]> git.ipfire.org Git - thirdparty/git.git/blob - Documentation/RelNotes/2.30.3.txt
projects / thirdparty / git.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
setup: opt-out of check with safe.directory=*
[thirdparty/git.git] / Documentation / RelNotes / 2.30.3.txt
1 Git v2.30.2 Release Notes
2 =========================
3
4 This release addresses the security issue CVE-2022-24765.
5
6 Fixes since v2.30.2
7 -------------------
8
9 * Build fix on Windows.
10
11 * Fix `GIT_CEILING_DIRECTORIES` with Windows-style root directories.
12
13 * CVE-2022-24765:
14 On multi-user machines, Git users might find themselves
15 unexpectedly in a Git worktree, e.g. when another user created a
16 repository in `C:\.git`, in a mounted network drive or in a
17 scratch space. Merely having a Git-aware prompt that runs `git
18 status` (or `git diff`) and navigating to a directory which is
19 supposedly not a Git worktree, or opening such a directory in an
20 editor or IDE such as VS Code or Atom, will potentially run
21 commands defined by that other user.
22
23 Credit for finding this vulnerability goes to 俞晨东; The fix was
24 authored by Johannes Schindelin.
Unnamed repository; edit this file 'description' to name the repository.