]> git.ipfire.org Git - thirdparty/git.git/commitdiff
projects / thirdparty / git.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | combined (merge: 0227130 bffc762)
Merge branch 'tb/clone-local-symlinks' into maint-2.30
authorTaylor Blau <me@ttaylorr.com>
Wed, 25 Jan 2023 19:58:38 +0000 (14:58 -0500)
committerJohannes Schindelin <johannes.schindelin@gmx.de>
Mon, 6 Feb 2023 08:09:14 +0000 (09:09 +0100)
Resolve a security vulnerability (CVE-2023-22490) where `clone_local()`
is used in conjunction with non-local transports, leading to arbitrary
path exfiltration.

* tb/clone-local-symlinks:
  dir-iterator: prevent top-level symlinks without FOLLOW_SYMLINKS
  clone: delay picking a transport until after get_repo_path()
  t5619: demonstrate clone_local() with ambiguous transport


Trivial merge
Unnamed repository; edit this file 'description' to name the repository.