Package "git-cvs"

Name:	git-cvs
Description:	fast, scalable, distributed revision control system (cvs interoperability)
Latest version:	1:2.17.1-1ubuntu0.18
Release:	bionic (18.04)
Level:	updates
Repository:	universe
Head package:	git
Homepage:	https://git-scm.com/

Links

Raw Package Information

All versions of this package

Bug fixes

List of files in package

Repository home page

Download "git-cvs"

All arch deb package

APT INSTALL

Other versions of "git-cvs" in Bionic

Repository	Area	Version
base	universe	1:2.17.0-1ubuntu1
security	universe	1:2.17.1-1ubuntu0.18

Changelog

Version: 1:2.17.1-1ubuntu0.18 2023-05-03 11:07:21 UTC

git (1:2.17.1-1ubuntu0.18) bionic-security; urgency=medium * SECURITY UPDATE: Overwriting path - debian/patches/CVE-2023_25652_25815_29007/0022-*.patch: apply --reject overwriting existing .rej symlink if it exists in apply.c, t/t4115-apply-symlink.sh. - CVE-2023-25652 * SECURITY UPDATE: Malicious placement of crafted messages - debian/patches/CVE-2023_25652_25815_29007/0024-*patch: avoid using gettext if the locale dir is not present in gettext.c. - CVE-2023-25815 * SECURITY UPDATE: Arbitrary configuration injection - debian/patches/CVE-2023_25652_25815_29007/0025-*.patch: avoid fixed-sized buffer when renaming/deleting a section in config.c. - debian/patches/CVE-2023_25652_25815_29007/0026-*.patch: avoid integer truncation in copy_or_rename_section_in_file() in config.c. - debian/patches/CVE-2023_25652_25815_29007/0027-*.patch: disallow overly-long lines in copy_or_rename_section_in_file in config.c. - CVE-2023-29007 -- Leonidas Da Silva Barbosa <email address hidden> Wed, 26 Apr 2023 11:14:45 -0300

Source diff to previous version

CVE-2023-25652	Git is a revision control system. Prior to versions 2.30.9, 2.31.8, 2.32.7, 2.33.8, 2.34.8, 2.35.8, 2.36.6, 2.37.7, 2.38.5, 2.39.3, and 2.40.1, by fe
CVE-2023-29007	Git is a revision control system. Prior to versions 2.30.9, 2.31.8, 2.32.7, 2.33.8, 2.34.8, 2.35.8, 2.36.6, 2.37.7, 2.38.5, 2.39.3, and 2.40.1, a spe

Version: 1:2.17.1-1ubuntu0.17 2023-03-02 18:06:57 UTC

git (1:2.17.1-1ubuntu0.17) bionic-security; urgency=medium * SECURITY REGRESSION: Adding missing parts of CVE-2023-22490 local repository clone when .git/objects is a symlink - debian/patches/CVE_2023_22490_and_23946/0001-dir-iterator-refactor*.patch - debian/patches/CVE_2023_22490_and_23946/0005-dir-iterator-add-flags*.patch (LP: #2008277). -- Leonidas Da Silva Barbosa <email address hidden> Mon, 27 Feb 2023 11:27:06 -0300

Source diff to previous version

CVE-2023-22490

Git is a revision control system. Using a specially-crafted repository, Git prior to versions 2.39.2, 2.38.4, 2.37.6, 2.36.5, 2.35.7, 2.34.7, 2.33.7,

Version: 1:2.17.1-1ubuntu0.16 2023-02-14 22:07:12 UTC

Version: 1:2.17.1-1ubuntu0.16	2023-02-14 22:07:12 UTC
git (1:2.17.1-1ubuntu0.16) bionic-security; urgency=medium * SECURITY UPDATE: Overwritten path and using local clone optimization even when using a non-local transport - debian/patches/CVE_2023-22490_and_23946/0002-.patch: adjust a mismatch data type in attr.c. - debian/patches/CVE_2023-22490_and_23946/0003-.patch: demonstrate clone_local() with ambiguous transport in t/t5619-clone-local-ambiguous-transport.sh. - debian/patches/CVE_2023-22490_and_23946/0004-.patch: delay picking a transport until after get_repo_path() in builtin/clone.c. - debian/patches/CVE_2023-22490_and_23946/0006-.patch: fix writing behind newly created symbolic links in apply.c, t/t4115-apply-symlink.sh. - CVE-2023-22490 - CVE-2023-23946 -- Leonidas Da Silva Barbosa <email address hidden> Wed, 08 Feb 2023 12:09:34 -0300
Source diff to previous version

git (1:2.17.1-1ubuntu0.16) bionic-security; urgency=medium * SECURITY UPDATE: Overwritten path and using local clone optimization even when using a non-local transport - debian/patches/CVE_2023-22490_and_23946/0002-*.patch: adjust a mismatch data type in attr.c. - debian/patches/CVE_2023-22490_and_23946/0003-*.patch: demonstrate clone_local() with ambiguous transport in t/t5619-clone-local-ambiguous-transport.sh. - debian/patches/CVE_2023-22490_and_23946/0004-*.patch: delay picking a transport until after get_repo_path() in builtin/clone.c. - debian/patches/CVE_2023-22490_and_23946/0006-*.patch: fix writing behind newly created symbolic links in apply.c, t/t4115-apply-symlink.sh. - CVE-2023-22490 - CVE-2023-23946 -- Leonidas Da Silva Barbosa <email address hidden> Wed, 08 Feb 2023 12:09:34 -0300

Source diff to previous version

Version: 1:2.17.1-1ubuntu0.15	2023-01-19 19:07:28 UTC
`git (1:2.17.1-1ubuntu0.15) bionic-security; urgency=medium * SECURITY REGRESSION: Previous update was incomplete what could causes regressions - debian/patches/CVE_2022_23521_and_41903/0012-*.patch: update patch with missed parts (LP: #2003246). -- Leonidas Da Silva Barbosa <email address hidden> Thu, 19 Jan 2023 08:37:09 -0300`
Source diff to previous version

Version: 1:2.17.1-1ubuntu0.14 2023-01-17 21:07:35 UTC

Version: 1:2.17.1-1ubuntu0.14	2023-01-17 21:07:35 UTC
`git (1:2.17.1-1ubuntu0.14) bionic-security; urgency=medium * SECURITY UPDATE: Integer overflow - debian/patches/CVE_2022_23521_and_41903/00*.patch: attr.c, attr.h, pretty.c, column.c, utf8.c, utf8.h, t/t4205-log-pretty-formats.sh, t/test-lib.sh, git-compat-util.h, t/t0003-attributes.sh. - CVE-2022-23521 - CVE-2022-41903 -- Leonidas Da Silva Barbosa <email address hidden> Thu, 12 Jan 2023 11:48:11 -0300`

git (1:2.17.1-1ubuntu0.14) bionic-security; urgency=medium * SECURITY UPDATE: Integer overflow - debian/patches/CVE_2022_23521_and_41903/00*.patch: attr.c, attr.h, pretty.c, column.c, utf8.c, utf8.h, t/t4205-log-pretty-formats.sh, t/test-lib.sh, git-compat-util.h, t/t0003-attributes.sh. - CVE-2022-23521 - CVE-2022-41903 -- Leonidas Da Silva Barbosa <email address hidden> Thu, 12 Jan 2023 11:48:11 -0300

About - Send Feedback to @ubuntu_updates

Package "git-cvs"

Links

Download "git-cvs"

Other versions of "git-cvs" in Bionic

Changelog

Share this page

Bookmarks

Latest updates

security

proposed

updates

PPA updates