]>
Commit | Line | Data |
---|---|---|
1 | Git v2.5.4 Release Notes | |
2 | ======================== | |
3 | ||
4 | Fixes since v2.5.4 | |
5 | ------------------ | |
6 | ||
7 | * xdiff code we use to generate diffs is not prepared to handle | |
8 | extremely large files. It uses "int" in many places, which can | |
9 | overflow if we have a very large number of lines or even bytes in | |
10 | our input files, for example. Cap the input size to somewhere | |
11 | around 1GB for now. | |
12 | ||
13 | * Some protocols (like git-remote-ext) can execute arbitrary code | |
14 | found in the URL. The URLs that submodules use may come from | |
15 | arbitrary sources (e.g., .gitmodules files in a remote | |
16 | repository), and can hurt those who blindly enable recursive | |
17 | fetch. Restrict the allowed protocols to well known and safe | |
18 | ones. |