]>
Commit | Line | Data |
---|---|---|
a2558fb8 JH |
1 | Git v2.4.10 Release Notes |
2 | ========================= | |
3 | ||
4 | Fixes since v2.4.9 | |
5 | ------------------ | |
6 | ||
7 | * xdiff code we use to generate diffs is not prepared to handle | |
8 | extremely large files. It uses "int" in many places, which can | |
9 | overflow if we have a very large number of lines or even bytes in | |
2e3a16b2 | 10 | our input files, for example. Cap the input size to somewhere |
a2558fb8 JH |
11 | around 1GB for now. |
12 | ||
13 | * Some protocols (like git-remote-ext) can execute arbitrary code | |
14 | found in the URL. The URLs that submodules use may come from | |
15 | arbitrary sources (e.g., .gitmodules files in a remote | |
16 | repository), and can hurt those who blindly enable recursive | |
17 | fetch. Restrict the allowed protocols to well known and safe | |
18 | ones. |