Skip to content

Commit c42c0f1

Browse files
gitstergitster
committed
Git 2.17.4
Signed-off-by: Junio C Hamano <gitster@pobox.com>
1 parent 07259e7 commit c42c0f1

File tree

3 files changed

+18
-2
lines changed

3 files changed

+18
-2
lines changed

Documentation/RelNotes/2.17.4.txt

Lines changed: 16 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,16 @@
1+
Git v2.17.4 Release Notes
2+
=========================
3+
4+
This release is to address the security issue: CVE-2020-5260
5+
6+
Fixes since v2.17.3
7+
-------------------
8+
9+
* With a crafted URL that contains a newline in it, the credential
10+
helper machinery can be fooled to give credential information for
11+
a wrong host. The attack has been made impossible by forbidding
12+
a newline character in any value passed via the credential
13+
protocol.
14+
15+
Credit for finding the vulnerability goes to Felix Wilhelm of Google
16+
Project Zero.

GIT-VERSION-GEN

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,7 @@
11
#!/bin/sh
22

33
GVF=GIT-VERSION-FILE
4-
DEF_VER=v2.17.3
4+
DEF_VER=v2.17.4
55

66
LF='
77
'

RelNotes

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1 +1 @@
1-
Documentation/RelNotes/2.17.3.txt
1+
Documentation/RelNotes/2.17.4.txt

0 commit comments

Comments
 (0)