Publishing details
Changelog
git (1:2.34.1-1ubuntu1~bpo16.04.1~ppa1) xenial; urgency=medium
* Backport to xenial.
* Drop version from asciidoc build-dependency.
* Revert to debhelper 9.
git (1:2.34.1-1ubuntu1) jammy; urgency=low
* Merge from Debian unstable. Remaining changes:
- Build diff-highlight in the contrib dir
- Don't build-depend on subversion on i386, it is not reasonable to
support on the partial arch.
git (1:2.34.1-1) unstable; urgency=low
* new upstream point release (see RelNotes/2.34.1.txt).
git (1:2.34.0-1) unstable; urgency=low
* new upstream release (see RelNotes/2.34.0.txt).
git (1:2.33.1-1ubuntu1) jammy; urgency=low
[ Ubuntu Merge-o-Matic ]
* Merge from Debian unstable. Remaining changes:
- Build diff-highlight in the contrib dir
- Don't build-depend on subversion on i386, it is not reasonable to
support on the partial arch.
git (1:2.33.1-1) unstable; urgency=low
* new upstream point release (see RelNotes/2.33.1.txt).
git (1:2.33.0-1) unstable; urgency=low
* new upstream release (see RelNotes/2.33.0.txt).
git (1:2.32.0-1ubuntu1) impish; urgency=medium
* Merge with Debian; remaining changes:
- Build diff-highlight in the contrib dir
- Don't build-depend on subversion on i386, it is not reasonable to
support on the partial arch.
git (1:2.32.0-1) unstable; urgency=low
* new upstream release (see RelNotes/2.32.0.txt).
git (1:2.32.0~rc2-1) unstable; urgency=low
* new upstream release candidate.
* remove git-el package (closes: #987264, #984931). Since version
1:2.18.0~rc2-1, it only contained modules that error out with a
message pointing to other Emacs packages. Nowadays users can
use the README.emacs file from the git package for that instead.
git (1:2.32.0~rc0-1) unstable; urgency=low
* new upstream release candidate (see RelNotes/2.32.0.txt).
git (1:2.31.1-1ubuntu1) impish; urgency=medium
* Merge with Debian; remaining changes:
- Build diff-highlight in the contrib dir
- Don't build-depend on subversion on i386, it is not reasonable to
support on the partial arch.
git (1:2.31.1-1) unstable; urgency=low
* new upstream point release (see RelNotes/2.31.1.txt).
* install dashed commands to /usr/lib again (thx Sven Joachim;
closes: #985416).
git (1:2.31.0-1) unstable; urgency=low
* new upstream release (see RelNotes/2.31.0.txt).
* install dashed commands to /usr/libexec instead of /usr/lib (thx
Chris Lamb for suggesting it through lintian).
* remove compatibility code and NEWS.Debian entries that supported
upgrades from versions before 1.7.9.5 (the version in Ubuntu
12.04, which reached the end of extended security maintenance in
April, 2019).
git (1:2.30.2-1ubuntu1) hirsute; urgency=medium
* Merge with Debian; remaining changes:
- Build diff-highlight in the contrib dir
- Don't build-depend on subversion on i386, it is not reasonable to
support on the partial arch.
git (1:2.30.2-1) unstable; urgency=medium
* new upstream point release (see RelNotes/2.30.2.txt).
git (1:2.30.1-1ubuntu1) hirsute; urgency=medium
* Merge with Debian; remaining changes:
- Build diff-highlight in the contrib dir
- Don't build-depend on subversion on i386, it is not reasonable to
support on the partial arch.
git (1:2.30.1-1) unstable; urgency=low
* new upstream point release (see RelNotes/2.30.1.txt).
git (1:2.30.0-1ubuntu1) hirsute; urgency=low
* Merge from Debian unstable. Remaining changes:
- Build diff-highlight in the contrib dir
- Don't build-depend on subversion on i386, it is not reasonable to
support on the partial arch.
git (1:2.30.0-1) unstable; urgency=low
* new upstream release (see RelNotes/2.30.0.txt).
git (1:2.30.0~rc2-1) unstable; urgency=low
* new upstream release candidate.
git (1:2.30.0~rc1-1) unstable; urgency=low
* new upstream release candidate (see RelNotes/2.30.0.txt).
git (1:2.29.2-1ubuntu1) hirsute; urgency=low
* Merge from Debian unstable. Remaining changes:
- Build diff-highlight in the contrib dir (closes: #868871, LP: #1713690)
- Don't build-depend on subversion on i386, it is not reasonable to
support on the partial arch.
git (1:2.29.2-1) unstable; urgency=low
* new upstream point release (see RelNotes/2.29.2.txt).
* debian/copyright: remove unused BSD-2-Clause text. The last part
of Git under that license was removed in v2.29.0.
git (1:2.29.1-1) unstable; urgency=low
* new upstream release (see RelNotes/2.29.0.txt).
* update debian/copyright.
* debian/control: Build-Depends: debhelper-compat (= 10)
* debian/rules: run "dh --without autoreconf" to speed up build,
since we don't use the autotools-generated configure script.
* git-el: install elisp for the "emacs" flavor, too (thx Zack Weinberg;
closes: #972871). Breaks: emacsen-common (<< 3.0.0~) to avoid
triggering on older systems where "emacs" was a virtual package.
git (1:2.28.0-1ubuntu1) hirsute; urgency=low
* Merge from Debian unstable. Remaining changes:
- Build diff-highlight in the contrib dir (closes: #868871, LP: #1713690)
- Don't build-depend on subversion on i386, it is not reasonable to
support on the partial arch.
git (1:2.28.0-1) unstable; urgency=low
* new upstream release (see RelNotes/2.28.0.txt).
git (1:2.28.0~rc2-1) unstable; urgency=low
* new upstream release candidate.
git (1:2.28.0~rc1-1) unstable; urgency=low
* new upstream release candidate.
git (1:2.28.0~rc0-1) unstable; urgency=low
* new upstream release candidate (see RelNotes/2.28.0.txt).
git (1:2.27.0-1ubuntu1) groovy; urgency=low
* Merge from Debian unstable. Remaining changes:
- Build diff-highlight in the contrib dir (closes: #868871, LP: #1713690)
- Don't build-depend on subversion on i386, it is not reasonable to
support on the partial arch.
git (1:2.27.0-1) unstable; urgency=low
* new upstream release (see RelNotes/2.27.0.txt).
git (1:2.27.0~rc2-1) unstable; urgency=low
* new upstream release candidate (closes: #757402).
git (1:2.27.0~rc0-1ubuntu1) groovy; urgency=low
* Merge from Debian unstable. Remaining changes:
- Build diff-highlight in the contrib dir (closes: #868871, LP: #1713690)
- Don't build-depend on subversion on i386, it is not reasonable to
support on the partial arch.
* Drop security update patches, included upstream.
git (1:2.27.0~rc0-1) unstable; urgency=low
* new upstream release candidate (see RelNotes/2.27.0.txt).
git (1:2.26.2-1) unstable; urgency=high
* new upstream point release (see RelNotes/2.26.2.txt).
* Addresses the security issue CVE-2020-11008.
With a crafted URL that contains a newline or empty host, or
lacks a scheme, the credential helper machinery can be fooled
into providing credential information that is not appropriate
for the protocol in use and host being contacted.
Unlike the vulnerability fixed in 2.26.1, the credentials are
not for a host of the attacker's choosing. Instead, they are
for an unspecified host, based on how the configured
credential helper handles an absent "host" parameter.
The attack has been made impossible by refusing to work with
underspecified credential patterns.
Thanks to Carlo Arenas for reporting that Git was still
vulnerable, Felix Wilhelm for providing the proof of concept
demonstrating this issue, and Jeff King for promptly providing
a corrected fix.
Tested using the proof of concept at
https://crbug.com/project-zero/2021.
git (1:2.26.1-1) unstable; urgency=high
* new upstream point release (see RelNotes/2.26.1.txt).
* Addresses the security issue CVE-2020-5260.
With a crafted URL that contains a newline, the credential
helper machinery can be fooled to supply credential information
for the wrong host. The attack has been made impossible by
forbidding a newline character in any value passed via the
credential protocol.
Thanks to Felix Wilhelm of Google Project Zero for finding
this vulnerability and Jeff King for fixing it.
git (1:2.26.0-2) unstable; urgency=low
* fixes to the (newly default) rebase --merge backend:
* honor GIT_REFLOG_ACTION (thx Ian Jackson and Elijah Newren;
closes: #955152).
* avoid "nothing to do" error when fast-forwarding a branch with
rebase.abbreviateCommands=true (thx Jan Alexander Steffens and
Alban Gruin).
* debian/control: downgrade Recommends by git-all on git-daemon-run
to Suggests. The git-all package is a "batteries included" full
installation of Git. Automatically running a daemon is not useful
to most of its users.
git (1:2.26.0-1) unstable; urgency=low
* new upstream release (see RelNotes/2.26.0.txt).
git (1:2.26.0~rc2-1) unstable; urgency=low
* new upstream release candidate (see RelNotes/2.26.0.txt).
git (1:2.25.1-1ubuntu3) focal; urgency=medium
* SECURITY UPDATE: credential helper issue with missing host or scheme
- debian/patches/CVE-2020-11008-1.patch: make "quit" helper more
realistic in t/t0300-credentials.sh.
- debian/patches/CVE-2020-11008-2.patch: use more realistic inputs in
t/t0300-credentials.sh.
- debian/patches/CVE-2020-11008-3.patch: parse URL without host as
empty host, not unset in credential.c, http.c,
t/t0300-credentials.sh.
- debian/patches/CVE-2020-11008-4.patch: refuse to operate when missing
host or protocol in credential.c, t/t0300-credentials.sh.
- debian/patches/CVE-2020-11008-5.patch: convert gitmodules url to URL
passed to curl in fsck.c, t/t7416-submodule-dash-url.sh.
- debian/patches/CVE-2020-11008-6.patch: die() when parsing invalid
urls in credential.c, t/t0300-credentials.sh.
- debian/patches/CVE-2020-11008-7.patch: treat URL without scheme as
invalid in credential.c, fsck.c, t/t5550-http-fetch-dumb.sh,
t/t7416-submodule-dash-url.sh.
- debian/patches/CVE-2020-11008-8.patch: treat URL with empty scheme as
invalid in credential.c, t/t5550-http-fetch-dumb.sh,
t/t7416-submodule-dash-url.sh.
- debian/patches/CVE-2020-11008-9.patch: reject URL with empty host in
.gitmodules in fsck.c, t/t7416-submodule-dash-url.sh.
- CVE-2020-11008
git (1:2.25.1-1ubuntu2) focal; urgency=medium
* SECURITY UPDATE: credential helper issue with newlines in URL
- debian/patches/CVE-2020-5260-1.patch: avoid writing values with
newlines in credential.c, t/t0300-credentials.sh.
- debian/patches/CVE-2020-5260-2.patch: use test_i18ncmp to check
stderr in t/lib-credential.sh.
- debian/patches/CVE-2020-5260-3.patch: detect unrepresentable values
when parsing urls in credential.c, credential.h,
t/t0300-credentials.sh.
- debian/patches/CVE-2020-5260-4.patch: detect gitmodules URLs with
embedded newlines in fsck.c, t/t7416-submodule-dash-url.sh.
- CVE-2020-5260
git (1:2.25.1-1ubuntu1) focal; urgency=low
* Merge from Debian unstable. Remaining changes:
- Build diff-highlight in the contrib dir (closes: #868871, LP: #1713690)
- Don't build-depend on subversion on i386, it is not reasonable to
support on the partial arch.
git (1:2.25.1-1) unstable; urgency=low
* new upstream point release (see RelNotes/2.25.1.txt).
* update debian/copyright.
* debian/control: remove Gerrit Pape from the Maintainer field,
as requested. Thanks to Gerrit for putting together this
package in a way that has been pleasant to maintain.
* debian/rules: use "dpkg-architecture" instead of "uname -m" to
retrieve host arch. This makes the resulting "git version
--build-options" more predictable when building for i386 on an
amd64 machine (thx to Ceridwen for detecting this in reprotest).
git (1:2.25.0-1ubuntu1) focal; urgency=medium
* Resynchronise with Debian. Remaining changes:
- Build diff-highlight in the contrib dir (closes: #868871, LP: #1713690)
- Don't build-depend on subversion on i386, it is not reasonable to
support on the partial arch.
git (1:2.25.0-1) unstable; urgency=low
* new upstream release (see RelNotes/2.25.0.txt).
* build against Python 3 (thx Steve Langasek, closes: #948832).
git (1:2.25.0~rc2-1) unstable; urgency=low
* new upstream release candidate.
git (1:2.25.0~rc1-1) unstable; urgency=low
* new upstream release candidate.
git (1:2.25.0~rc0-1) unstable; urgency=low
* new upstream release candidate (see RelNotes/2.25.0.txt).
git (1:2.24.1-1) unstable; urgency=low
* update to use upstream tarball for 2.24.1.
git (1:2.24.0-2) unstable; urgency=high
* new upstream point release (see RelNotes/2.24.1.txt).
* Addresses the security issues CVE-2019-1348, CVE-2019-1349,
CVE-2019-1350, CVE-2019-1351, CVE-2019-1352, CVE-2019-1353,
CVE-2019-1354, and CVE-2019-1387.
Credit for finding these vulnerabilities goes to Microsoft
Security Response Center, in particular to Nicolas Joly. Fixes
were provided by Jeff King and Johannes Schindelin with help
from Garima Singh.
* Addresses CVE-2019-19604, arbitrary code execution via the
"update" field in .gitmodules.
Credit for finding this vulnerability goes to Joern
Schneeweisz from GitLab.
git (1:2.24.0-1ubuntu2) focal; urgency=medium
* Don't build-depend on subversion on i386, it is not reasonable to
support on the partial arch.
* Set PYTHON_PATH=/usr/bin/python2 and build-depend on python2 not python.
git (1:2.24.0-1ubuntu1) focal; urgency=medium
* Resynchronise with Debian. Remaining changes:
- Build diff-highlight in the contrib dir (closes: #868871, LP: #1713690)
git (1:2.24.1-1) unstable; urgency=low
* update to use upstream tarball for 2.24.1.
git (1:2.24.0-2) unstable; urgency=high
* new upstream point release (see RelNotes/2.24.1.txt).
* Addresses the security issues CVE-2019-1348, CVE-2019-1349,
CVE-2019-1350, CVE-2019-1351, CVE-2019-1352, CVE-2019-1353,
CVE-2019-1354, and CVE-2019-1387.
Credit for finding these vulnerabilities goes to Microsoft
Security Response Center, in particular to Nicolas Joly. Fixes
were provided by Jeff King and Johannes Schindelin with help
from Garima Singh.
* Addresses CVE-2019-19604, arbitrary code execution via the
"update" field in .gitmodules.
Credit for finding this vulnerability goes to Joern
Schneeweisz from GitLab.
git (1:2.24.0-1) unstable; urgency=medium
* new upstream release (see RelNotes/2.24.0.txt).
git (1:2.24.0~rc2-1) unstable; urgency=low
* new upstream release candidate.
git (1:2.24.0~rc1-1) unstable; urgency=medium
* new upstream release candidate.
* test-tool: read --total as an int, not uint64 (thx John Paul Adrian
Glaubitz; closes: #942674)
git (1:2.24.0~rc0-1) unstable; urgency=medium
* new upstream release candidate (see RelNotes/2.24.0.txt).
git (1:2.23.0-1) unstable; urgency=medium
* new upstream release (see RelNotes/2.23.0.txt).
git (1:2.23.0~rc1-1) unstable; urgency=low
* new upstream release candidate.
* tests: sort output of hashmap iteration (closes: #933519)
git (1:2.23.0~rc0-1) unstable; urgency=low
* new upstream release candidate (see RelNotes/2.23.0.txt).
git (1:2.22.0-1) unstable; urgency=low
* new upstream release (see RelNotes/2.21.0.txt, RelNotes/2.22.0.txt).
git (1:2.20.1-2ubuntu1) disco; urgency=medium
* Merge with Debian; remaining change:
- Build diff-highlight in the contrib dir (closes: #868871, LP: #1713690)
* Dropped change:
- Build against pcre3 (pcre2 is now in main) (LP: #1792544)
git (1:2.20.1-2) unstable; urgency=low
* package git-gui: actually Suggests: meld for mergetool support;
describe what meld is used for in package description (thx Jens
Reyer; closes: #707790).
* package gitweb: Depends: libhttp-date-perl | libtime-parsedate-perl
instead of ... | libtime-modules-perl (thx gregor herrmann; closes:
#879165).
* debian/control: use https in Vcs-Browser URL.
* debian/rules: build and test quietly if DEB_BUILD_OPTIONS=terse.
* debian/control: Standards-Version: 4.3.0.1.
git (1:2.20.1-1) unstable; urgency=medium
* new upstream point release (see RelNotes/2.20.1.txt).
* package git-gui: Suggests: meld for mergetool support (thx Jens
Reyer; closes: #707790).
git (1:2.20.0-1) unstable; urgency=medium
* new upstream release (see RelNotes/2.20.0.txt).
* package git: Recommends: ca-certificates for https support (thx HJ;
closes: #915644).
git (1:2.20.0~rc2-1) unstable; urgency=low
* new upstream release candidate.
* rebase: specify 'rebase -i' in reflog for interactive rebase
(closes: #914695).
git (1:2.20.0~rc1-1) unstable; urgency=low
* new upstream release candidate (see RelNotes/2.20.0.txt).
* debian/rules: target clean: don't remove t/t4256/1/mailinfo.c.orig.
git (1:2.19.2-1) unstable; urgency=high
* new upstream point release (see RelNotes/2.19.2.txt).
* run-command: do not fall back to cwd when command is not in $PATH.
git (1:2.19.1-1ubuntu1) cosmic; urgency=medium
* Merge with Debian; remaining changes:
- debian/control: build against pcre v3 only
- debian/rules: s390x libpcre3 library has JIT disabled, set
NO_LIBPCRE1_JIT on that arch to stop the build from failing.
- Build diff-highlight in the contrib dir (closes: #868871, LP: #1713690)
git (1:2.19.1-1) unstable; urgency=high
* new upstream point release (see RelNotes/2.19.1.txt,
CVE-2018-17456).
git (1:2.19.0-1ubuntu1) cosmic; urgency=medium
* Merge with Debian; remaining changes:
- debian/control: build against pcre v3 only
- debian/rules: s390x libpcre3 library has JIT disabled, set
NO_LIBPCRE1_JIT on that arch to stop the build from failing.
- Build diff-highlight in the contrib dir (closes: #868871, LP: #1713690)
git (1:2.19.0-1) unstable; urgency=low
* new upstream release (see RelNotes/2.19.0.txt).
* debian/patches/0001-*, 0002-*: remove; applied upstream.
git (1:2.19.0~rc2-2) unstable; urgency=low
* debian/patches:
* 0001-http-backend-allow-empty-CONTENT_LENGTH: new from
upstream: http-backend: treat empty CONTENT_LENGTH as absent
(closes: #907587).
* 0002-Revert-Merge-branch-sb-submodule-core-worktree.diff: new
from upstream: stop setting and unsetting core.worktree in
submodules, since the code to do so does not handle submodules
with an embedded .git directory (thx Allan Sandfeld Jensen).
git (1:2.19.0~rc2-1) unstable; urgency=low
* new upstream release candidate.
git (1:2.19.0~rc1-1) unstable; urgency=low
* new upstream release candidate (see RelNotes/2.19.0.txt).
* debian/control: Standards-Version: 4.1.5.0.
git (1:2.18.0-1) unstable; urgency=low
* new upstream release (see RelNotes/2.18.0.txt).
git (1:2.18.0~rc2-2) unstable; urgency=low
* debian/control: Breaks: dgit (<< 5.1~) that lacks support
for working-tree-encoding attribute (thx Ian Jackson;
closes: #901897).
git (1:2.18.0~rc2-1) unstable; urgency=low
* new upstream release candidate.
* debian/README.emacs: describe removed emacs support.
* debian/control: package git-el: describe transitional
modules; Recommends: elpa-magit.
git (1:2.17.1-1ubuntu2) cosmic; urgency=medium
* Build diff-highlight in the contrib dir (closes: #868871, LP: #1713690)
git (1:2.17.1-1ubuntu1) cosmic; urgency=medium
* Merge with Debian; remaining changes:
- debian/control: build against pcre v3 only
- debian/rules: s390x libpcre3 library has JIT disabled, set
NO_LIBPCRE1_JIT on that arch to stop the build from failing.
git (1:2.17.1-1) unstable; urgency=high
* new upstream point release to fix CVE-2018-11235, arbitary code
execution via submodule names in .gitmodules (see RelNotes/2.17.1.txt).
git (1:2.17.0-1ubuntu1) bionic; urgency=medium
* Merge with Debian; remaining changes:
- debian/control: build against pcre v3 only
- debian/rules: s390x libpcre3 library has JIT disabled, set
NO_LIBPCRE1_JIT on that arch to stop the build from failing.
git (1:2.17.0-1) unstable; urgency=low
* new upstream release (see RelNotes/2.17.0.txt).
* debian/rules: add NO_USE_CPAN_FALLBACKS=1 to OPTS to avoid
installing bundled copies of perl modules.
* debian/control: Build-Depends: libmailtools-perl, liberror-perl;
git-email: Depends: libmailtools-perl for Mail::Address.
git (1:2.16.3-1) unstable; urgency=low
* new upstream point release (see RelNotes/2.16.3.txt).
git (1:2.16.2-1) unstable; urgency=low
* new upstream point release (see RelNotes/2.16.2.txt).
* debian/control: correct spelling of openssh-client in Breaks
relation.
git (1:2.16.1-1) unstable; urgency=low
* new upstream release (see RelNotes/2.16.txt, RelNotes/2.16.1.txt).
* debian/control: Breaks: openssh-client (<< 1:6.8) since the latter
lacks support for the "-G" option (thx Bryan Turner; see
https://crbug.com/git/7).
* debian/patches/git-gui-Sort-entries-in-optimized-tclIndex.diff:
remove; applied upstream.
* debian/rules: do not install contrib/**/.gitattributes to
/usr/share/doc (thx Paul Wise and Bastien Roucaries for suggesting
it through lintian).
git (1:2.15.1-3) unstable; urgency=low
* debian/rules: remove remnants of git-core package that prevented
building twice in a row (thx Andreas Beckmann; closes: #884890).
git (1:2.15.1-2) unstable; urgency=low
* gitweb: Recommends: 'apache2 (>= 2.4.6-4~) | lynx | httpd' instead
of ... | lynx-cur | ... (thx Łukasz Zemczak; see #490265).
* debian/control: Standards-Version: 4.1.2.0.
git (1:2.15.1-1ubuntu2) bionic; urgency=medium
* debian/gitweb.apache2: use lynx instead of the deprecated transitional
lynx-cur package.
git (1:2.15.1-1ubuntu1) bionic; urgency=low
* Merge from Debian unstable. LP: #1729075.
* Remaining changes:
- debian/control: build against pcre v3 only
- debian/rules: s390x libpcre3 library has JIT disabled, set
NO_LIBPCRE1_JIT on that arch to stop the build from failing.
* Dropped changes, included upstream:
- debian/patches/git-branch-fix-regressions.patch: Fix branch renaming
not updating HEADs correctly.
- SECURITY UPDATE: Git cvsserver OS Command Injection
git (1:2.15.1-1) unstable; urgency=low
* new upstream point release (see RelNotes/2.15.1.txt).
* debian/control: Build-Depends-Indep: asciidoc (>= 8.6.10).
* debian/control: Standards-Version: 4.1.1.1.
* debian/patches:
* Normalize-generated-asciidoc-timestamps-...diff: remove; no
longer needed (thx Anders Kaseorg; see #782294).
* git-gui-Sort-entries-in-optimized-tclIndex.diff: update to
upstream version.
git (1:2.15.0-1) unstable; urgency=low
* new upstream release (see RelNotes/2.15.0.txt).
git (1:2.15.0~rc2-1) unstable; urgency=low
* new upstream release candidate.
git (1:2.15.0~rc1-1) unstable; urgency=low
* new upstream release candidate.
* remove transitional git-core package (thx Holger Levsen;
closes: #878189).
git (1:2.15.0~rc0-1) unstable; urgency=low
* new upstream release candidate (see RelNotes/2.15.0.txt).
git (1:2.14.2-1) unstable; urgency=high
* new upstream point release (see RelNotes/2.14.1.txt). Among other
changes, this fixes a remote shell command execution vulnerability
via CVS protocol:
- git-shell: drop cvsserver support by default
- git-cvsserver: harden backtick captures against user input
Thanks to joernchen of Phenoelit for discovering, reporting, and
fixing this vulnerability, and to Junio C Hamano and Jeff King for
the fixes to related issues.
git (1:2.14.1-3) unstable; urgency=low
* git.README.Debian: remove obsolete instructions about setting up a
server to handle rsync:// protocol.
git (1:2.14.1-2) unstable; urgency=low
* debian/control: git-daemon-sysvinit: Priority: optional.
* debian/control: clarify how to decide between git-daemon-run and
git-daemon-sysvinit in package descriptions.
* debian/control: Standards-Version: 4.0.1.0.
git (1:2.14.1-1ubuntu4) artful; urgency=high
* SECURITY UPDATE: Git cvsserver OS Command Injection (LP: #1719740)
- shell-drop-git-cvsserver-support-by-default.diff
- cvsserver-use-safe_pipe_capture.diff
- cvsimport-shell-quote-variable-used-in-backticks.diff
- archimport-use-safe_pipe_capture-for-user-input.diff
- CVE-2017-14867
git (1:2.14.1-1ubuntu3) artful; urgency=medium
* debian/patches/git-branch-fix-regressions.patch: Fix branch renaming
not updating HEADs correctly. Thanks to Nguyễn Thái Ngọc Duy
<email address hidden>. Closes LP: #1712694.
git (1:2.14.1-1ubuntu2) artful; urgency=medium
* Merge from debian. Remaining changes:
- debian/control: build against pcre v3 only
* debian/rules: s390x libpcre3 library has JIT disabled, set
NO_LIBPCRE1_JIT on that arch to stop the build from failing.
git (1:2.14.1-1) unstable; urgency=high
* new upstream point release to fix CVE-2017-1000117, arbitrary
code execution issues via URLs (see RelNotes/2.14.1.txt).
git (1:2.14.0-1ubuntu1) artful; urgency=medium
* Build against pcre v3 only, as that is the only on in
main. Non-deterministic builds w.r.t. library ABI dependencies are
bad.
git (1:2.14.0-1) unstable; urgency=low
* new upstream release (see RelNotes/2.14.0.txt).
* debian/patches/0001-pre-rebase-hook-capture-documentation-...diff:
remove; applied upstream.
* build against PCRE v2 if available at build time (thx to Ævar
Arnfjörð Bjarmason for the suggestion). Build-Depends:
libpcre2-dev | libpcre3-dev.
git (1:2.13.3-1) unstable; urgency=low
* new upstream point release (see RelNotes/2.13.3.txt).
git (1:2.13.2-3) unstable; urgency=low
* remove git-arch package. It depended on GNU Arch, which has not
been maintained upstream for more than 10 years (thx Adrian
Bunk; closes: #866059).
* debian/rules: do not allow flaky git-svn tests t9128.4 or t9167.3
to cause the build to fail, either (closes: #865789).
git (1:2.13.2-2) unstable; urgency=low
* git-email: use perl in dependency instead of perl-modules (thx
Damyan Ivanov for suggesting it through lintian).
* debian/rules: do not allow flaky git-svn test t9128.3 to cause
the build to fail (closes: #865789).
git (1:2.13.2-1) unstable; urgency=low
* new upstream point release (see RelNotes/2.13.2.txt).
* git-email: Depends: perl-modules (>> 5.21.5) | libnet-smtp-ssl-perl
for starttls support instead of unconditionally requiring
Net::SMTP::SSL (thx Dennis Kaarsemaker).
* debian/rules: skip HTML documentation generation when
DEB_BUILD_OPTIONS=nodoc.
* debian/copyright: use https form of Format URL.
* debian/control: Standards-Version: 4.0.0.0.
git (1:2.13.1-1) unstable; urgency=low
* new upstream release (see RelNotes/2.12.0.txt, RelNotes/2.13.0.txt).
* debian/patches/xdiff-Do-not-enable-XDF_FAST_HASH-by-default.diff,
shell-disallow-repo-names-beginning-with-dash.patch: remove; applied
upstream.
* update debian/copyright
* debian/rules: run tests once and always produce verbose output.
git (1:2.11.0-4) unstable; urgency=low
[ Alan Jenkins ]
* git: remove Recommends: rsync (closes #862435).
* git-arch: Depends: rsync.
git (1:2.11.0-3) unstable; urgency=high
* Do not allow git helpers run via git-shell to launch a pager
(CVE-2017-8386).
git (1:2.11.0-2) unstable; urgency=medium
* gitweb: Depends: libcgi-pm-perl; Build-Depends: libcgi-pm-perl
(thx Mikko Rasa; closes: #847961).
git (1:2.11.0-1) unstable; urgency=medium
* New upstream release (see RelNotes/2.11.0.txt).
* debian/patches/git-sh-setup-Restore-sourcability-from-outside-script.diff:
remove; applied upstream.
* Replace
debian/patches/Documentation-omit-asciidoc-footer-on-generated-input.diff
with the more upstreamable
debian/patches/Normalize-generated-asciidoc-timestamps-with-SOURCE_D.diff.
* debian/patches/git-gui-Sort-entries-in-optimized-tclIndex.diff,
debian/patches/xdiff-Do-not-enable-XDL_FAST_HASH-by-default.diff:
Further improvements to build reproducibility.
git (1:2.10.2-3) unstable; urgency=medium
* debian/rules: Split override_dh_installdocs into -arch and -indep
parts. (Closes: #843393)
git (1:2.10.2-2) unstable; urgency=medium
* Add missing upstream changelog entries from v2.10.2.
* gitweb: Add version to Breaks: apache2.2-common (<< 2.3~).
* git-mediawiki: Shorten description.
* Link extra license files to common-licenses.
* Invoke dpkg-maintscript-helper dir_to_symlink correctly.
(Closes: #843011)
* debian/patches/Documentation-omit-asciidoc-footer-on-generated-input.diff:
Omit the “last updated” footer when processing asciidoc inputs that
are generated at build time. (Closes: #813912)
git (1:2.10.2-1) unstable; urgency=medium
* New upstream point release (see RelNotes/2.10.2.txt).
- imap-send: Tell cURL to use imap:// or imaps:// (Closes: #648329)
* Run asciidoc in TZ=UTC to improve the reproducibility of documentation
footer timestamps.
* debian/patches/git-sh-setup-Restore-sourcability-from-outside-script.diff:
Restore sourcability of git-sh-setup from outside scripts.
(Closes: #842477)
git (1:2.10.1-1) unstable; urgency=medium
* New upstream release (see RelNotes/2.10.0.txt, RelNotes/2.10.1.txt).
(Closes: #840800)
* debian/rules: Fix clean target to remove GIT-VERSION-FILE and
contrib/subtree build products. (Closes: #834870)
* Fix a missing reference in /usr/share/doc-base/everyday-git.
(Closes: #836516)
* Migrate patches to 3.0 (quilt) format. (Closes: #834566)
* Migrate packaging to Debhelper. (Closes: #834886)
* Replace perl-modules dependency with perl.
* git-daemon-sysvinit: Depend lsb-base (>= 3.0-6) for
/lib/lsb/init-functions.
git (1:2.9.3-1) unstable; urgency=medium
* New upstream release (see RelNotes/2.8.2.txt, RelNotes/2.8.3.txt,
RelNotes/2.9.0.txt, RelNotes/2.9.1.txt, RelNotes/2.9.2.txt,
RelNotes/2.9.3.txt).
git (1:2.8.1-1) unstable; urgency=low
* new upstream point release.
* debian/diff/0003-0007-srv-be-more-tolerant-of-broken-DNS-replies.diff:
remove.
git (1:2.8.0~rc3-1) unstable; urgency=medium
* new upstream release candidate (see RelNotes/2.8.0.txt).
* harden against on-stack and on-heap buffer overflows (CVE-2016-2324,
CVE-2016-2315; closes: #818318).
* debian/git.docs: update for README -> README.md renaming.
-- Colin Watson <email address hidden> Thu, 03 Mar 2022 18:33:33 +0000
Builds
Built packages
-
git
fast, scalable, distributed revision control system
-
git-all
fast, scalable, distributed revision control system (all subpackages)
-
git-cvs
fast, scalable, distributed revision control system (cvs interoperability)
-
git-daemon-run
fast, scalable, distributed revision control system (git-daemon service)
-
git-daemon-sysvinit
fast, scalable, distributed revision control system (git-daemon service)
-
git-doc
fast, scalable, distributed revision control system (documentation)
-
git-email
fast, scalable, distributed revision control system (email add-on)
-
git-gui
fast, scalable, distributed revision control system (GUI)
-
git-man
fast, scalable, distributed revision control system (manual pages)
-
git-mediawiki
fast, scalable, distributed revision control system (MediaWiki remote helper)
-
git-svn
fast, scalable, distributed revision control system (svn interoperability)
-
gitk
fast, scalable, distributed revision control system (revision tree visualizer)
-
gitweb
fast, scalable, distributed revision control system (web interface)
Package files