[thirdparty/git.git] / Documentation / RelNotes / 2.30.8.txt

Git v2.30.8 Release Notes
=========================

This release addresses the security issues CVE-2023-22490 and
CVE-2023-23946.


Fixes since v2.30.7
-------------------

 * CVE-2023-22490:

   Using a specially-crafted repository, Git can be tricked into using
   its local clone optimization even when using a non-local transport.
   Though Git will abort local clones whose source $GIT_DIR/objects
   directory contains symbolic links (c.f., CVE-2022-39253), the objects
   directory itself may still be a symbolic link.

   These two may be combined to include arbitrary files based on known
   paths on the victim's filesystem within the malicious repository's
   working copy, allowing for data exfiltration in a similar manner as
   CVE-2022-39253.

 * CVE-2023-23946:

   By feeding a crafted input to "git apply", a path outside the
   working tree can be overwritten as the user who is running "git
   apply".

 * A mismatched type in `attr.c::read_attr_from_index()` which could
   cause Git to errantly reject attributes on Windows and 32-bit Linux
   has been corrected.

Credit for finding CVE-2023-22490 goes to yvvdwf, and the fix was
developed by Taylor Blau, with additional help from others on the
Git security mailing list.

Credit for finding CVE-2023-23946 goes to Joern Schneeweisz, and the
fix was developed by Patrick Steinhardt.


Johannes Schindelin (1):
      attr: adjust a mismatched data type

Patrick Steinhardt (1):
      apply: fix writing behind newly created symbolic links

Taylor Blau (3):
      t5619: demonstrate clone_local() with ambiguous transport
      clone: delay picking a transport until after get_repo_path()
      dir-iterator: prevent top-level symlinks without FOLLOW_SYMLINKS
Commit	Line	Data
394a759d JH	1	Git v2.30.8 Release Notes
	2	=========================
	3
	4	This release addresses the security issues CVE-2023-22490 and
	5	CVE-2023-23946.
	6
	7
	8	Fixes since v2.30.7
	9	-------------------
	10
	11	* CVE-2023-22490:
	12
	13	Using a specially-crafted repository, Git can be tricked into using
	14	its local clone optimization even when using a non-local transport.
	15	Though Git will abort local clones whose source $GIT_DIR/objects
	16	directory contains symbolic links (c.f., CVE-2022-39253), the objects
	17	directory itself may still be a symbolic link.
	18
	19	These two may be combined to include arbitrary files based on known
	20	paths on the victim's filesystem within the malicious repository's
	21	working copy, allowing for data exfiltration in a similar manner as
	22	CVE-2022-39253.
	23
	24	* CVE-2023-23946:
	25
	26	By feeding a crafted input to "git apply", a path outside the
	27	working tree can be overwritten as the user who is running "git
	28	apply".
	29
	30	* A mismatched type in `attr.c::read_attr_from_index()` which could
	31	cause Git to errantly reject attributes on Windows and 32-bit Linux
	32	has been corrected.
	33
	34	Credit for finding CVE-2023-22490 goes to yvvdwf, and the fix was
	35	developed by Taylor Blau, with additional help from others on the
	36	Git security mailing list.
	37
	38	Credit for finding CVE-2023-23946 goes to Joern Schneeweisz, and the
	39	fix was developed by Patrick Steinhardt.
	40
	41
	42	Johannes Schindelin (1):
	43	attr: adjust a mismatched data type
	44
	45	Patrick Steinhardt (1):
	46	apply: fix writing behind newly created symbolic links
	47
	48	Taylor Blau (3):
	49	t5619: demonstrate clone_local() with ambiguous transport
	50	clone: delay picking a transport until after get_repo_path()
	51	dir-iterator: prevent top-level symlinks without FOLLOW_SYMLINKS