - -- git_config_get_bool("sideband.allowcontrolcharacters", -- &allow_control_characters); -+ switch (git_config_get_maybe_bool("sideband.allowcontrolcharacters", &i)) { -+ case 0: /* Boolean value */ -+ allow_control_characters = i ? ALLOW_ALL_CONTROL_CHARACTERS : -+ ALLOW_NO_CONTROL_CHARACTERS; -+ break; -+ case -1: /* non-Boolean value */ -+ if (git_config_get_string_tmp("sideband.allowcontrolcharacters", -+ &value)) -+ ; /* huh? `get_maybe_bool()` returned -1 */ -+ else if (!strcmp(value, "color")) -+ allow_control_characters = ALLOW_ANSI_COLOR_SEQUENCES; -+ else -+ warning(_("unrecognized value for `sideband." -+ "allowControlCharacters`: '%s'"), value); -+ break; -+ default: -+ break; /* not configured */ -+ } - - if (!git_config_get_string_tmp(key, &value)) - use_sideband_colors_cached = git_config_colorbool(key, value); -@@ -71,9 +91,37 @@ void list_config_color_sideband_slots(struct string_list *list, const char *pref - list_config_item(list, prefix, keywords[i].keyword); - } - -+static int handle_ansi_color_sequence(struct strbuf *dest, const char *src, int n) -+{ -+ int i; -+ -+ /* -+ * Valid ANSI color sequences are of the form -+ * -+ * ESC [ [ [; ]*] m -+ */ -+ -+ if (allow_control_characters != ALLOW_ANSI_COLOR_SEQUENCES || -+ n < 3 || src[0] != '\x1b' || src[1] != '[') -+ return 0; -+ -+ for (i = 2; i < n; i++) { -+ if (src[i] == 'm') { -+ strbuf_add(dest, src, i + 1); -+ return i; -+ } -+ if (!isdigit(src[i]) && src[i] != ';') -+ break; -+ } -+ -+ return 0; -+} -+ - static void strbuf_add_sanitized(struct strbuf *dest, const char *src, int n) - { -- if (allow_control_characters) { -+ int i; -+ -+ if (allow_control_characters == ALLOW_ALL_CONTROL_CHARACTERS) { - strbuf_add(dest, src, n); - return; - } -@@ -82,7 +130,10 @@ static void strbuf_add_sanitized(struct strbuf *dest, const char *src, int n) - for (; n && *src; src++, n--) { - if (!iscntrl(*src) || *src == '\t' || *src == '\n') - strbuf_addch(dest, *src); -- else { -+ else if ((i = handle_ansi_color_sequence(dest, src, n))) { -+ src += i; -+ n -= i; -+ } else { - strbuf_addch(dest, '^'); - strbuf_addch(dest, 0x40 + *src); - } -diff --git a/t/t5409-colorize-remote-messages.sh b/t/t5409-colorize-remote-messages.sh -index fb31e85254..a755c49a74 100755 ---- a/t/t5409-colorize-remote-messages.sh -+++ b/t/t5409-colorize-remote-messages.sh -@@ -100,7 +100,7 @@ test_expect_success 'fallback to color.ui' ' - - test_expect_success 'disallow (color) control sequences in sideband' ' - write_script .git/color-me-surprised <<-\EOF && -- printf "error: Have you \\033[31mread\\033[m this?\\n" >&2 -+ printf "error: Have you \\033[31mread\\033[m this?\\a\\n" >&2 - exec "$@" - EOF - test_config_global uploadPack.packObjectshook ./color-me-surprised && -@@ -108,12 +108,24 @@ test_expect_success 'disallow (color) control sequences in sideband' ' - - git clone --no-local . throw-away 2>stderr && - test_decode_color decoded && -+ test_grep RED decoded && -+ test_grep "\\^G" stderr && -+ tr -dc "\\007" actual && -+ test_must_be_empty actual && -+ -+ rm -rf throw-away && -+ git -c sideband.allowControlCharacters=false \ -+ clone --no-local . throw-away 2>stderr && -+ test_decode_color decoded && - test_grep ! RED decoded && -+ test_grep "\\^G" stderr && - - rm -rf throw-away && - git -c sideband.allowControlCharacters clone --no-local . throw-away 2>stderr && - test_decode_color decoded && -- test_grep RED decoded -+ test_grep RED decoded && -+ tr -dc "\\007" actual && -+ test_file_not_empty actual - ' - - test_done --- -2.49.0 - - -From b15d2255ed98eb6f75608c2f99f4ea3284ad250e Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Ond=C5=99ej=20Poho=C5=99elsk=C3=BD?= -Date: Mon, 24 Mar 2025 10:51:39 +0100 -Subject: [PATCH 4/4] sideband: default to allowControlCharacters=true -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -We don't want to change the default Git behaviour, just add the option -to filter control characters. - -Signed-off-by: Ondřej Pohořelský ---- - Documentation/config/sideband.adoc | 8 ++++---- - sideband.c | 2 +- - t/t5409-colorize-remote-messages.sh | 3 ++- - 3 files changed, 7 insertions(+), 6 deletions(-) - -diff --git a/Documentation/config/sideband.adoc b/Documentation/config/sideband.adoc -index f347fd6b33..a809e2de89 100644 ---- a/Documentation/config/sideband.adoc -+++ b/Documentation/config/sideband.adoc -@@ -1,16 +1,16 @@ - sideband.allowControlCharacters:: - By default, control characters that are delivered via the sideband -- are masked, except ANSI color sequences. This prevents potentially -- unwanted ANSI escape sequences from being sent to the terminal. Use -- this config setting to override this behavior: -+ are NOT masked. Use this config setting to prevent potentially -+ unwanted ANSI escape sequences from being sent to the terminal: - + - -- - color:: - Allow ANSI color sequences, line feeds and horizontal tabs, -- but mask all other control characters. This is the default. -+ but mask all other control characters. - false:: - Mask all control characters other than line feeds and - horizontal tabs. - true:: - Allow all control characters to be sent to the terminal. -+ This is the default. - -- -diff --git a/sideband.c b/sideband.c -index 9084ca234d..456cd3d8bc 100644 ---- a/sideband.c -+++ b/sideband.c -@@ -30,7 +30,7 @@ static enum { - ALLOW_NO_CONTROL_CHARACTERS = 0, - ALLOW_ALL_CONTROL_CHARACTERS = 1, - ALLOW_ANSI_COLOR_SEQUENCES = 2 --} allow_control_characters = ALLOW_ANSI_COLOR_SEQUENCES; -+} allow_control_characters = ALLOW_ALL_CONTROL_CHARACTERS; - - /* Returns a color setting (GIT_COLOR_NEVER, etc). */ - static int use_sideband_colors(void) -diff --git a/t/t5409-colorize-remote-messages.sh b/t/t5409-colorize-remote-messages.sh -index a755c49a74..2d40d8c640 100755 ---- a/t/t5409-colorize-remote-messages.sh -+++ b/t/t5409-colorize-remote-messages.sh -@@ -106,7 +106,8 @@ test_expect_success 'disallow (color) control sequences in sideband' ' - test_config_global uploadPack.packObjectshook ./color-me-surprised && - test_commit need-at-least-one-commit && - -- git clone --no-local . throw-away 2>stderr && -+ git -c sideband.allowControlCharacters=color \ -+ clone --no-local . throw-away 2>stderr && - test_decode_color decoded && - test_grep RED decoded && - test_grep "\\^G" stderr && --- -2.49.0 - diff --git a/git-2.51-sanitize-sideband-channel-messages.patch b/git-2.51-sanitize-sideband-channel-messages.patch new file mode 100644 index 0000000..6a31b6b --- /dev/null +++ b/git-2.51-sanitize-sideband-channel-messages.patch @@ -0,0 +1,274 @@ +From 247950ec070cef60c45a877d24a4770991d1eefc Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Ond=C5=99ej=20Poho=C5=99elsk=C3=BD?= +Date: Wed, 20 Aug 2025 09:35:47 +0200 +Subject: [PATCH] sideband: mask control characters +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +The output of `git clone` is a vital component for understanding what +has happened when things go wrong. However, these logs are partially +under the control of the remote server (via the "sideband", which +typically contains what the remote `git pack-objects` process sends to +`stderr`), and is currently not sanitized by Git. + +This makes Git susceptible to ANSI escape sequence injection (see +CWE-150, https://cwe.mitre.org/data/definitions/150.html), which allows +attackers to corrupt terminal state, to hide information, and even to +insert characters into the input buffer (i.e. as if the user had typed +those characters). + +To plug this vulnerability, disallow any control character in the +sideband, replacing them instead with the common `^` +(e.g. `^[` for `\x1b`, `^A` for `\x01`). + +There is likely a need for more fine-grained controls instead of using a +"heavy hammer" like this, which will be introduced subsequently. + +Signed-off-by: Johannes Schindelin + +sideband: introduce an "escape hatch" to allow control characters + +The preceding commit fixed the vulnerability whereas sideband messages +(that are under the control of the remote server) could contain ANSI +escape sequences that would be sent to the terminal verbatim. + +However, this fix may not be desirable under all circumstances, e.g. +when remote servers deliberately add coloring to their messages to +increase their urgency. + +To help with those use cases, give users a way to opt-out of the +protections: `sideband.allowControlCharacters`. + +Signed-off-by: Johannes Schindelin + +sideband: do allow ANSI color sequences by default + +The preceding two commits introduced special handling of the sideband +channel to neutralize ANSI escape sequences before sending the payload +to the terminal, and `sideband.allowControlCharacters` to override that +behavior. + +However, some `pre-receive` hooks that are actively used in practice +want to color their messages and therefore rely on the fact that Git +passes them through to the terminal. + +In contrast to other ANSI escape sequences, it is highly unlikely that +coloring sequences can be essential tools in attack vectors that mislead +Git users e.g. by hiding crucial information. + +Therefore we can have both: Continue to allow ANSI coloring sequences to +be passed to the terminal, and neutralize all other ANSI escape +sequences. + +Signed-off-by: Johannes Schindelin + +sideband: default to allowControlCharacters=true + +We don't want to change the default Git behaviour, just add the option +to filter control characters. + +Signed-off-by: Ondřej Pohořelský +--- + Documentation/config.adoc | 2 + + Documentation/config/sideband.adoc | 16 ++++++ + sideband.c | 78 ++++++++++++++++++++++++++++- + t/t5409-colorize-remote-messages.sh | 31 ++++++++++++ + 4 files changed, 125 insertions(+), 2 deletions(-) + create mode 100644 Documentation/config/sideband.adoc + +diff --git a/Documentation/config.adoc b/Documentation/config.adoc +index cc769251be..a8b04c4e51 100644 +--- a/Documentation/config.adoc ++++ b/Documentation/config.adoc +@@ -522,6 +522,8 @@ include::config/sequencer.adoc[] + + include::config/showbranch.adoc[] + ++include::config/sideband.adoc[] ++ + include::config/sparse.adoc[] + + include::config/splitindex.adoc[] +diff --git a/Documentation/config/sideband.adoc b/Documentation/config/sideband.adoc +new file mode 100644 +index 0000000000..a809e2de89 +--- /dev/null ++++ b/Documentation/config/sideband.adoc +@@ -0,0 +1,16 @@ ++sideband.allowControlCharacters:: ++ By default, control characters that are delivered via the sideband ++ are NOT masked. Use this config setting to prevent potentially ++ unwanted ANSI escape sequences from being sent to the terminal: +++ ++-- ++ color:: ++ Allow ANSI color sequences, line feeds and horizontal tabs, ++ but mask all other control characters. ++ false:: ++ Mask all control characters other than line feeds and ++ horizontal tabs. ++ true:: ++ Allow all control characters to be sent to the terminal. ++ This is the default. ++-- +diff --git a/sideband.c b/sideband.c +index 8f15b98a65..461eea0a51 100644 +--- a/sideband.c ++++ b/sideband.c +@@ -26,6 +26,12 @@ static struct keyword_entry keywords[] = { + { "error", GIT_COLOR_BOLD_RED }, + }; + ++static enum { ++ ALLOW_NO_CONTROL_CHARACTERS = 0, ++ ALLOW_ALL_CONTROL_CHARACTERS = 1, ++ ALLOW_ANSI_COLOR_SEQUENCES = 2 ++} allow_control_characters = ALLOW_ALL_CONTROL_CHARACTERS; ++ + /* Returns a color setting (GIT_COLOR_NEVER, etc). */ + static int use_sideband_colors(void) + { +@@ -39,6 +45,25 @@ static int use_sideband_colors(void) + if (use_sideband_colors_cached >= 0) + return use_sideband_colors_cached; + ++ switch (repo_config_get_maybe_bool(the_repository, "sideband.allowcontrolcharacters", &i)) { ++ case 0: /* Boolean value */ ++ allow_control_characters = i ? ALLOW_ALL_CONTROL_CHARACTERS : ++ ALLOW_NO_CONTROL_CHARACTERS; ++ break; ++ case -1: /* non-Boolean value */ ++ if (repo_config_get_string_tmp(the_repository, "sideband.allowcontrolcharacters", ++ &value)) ++ ; /* huh? `get_maybe_bool()` returned -1 */ ++ else if (!strcmp(value, "color")) ++ allow_control_characters = ALLOW_ANSI_COLOR_SEQUENCES; ++ else ++ warning(_("unrecognized value for `sideband." ++ "allowControlCharacters`: '%s'"), value); ++ break; ++ default: ++ break; /* not configured */ ++ } ++ + if (!repo_config_get_string_tmp(the_repository, key, &value)) + use_sideband_colors_cached = git_config_colorbool(key, value); + else if (!repo_config_get_string_tmp(the_repository, "color.ui", &value)) +@@ -66,6 +91,55 @@ void list_config_color_sideband_slots(struct string_list *list, const char *pref + list_config_item(list, prefix, keywords[i].keyword); + } + ++static int handle_ansi_color_sequence(struct strbuf *dest, const char *src, int n) ++{ ++ int i; ++ ++ /* ++ * Valid ANSI color sequences are of the form ++ * ++ * ESC [ [ [; ]*] m ++ */ ++ ++ if (allow_control_characters != ALLOW_ANSI_COLOR_SEQUENCES || ++ n < 3 || src[0] != '\x1b' || src[1] != '[') ++ return 0; ++ ++ for (i = 2; i < n; i++) { ++ if (src[i] == 'm') { ++ strbuf_add(dest, src, i + 1); ++ return i; ++ } ++ if (!isdigit(src[i]) && src[i] != ';') ++ break; ++ } ++ ++ return 0; ++} ++ ++static void strbuf_add_sanitized(struct strbuf *dest, const char *src, int n) ++{ ++ int i; ++ ++ if (allow_control_characters == ALLOW_ALL_CONTROL_CHARACTERS) { ++ strbuf_add(dest, src, n); ++ return; ++ } ++ ++ strbuf_grow(dest, n); ++ for (; n && *src; src++, n--) { ++ if (!iscntrl(*src) || *src == '\t' || *src == '\n') ++ strbuf_addch(dest, *src); ++ else if ((i = handle_ansi_color_sequence(dest, src, n))) { ++ src += i; ++ n -= i; ++ } else { ++ strbuf_addch(dest, '^'); ++ strbuf_addch(dest, 0x40 + *src); ++ } ++ } ++} ++ + /* + * Optionally highlight one keyword in remote output if it appears at the start + * of the line. This should be called for a single line only, which is +@@ -81,7 +155,7 @@ static void maybe_colorize_sideband(struct strbuf *dest, const char *src, int n) + int i; + + if (!want_color_stderr(use_sideband_colors())) { +- strbuf_add(dest, src, n); ++ strbuf_add_sanitized(dest, src, n); + return; + } + +@@ -114,7 +188,7 @@ static void maybe_colorize_sideband(struct strbuf *dest, const char *src, int n) + } + } + +- strbuf_add(dest, src, n); ++ strbuf_add_sanitized(dest, src, n); + } + + +diff --git a/t/t5409-colorize-remote-messages.sh b/t/t5409-colorize-remote-messages.sh +index fa5de4500a..2d40d8c640 100755 +--- a/t/t5409-colorize-remote-messages.sh ++++ b/t/t5409-colorize-remote-messages.sh +@@ -98,4 +98,35 @@ test_expect_success 'fallback to color.ui' ' + grep "error: error" decoded + ' + ++test_expect_success 'disallow (color) control sequences in sideband' ' ++ write_script .git/color-me-surprised <<-\EOF && ++ printf "error: Have you \\033[31mread\\033[m this?\\a\\n" >&2 ++ exec "$@" ++ EOF ++ test_config_global uploadPack.packObjectshook ./color-me-surprised && ++ test_commit need-at-least-one-commit && ++ ++ git -c sideband.allowControlCharacters=color \ ++ clone --no-local . throw-away 2>stderr && ++ test_decode_color decoded && ++ test_grep RED decoded && ++ test_grep "\\^G" stderr && ++ tr -dc "\\007" actual && ++ test_must_be_empty actual && ++ ++ rm -rf throw-away && ++ git -c sideband.allowControlCharacters=false \ ++ clone --no-local . throw-away 2>stderr && ++ test_decode_color decoded && ++ test_grep ! RED decoded && ++ test_grep "\\^G" stderr && ++ ++ rm -rf throw-away && ++ git -c sideband.allowControlCharacters clone --no-local . throw-away 2>stderr && ++ test_decode_color decoded && ++ test_grep RED decoded && ++ tr -dc "\\007" actual && ++ test_file_not_empty actual ++' ++ + test_done +-- +2.50.1 + diff --git a/git.spec b/git.spec index d19d51f..ec36e59 100644 --- a/git.spec +++ b/git.spec @@ -78,8 +78,8 @@ %global _package_note_file %{_builddir}/%{name}-%{real_version}/.package_note-%{name}-%{version}-%{release}.%{_arch}.ld Name: git -Version: 2.50.1 -Release: 2%{?dist} +Version: 2.51.0 +Release: 1%{?dist} Summary: Fast Version Control System License: BSD-3-Clause AND GPL-2.0-only AND GPL-2.0-or-later AND LGPL-2.1-or-later AND MIT URL: https://git-scm.com/ @@ -137,7 +137,7 @@ Patch5: git-test-apache-davlockdbtype-config.patch # The default behaviour of Git remains unchanged. # # https://github.com/gitgitgadget/git/pull/1853 -Patch6: git-2.49-sanitize-sideband-channel-messages.patch +Patch6: git-2.51-sanitize-sideband-channel-messages.patch %if %{with docs} # pod2man is needed to build Git.3pm @@ -740,13 +740,6 @@ mkdir -p %{buildroot}%{_datadir}/git-core/contrib/completion install -pm 644 contrib/completion/git-completion.tcsh \ %{buildroot}%{_datadir}/git-core/contrib/completion/ -# Move contrib/hooks out of %%docdir -mkdir -p %{buildroot}%{_datadir}/git-core/contrib -mv contrib/hooks %{buildroot}%{_datadir}/git-core/contrib -pushd contrib > /dev/null -ln -s ../../../git-core/contrib/hooks -popd > /dev/null - # Install git-prompt.sh mkdir -p %{buildroot}%{_datadir}/git-core/contrib/completion install -pm 644 contrib/completion/git-prompt.sh \ @@ -936,11 +929,6 @@ rmdir --ignore-fail-on-non-empty "$testdir" %files -f bin-man-doc-git-files %{_datadir}/git-core/contrib/diff-highlight -%{_datadir}/git-core/contrib/hooks/update-paranoid -%{_datadir}/git-core/contrib/hooks/setgitperms.perl -%{_datadir}/git-core/templates/hooks/fsmonitor-watchman.sample -%{_datadir}/git-core/templates/hooks/pre-rebase.sample -%{_datadir}/git-core/templates/hooks/prepare-commit-msg.sample %files all # No files for you! @@ -952,11 +940,6 @@ rmdir --ignore-fail-on-non-empty "$testdir" %license COPYING # exclude is best way here because of troubles with symlinks inside git-core/ %exclude %{_datadir}/git-core/contrib/diff-highlight -%exclude %{_datadir}/git-core/contrib/hooks/update-paranoid -%exclude %{_datadir}/git-core/contrib/hooks/setgitperms.perl -%exclude %{_datadir}/git-core/templates/hooks/fsmonitor-watchman.sample -%exclude %{_datadir}/git-core/templates/hooks/pre-rebase.sample -%exclude %{_datadir}/git-core/templates/hooks/prepare-commit-msg.sample %{bash_completions_dir}/git %{_datadir}/git-core/ @@ -966,7 +949,6 @@ rmdir --ignore-fail-on-non-empty "$testdir" %exclude %{_pkgdocdir}/contrib/*/*.py[co] %endif # endif rhel <= 7 -%{_pkgdocdir}/contrib/hooks %if %{with libsecret} %files credential-libsecret @@ -1063,6 +1045,9 @@ rmdir --ignore-fail-on-non-empty "$testdir" %{?with_docs:%{_pkgdocdir}/git-svn.html} %changelog +* Wed Aug 20 2025 Ondřej Pohořelský - 2.51.0-1 +- update to 2.51.0 + * Wed Jul 23 2025 Fedora Release Engineering - 2.50.1-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild diff --git a/sources b/sources index 8e5e30a..9d8afae 100644 --- a/sources +++ b/sources @@ -1,2 +1,2 @@ -SHA512 (git-2.50.1.tar.xz) = 09f37290c0d4d074b97363f4a4be1813426e93ac3fa993c4d671bb1462bcc9335713c17d1442196a35205a603eeb052662382935d27498875a251f4fe86f6b36 -SHA512 (git-2.50.1.tar.sign) = f03a588b4108a2f0eae949d8870a3f16da18dfdf23de547aeaa25cdbccf668cfe89d49bbfb3869571b261738482f32002d83b2760415d4c04a0285273b18e828 +SHA512 (git-2.51.0.tar.xz) = 2b8c59589266c0c9e58a9f4fda4a970a8a492e2e0ecbafc414fcfacac4a04251f0115b3676f4599a415b53906f1dea312b18a42e9bde455286abd62ec327beaf +SHA512 (git-2.51.0.tar.sign) = 1fb0d30fb68227ec8a13364b07c3d4468269a2912a746d75704146690115cd9e13c41be4e6e97f65fc5fce40f433456a5e2529f28fe04d6280557970189ac135 From 4cf7527c991233a0316fdbe4cfd60bbc84e0b859 Mon Sep 17 00:00:00 2001 From: Yanko Kaneti Date: Thu, 21 Aug 2025 16:46:57 +0300 Subject: [PATCH 13/22] Gitk can now work with tcl/tk 9 --- git.spec | 8 +------- 1 file changed, 1 insertion(+), 7 deletions(-) diff --git a/git.spec b/git.spec index ec36e59..1e420f8 100644 --- a/git.spec +++ b/git.spec @@ -436,9 +436,7 @@ Summary: Git repository browser BuildArch: noarch Requires: git = %{version}-%{release} Requires: git-gui = %{version}-%{release} -# Keep gitk on tcl/tk 8.x until its ready for 9 (also see below in config.mk) -# https://github.com/j6t/gitk/issues/5 -Requires: tk8 >= 8.4 +Requires: tk %description -n gitk %{summary}. @@ -596,10 +594,6 @@ gitwebdir = %{_localstatedir}/www/git DEFAULT_TEST_TARGET = prove GIT_PROVE_OPTS = --verbose --normalize %{?_smp_mflags} --formatter=TAP::Formatter::File GIT_TEST_OPTS = -x --verbose-log - -# Keep gitk on tcl/tk 8.x until its ready for 9 (see more above in gitk requires) -TCLTK_PATH = wish8 -TCL_PATH = tclsh8 EOF # Filter bogus perl requires From b54c829dee53d0535769196e6f834ab12e249f76 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ond=C5=99ej=20Poho=C5=99elsk=C3=BD?= Date: Thu, 21 Aug 2025 18:33:27 +0200 Subject: [PATCH 14/22] exclude sample hook files from automatic dependency detection --- git.spec | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/git.spec b/git.spec index 02145da..b8020bb 100644 --- a/git.spec +++ b/git.spec @@ -79,7 +79,7 @@ Name: git Version: 2.51.0 -Release: 1%{?dist} +Release: 2%{?dist} Summary: Fast Version Control System License: BSD-3-Clause AND GPL-2.0-only AND GPL-2.0-or-later AND LGPL-2.1-or-later AND MIT URL: https://git-scm.com/ @@ -604,6 +604,9 @@ EOF %endif # endif ! defined perl_bootstrap +# Exclude sample hook files from automatic dependency detection +%global __requires_exclude_from ^%{_datadir}/git-core/templates/hooks/.*sample$ + # Remove Git::LoadCPAN to ensure we use only system perl modules. This also # allows the dependencies to be automatically processed by rpm. rm -rf perl/Git/LoadCPAN{.pm,/} @@ -1038,6 +1041,9 @@ rmdir --ignore-fail-on-non-empty "$testdir" %{?with_docs:%{_pkgdocdir}/git-svn.html} %changelog +* Thu Aug 21 2025 Ondřej Pohořelský - 2.51.0-2 +- exclude sample hook files from automatic dependency detection + * Wed Aug 20 2025 Ondřej Pohořelský - 2.51.0-1 - update to 2.51.0 From 8e9df669b84ad39bdefbb31dabfac3b4fa09ab4b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ond=C5=99ej=20Poho=C5=99elsk=C3=BD?= Date: Thu, 21 Aug 2025 18:33:27 +0200 Subject: [PATCH 15/22] exclude sample hook files from automatic dependency detection --- git.spec | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/git.spec b/git.spec index 1e420f8..7111a62 100644 --- a/git.spec +++ b/git.spec @@ -79,7 +79,7 @@ Name: git Version: 2.51.0 -Release: 1%{?dist} +Release: 2%{?dist} Summary: Fast Version Control System License: BSD-3-Clause AND GPL-2.0-only AND GPL-2.0-or-later AND LGPL-2.1-or-later AND MIT URL: https://git-scm.com/ @@ -605,6 +605,9 @@ EOF %endif # endif ! defined perl_bootstrap +# Exclude sample hook files from automatic dependency detection +%global __requires_exclude_from ^%{_datadir}/git-core/templates/hooks/.*sample$ + # Remove Git::LoadCPAN to ensure we use only system perl modules. This also # allows the dependencies to be automatically processed by rpm. rm -rf perl/Git/LoadCPAN{.pm,/} @@ -1039,6 +1042,9 @@ rmdir --ignore-fail-on-non-empty "$testdir" %{?with_docs:%{_pkgdocdir}/git-svn.html} %changelog +* Thu Aug 21 2025 Ondřej Pohořelský - 2.51.0-2 +- exclude sample hook files from automatic dependency detection + * Wed Aug 20 2025 Ondřej Pohořelský - 2.51.0-1 - update to 2.51.0 From ba249bb3a1b6ce3fa8636a5ea71ae0a1d41ac58c Mon Sep 17 00:00:00 2001 From: Yaakov Selkowitz Date: Sun, 12 Oct 2025 18:21:23 -0400 Subject: [PATCH 16/22] Revbump for tcl/tk 9 Currently, the rawhide and f43 branches both have -2, but the tcl/tk 9 change is only on rawhide. --- git.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/git.spec b/git.spec index 7111a62..e337059 100644 --- a/git.spec +++ b/git.spec @@ -79,7 +79,7 @@ Name: git Version: 2.51.0 -Release: 2%{?dist} +Release: 3%{?dist} Summary: Fast Version Control System License: BSD-3-Clause AND GPL-2.0-only AND GPL-2.0-or-later AND LGPL-2.1-or-later AND MIT URL: https://git-scm.com/ @@ -1042,6 +1042,9 @@ rmdir --ignore-fail-on-non-empty "$testdir" %{?with_docs:%{_pkgdocdir}/git-svn.html} %changelog +* Sun Oct 12 2025 Yaakov Selkowitz - 2.51.0-3 +- Revbump for tcl/tk 9 + * Thu Aug 21 2025 Ondřej Pohořelský - 2.51.0-2 - exclude sample hook files from automatic dependency detection From 8f542b0496a06ad6fed89e53c4d2e2a33ffe97c3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ond=C5=99ej=20Poho=C5=99elsk=C3=BD?= Date: Thu, 23 Oct 2025 09:34:39 +0200 Subject: [PATCH 17/22] update to 2.51.1 --- git.spec | 7 +++++-- sources | 4 ++-- 2 files changed, 7 insertions(+), 4 deletions(-) diff --git a/git.spec b/git.spec index e337059..37c2a53 100644 --- a/git.spec +++ b/git.spec @@ -78,8 +78,8 @@ %global _package_note_file %{_builddir}/%{name}-%{real_version}/.package_note-%{name}-%{version}-%{release}.%{_arch}.ld Name: git -Version: 2.51.0 -Release: 3%{?dist} +Version: 2.51.1 +Release: 1%{?dist} Summary: Fast Version Control System License: BSD-3-Clause AND GPL-2.0-only AND GPL-2.0-or-later AND LGPL-2.1-or-later AND MIT URL: https://git-scm.com/ @@ -1042,6 +1042,9 @@ rmdir --ignore-fail-on-non-empty "$testdir" %{?with_docs:%{_pkgdocdir}/git-svn.html} %changelog +* Thu Oct 23 2025 Ondřej Pohořelský - 2.51.1-1 +- update to 2.51.1 + * Sun Oct 12 2025 Yaakov Selkowitz - 2.51.0-3 - Revbump for tcl/tk 9 diff --git a/sources b/sources index 9d8afae..2fe883b 100644 --- a/sources +++ b/sources @@ -1,2 +1,2 @@ -SHA512 (git-2.51.0.tar.xz) = 2b8c59589266c0c9e58a9f4fda4a970a8a492e2e0ecbafc414fcfacac4a04251f0115b3676f4599a415b53906f1dea312b18a42e9bde455286abd62ec327beaf -SHA512 (git-2.51.0.tar.sign) = 1fb0d30fb68227ec8a13364b07c3d4468269a2912a746d75704146690115cd9e13c41be4e6e97f65fc5fce40f433456a5e2529f28fe04d6280557970189ac135 +SHA512 (git-2.51.1.tar.xz) = bc22d26bbfad4a549d2fb6bed11eb019c2dee607c86bf8faaa986774e526e5b367d80c9a79ab50358624634d840e8e0d27e0b46411d1aabbf76728b7a7f138dd +SHA512 (git-2.51.1.tar.sign) = b22a9ab0db57e00203181ee0138350b0dd7239b68f5ed5c1f2acfcf5f56993f0937150d3d74c27e2fdf6e6daa8eccc682353c957f9dbdd0d2dcbd870b5022aca From 14642cc6817d8814f2f6c670b3bf3b72e557967b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ond=C5=99ej=20Poho=C5=99elsk=C3=BD?= Date: Thu, 23 Oct 2025 09:34:39 +0200 Subject: [PATCH 18/22] update to 2.51.1 --- git.spec | 7 +++++-- sources | 4 ++-- 2 files changed, 7 insertions(+), 4 deletions(-) diff --git a/git.spec b/git.spec index b8020bb..9dd38e0 100644 --- a/git.spec +++ b/git.spec @@ -78,8 +78,8 @@ %global _package_note_file %{_builddir}/%{name}-%{real_version}/.package_note-%{name}-%{version}-%{release}.%{_arch}.ld Name: git -Version: 2.51.0 -Release: 2%{?dist} +Version: 2.51.1 +Release: 1%{?dist} Summary: Fast Version Control System License: BSD-3-Clause AND GPL-2.0-only AND GPL-2.0-or-later AND LGPL-2.1-or-later AND MIT URL: https://git-scm.com/ @@ -1041,6 +1041,9 @@ rmdir --ignore-fail-on-non-empty "$testdir" %{?with_docs:%{_pkgdocdir}/git-svn.html} %changelog +* Thu Oct 23 2025 Ondřej Pohořelský - 2.51.1-1 +- update to 2.51.1 + * Thu Aug 21 2025 Ondřej Pohořelský - 2.51.0-2 - exclude sample hook files from automatic dependency detection diff --git a/sources b/sources index 9d8afae..2fe883b 100644 --- a/sources +++ b/sources @@ -1,2 +1,2 @@ -SHA512 (git-2.51.0.tar.xz) = 2b8c59589266c0c9e58a9f4fda4a970a8a492e2e0ecbafc414fcfacac4a04251f0115b3676f4599a415b53906f1dea312b18a42e9bde455286abd62ec327beaf -SHA512 (git-2.51.0.tar.sign) = 1fb0d30fb68227ec8a13364b07c3d4468269a2912a746d75704146690115cd9e13c41be4e6e97f65fc5fce40f433456a5e2529f28fe04d6280557970189ac135 +SHA512 (git-2.51.1.tar.xz) = bc22d26bbfad4a549d2fb6bed11eb019c2dee607c86bf8faaa986774e526e5b367d80c9a79ab50358624634d840e8e0d27e0b46411d1aabbf76728b7a7f138dd +SHA512 (git-2.51.1.tar.sign) = b22a9ab0db57e00203181ee0138350b0dd7239b68f5ed5c1f2acfcf5f56993f0937150d3d74c27e2fdf6e6daa8eccc682353c957f9dbdd0d2dcbd870b5022aca From 6c89b0ef9df4c8238b1062f52fb4bbd0e06f5cf0 Mon Sep 17 00:00:00 2001 From: Yaakov Selkowitz Date: Mon, 17 Nov 2025 11:55:29 -0500 Subject: [PATCH 19/22] Build with highlight on all arches on EL8+ While highlight was only built/shipped on some arches in RHEL 7 Optional, as of RHEL 8 it is built on all arches (albeit not shipped as of 10). --- git.spec | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/git.spec b/git.spec index 37c2a53..f634419 100644 --- a/git.spec +++ b/git.spec @@ -232,7 +232,7 @@ BuildRequires: glibc-langpack-is BuildRequires: gnupg2-smime %endif # endif fedora or el >= 9 -%if 0%{?fedora} || ( 0%{?rhel} >= 7 && ( "%{_arch}" == "ppc64le" || "%{_arch}" == "x86_64" ) ) +%if 0%{?fedora} || 0%{?rhel} >= 8 || ( 0%{?rhel} == 7 && ( "%{_arch}" == "ppc64le" || "%{_arch}" == "x86_64" ) ) BuildRequires: highlight %endif # endif fedora or el7+ (ppc64le/x86_64) From c488c27117d176c90e836715aed9947b2e3e6799 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ond=C5=99ej=20Poho=C5=99elsk=C3=BD?= Date: Thu, 20 Nov 2025 13:40:48 +0100 Subject: [PATCH 20/22] update to 2.52.0 --- ...2-sanitize-sideband-channel-messages.patch | 21 ++++++++++--------- git.spec | 14 ++++++++----- sources | 4 ++-- 3 files changed, 22 insertions(+), 17 deletions(-) rename git-2.51-sanitize-sideband-channel-messages.patch => git-2.52-sanitize-sideband-channel-messages.patch (94%) diff --git a/git-2.51-sanitize-sideband-channel-messages.patch b/git-2.52-sanitize-sideband-channel-messages.patch similarity index 94% rename from git-2.51-sanitize-sideband-channel-messages.patch rename to git-2.52-sanitize-sideband-channel-messages.patch index 6a31b6b..786cb39 100644 --- a/git-2.51-sanitize-sideband-channel-messages.patch +++ b/git-2.52-sanitize-sideband-channel-messages.patch @@ -1,6 +1,6 @@ -From 247950ec070cef60c45a877d24a4770991d1eefc Mon Sep 17 00:00:00 2001 +From 65e88e659008e2cbf79cf44975406ff0d569a3a9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ond=C5=99ej=20Poho=C5=99elsk=C3=BD?= -Date: Wed, 20 Aug 2025 09:35:47 +0200 +Date: Thu, 20 Nov 2025 12:24:59 +0100 Subject: [PATCH] sideband: mask control characters MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 @@ -78,10 +78,10 @@ Signed-off-by: Ondřej Pohořelský create mode 100644 Documentation/config/sideband.adoc diff --git a/Documentation/config.adoc b/Documentation/config.adoc -index cc769251be..a8b04c4e51 100644 +index 62eebe7c54..dcea3c0c15 100644 --- a/Documentation/config.adoc +++ b/Documentation/config.adoc -@@ -522,6 +522,8 @@ include::config/sequencer.adoc[] +@@ -523,6 +523,8 @@ include::config/sequencer.adoc[] include::config/showbranch.adoc[] @@ -92,7 +92,7 @@ index cc769251be..a8b04c4e51 100644 include::config/splitindex.adoc[] diff --git a/Documentation/config/sideband.adoc b/Documentation/config/sideband.adoc new file mode 100644 -index 0000000000..a809e2de89 +index 0000000000..c9ba24a02c --- /dev/null +++ b/Documentation/config/sideband.adoc @@ -0,0 +1,16 @@ @@ -112,8 +112,9 @@ index 0000000000..a809e2de89 + Allow all control characters to be sent to the terminal. + This is the default. +-- +\ No newline at end of file diff --git a/sideband.c b/sideband.c -index 8f15b98a65..461eea0a51 100644 +index ea7c25211e..88d1b44a7a 100644 --- a/sideband.c +++ b/sideband.c @@ -26,6 +26,12 @@ static struct keyword_entry keywords[] = { @@ -127,10 +128,10 @@ index 8f15b98a65..461eea0a51 100644 +} allow_control_characters = ALLOW_ALL_CONTROL_CHARACTERS; + /* Returns a color setting (GIT_COLOR_NEVER, etc). */ - static int use_sideband_colors(void) + static enum git_colorbool use_sideband_colors(void) { -@@ -39,6 +45,25 @@ static int use_sideband_colors(void) - if (use_sideband_colors_cached >= 0) +@@ -39,6 +45,25 @@ static enum git_colorbool use_sideband_colors(void) + if (use_sideband_colors_cached != GIT_COLOR_UNKNOWN) return use_sideband_colors_cached; + switch (repo_config_get_maybe_bool(the_repository, "sideband.allowcontrolcharacters", &i)) { @@ -270,5 +271,5 @@ index fa5de4500a..2d40d8c640 100755 + test_done -- -2.50.1 +2.51.1 diff --git a/git.spec b/git.spec index f634419..df511dc 100644 --- a/git.spec +++ b/git.spec @@ -78,7 +78,7 @@ %global _package_note_file %{_builddir}/%{name}-%{real_version}/.package_note-%{name}-%{version}-%{release}.%{_arch}.ld Name: git -Version: 2.51.1 +Version: 2.52.0 Release: 1%{?dist} Summary: Fast Version Control System License: BSD-3-Clause AND GPL-2.0-only AND GPL-2.0-or-later AND LGPL-2.1-or-later AND MIT @@ -137,7 +137,7 @@ Patch5: git-test-apache-davlockdbtype-config.patch # The default behaviour of Git remains unchanged. # # https://github.com/gitgitgadget/git/pull/1853 -Patch6: git-2.51-sanitize-sideband-channel-messages.patch +Patch6: git-2.52-sanitize-sideband-channel-messages.patch %if %{with docs} # pod2man is needed to build Git.3pm @@ -875,10 +875,11 @@ GIT_SKIP_TESTS="$GIT_SKIP_TESTS t5300.1[02348] t5300.2[03459] t5300.30 t5300.4[5 # Skip tests which fail on s390x # # The following tests are failing on s390x. -# https://lore.kernel.org/git/Z8dIZmscTdi8dZAY@teonanacatl.net/ +# https://lore.kernel.org/git/4dc4c8cd-c0cc-4784-8fcf-defa3a051087@mit.edu/ # -# t5620.4 'do partial clone 2, backfill min batch size' -GIT_SKIP_TESTS="$GIT_SKIP_TESTS t5620.4" +# t8020.16 'cross merge boundaries in blaming' +# t8020.19 'last-modified merge undoes changes' +GIT_SKIP_TESTS="$GIT_SKIP_TESTS t8020.16 t8020.19" %endif # endif "%{_arch}" == "s390x" export GIT_SKIP_TESTS @@ -1042,6 +1043,9 @@ rmdir --ignore-fail-on-non-empty "$testdir" %{?with_docs:%{_pkgdocdir}/git-svn.html} %changelog +* Thu Nov 20 2025 Ondřej Pohořelský - 2.52.0-1 +- update to 2.52.0 + * Thu Oct 23 2025 Ondřej Pohořelský - 2.51.1-1 - update to 2.51.1 diff --git a/sources b/sources index 2fe883b..4a04f56 100644 --- a/sources +++ b/sources @@ -1,2 +1,2 @@ -SHA512 (git-2.51.1.tar.xz) = bc22d26bbfad4a549d2fb6bed11eb019c2dee607c86bf8faaa986774e526e5b367d80c9a79ab50358624634d840e8e0d27e0b46411d1aabbf76728b7a7f138dd -SHA512 (git-2.51.1.tar.sign) = b22a9ab0db57e00203181ee0138350b0dd7239b68f5ed5c1f2acfcf5f56993f0937150d3d74c27e2fdf6e6daa8eccc682353c957f9dbdd0d2dcbd870b5022aca +SHA512 (git-2.52.0.tar.xz) = 965e5ebb72d1f080d64e34bdb75f0bb1689c9dd41dcf63b020d986bad49808ac09bfb1115962bc0c5b95bac8622367ac4cd09aa89266f73d2137fe94c90dd3ed +SHA512 (git-2.52.0.tar.sign) = a5a68ce131a5763650c477ec01a4de958dd6a946bdea0f613e26bdab41d2df6b3ca63f9028bbe603bf0c834bd415c86e6c616b1ff08cc48aa7c3c61a37b24b74 From 890891525bac71df6ecbeec6e378df41dcfac911 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ond=C5=99ej=20Poho=C5=99elsk=C3=BD?= Date: Thu, 20 Nov 2025 13:40:48 +0100 Subject: [PATCH 21/22] update to 2.52.0 --- git.spec | 12 ++++++++---- sources | 4 ++-- 2 files changed, 10 insertions(+), 6 deletions(-) diff --git a/git.spec b/git.spec index 9dd38e0..42b940f 100644 --- a/git.spec +++ b/git.spec @@ -78,7 +78,7 @@ %global _package_note_file %{_builddir}/%{name}-%{real_version}/.package_note-%{name}-%{version}-%{release}.%{_arch}.ld Name: git -Version: 2.51.1 +Version: 2.52.0 Release: 1%{?dist} Summary: Fast Version Control System License: BSD-3-Clause AND GPL-2.0-only AND GPL-2.0-or-later AND LGPL-2.1-or-later AND MIT @@ -874,10 +874,11 @@ GIT_SKIP_TESTS="$GIT_SKIP_TESTS t5300.1[02348] t5300.2[03459] t5300.30 t5300.4[5 # Skip tests which fail on s390x # # The following tests are failing on s390x. -# https://lore.kernel.org/git/Z8dIZmscTdi8dZAY@teonanacatl.net/ +# https://lore.kernel.org/git/4dc4c8cd-c0cc-4784-8fcf-defa3a051087@mit.edu/ # -# t5620.4 'do partial clone 2, backfill min batch size' -GIT_SKIP_TESTS="$GIT_SKIP_TESTS t5620.4" +# t8020.16 'cross merge boundaries in blaming' +# t8020.19 'last-modified merge undoes changes' +GIT_SKIP_TESTS="$GIT_SKIP_TESTS t8020.16 t8020.19" %endif # endif "%{_arch}" == "s390x" export GIT_SKIP_TESTS @@ -1041,6 +1042,9 @@ rmdir --ignore-fail-on-non-empty "$testdir" %{?with_docs:%{_pkgdocdir}/git-svn.html} %changelog +* Thu Nov 20 2025 Ondřej Pohořelský - 2.52.0-1 +- update to 2.52.0 + * Thu Oct 23 2025 Ondřej Pohořelský - 2.51.1-1 - update to 2.51.1 diff --git a/sources b/sources index 2fe883b..4a04f56 100644 --- a/sources +++ b/sources @@ -1,2 +1,2 @@ -SHA512 (git-2.51.1.tar.xz) = bc22d26bbfad4a549d2fb6bed11eb019c2dee607c86bf8faaa986774e526e5b367d80c9a79ab50358624634d840e8e0d27e0b46411d1aabbf76728b7a7f138dd -SHA512 (git-2.51.1.tar.sign) = b22a9ab0db57e00203181ee0138350b0dd7239b68f5ed5c1f2acfcf5f56993f0937150d3d74c27e2fdf6e6daa8eccc682353c957f9dbdd0d2dcbd870b5022aca +SHA512 (git-2.52.0.tar.xz) = 965e5ebb72d1f080d64e34bdb75f0bb1689c9dd41dcf63b020d986bad49808ac09bfb1115962bc0c5b95bac8622367ac4cd09aa89266f73d2137fe94c90dd3ed +SHA512 (git-2.52.0.tar.sign) = a5a68ce131a5763650c477ec01a4de958dd6a946bdea0f613e26bdab41d2df6b3ca63f9028bbe603bf0c834bd415c86e6c616b1ff08cc48aa7c3c61a37b24b74 From da35363f19a689204ff3af77b85869ae857346b0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ond=C5=99ej=20Poho=C5=99elsk=C3=BD?= Date: Fri, 12 Dec 2025 13:32:24 +0100 Subject: [PATCH 22/22] remove unused buildrequires --- git.spec | 2 -- 1 file changed, 2 deletions(-) diff --git a/git.spec b/git.spec index df511dc..49c55d0 100644 --- a/git.spec +++ b/git.spec @@ -149,7 +149,6 @@ BuildRequires: rubygem-asciidoctor BuildRequires: asciidoc >= 8.4.1 %endif # endif with asciidoctor -BuildRequires: perl(File::Compare) BuildRequires: xmlto %if %{with linkcheck} BuildRequires: linkchecker @@ -179,7 +178,6 @@ BuildRequires: openssl-devel BuildRequires: pcre2-devel BuildRequires: perl(Error) BuildRequires: perl(lib) -BuildRequires: perl(Test) %if %{use_perl_generators} BuildRequires: perl-generators %endif