From mboxrd@z Thu Jan 1 00:00:00 1970 From: Michael Tremer <michael.tremer@ipfire.org> To: development@lists.ipfire.org Subject: Re: [PATCH] git: update to 2.7.1 Date: Mon, 21 Mar 2016 23:30:27 +0000 Message-ID: <1458603027.30749.30.camel@ipfire.org> In-Reply-To: <1458282983-17374-1-git-send-email-marcel.lorenz@ipfire.org> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="===============6762541708400345295==" List-Id: <development.lists.ipfire.org> --===============6762541708400345295== Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Hi, On Fri, 2016-03-18 at 07:36 +0100, Marcel Lorenz wrote: > This patch updates git to the last version and fixes > a buffer overflow in all git versions before 2.7.1 > =C2=A0 > http://seclists.org/oss-sec/2016/q1/645 >=20 > Signed-off-by: Marcel Lorenz <marcel.lorenz(a)ipfire.org> >=20 > --- > =C2=A0config/rootfiles/packages/git | 22 +++++++++++++--------- > =C2=A0lfs/git=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0|=C2=A0=C2=A09 ++++----- > =C2=A02 files changed, 17 insertions(+), 14 deletions(-) >=20 > diff --git a/config/rootfiles/packages/git b/config/rootfiles/packages/git > index e168483..9988877 100644 > --- a/config/rootfiles/packages/git > +++ b/config/rootfiles/packages/git > @@ -6,10 +6,10 @@ usr/bin/git-upload-archive > =C2=A0usr/bin/git-upload-pack > =C2=A0#usr/bin/gitk > =C2=A0usr/lib/perl5/site_perl/5.12.3/Error.pm > -usr/lib/perl5/site_perl/5.12.3/Git > +#usr/lib/perl5/site_perl/5.12.3/Git > =C2=A0usr/lib/perl5/site_perl/5.12.3/Git.pm > =C2=A0usr/lib/perl5/site_perl/5.12.3/Git/I18N.pm > -#usr/lib/perl5/site_perl/5.12.3/Git/IndexInfo.pm > +usr/lib/perl5/site_perl/5.12.3/Git/IndexInfo.pm > =C2=A0#usr/lib/perl5/site_perl/5.12.3/Git/SVN > =C2=A0#usr/lib/perl5/site_perl/5.12.3/Git/SVN.pm > =C2=A0#usr/lib/perl5/site_perl/5.12.3/Git/SVN/Editor.pm > @@ -24,8 +24,8 @@ usr/lib/perl5/site_perl/5.12.3/Git/I18N.pm > =C2=A0#usr/lib/perl5/site_perl/5.12.3/Git/SVN/Utils.pm > =C2=A0#usr/lib/perl5/site_perl/5.12.3/MACHINE-linux-thread-multi/auto/Git > =C2=A0#usr/lib/perl5/site_perl/5.12.3/MACHINE-linux-thread-multi/auto/Git/.= packlist > -usr/libexec/git-core > -usr/libexec/git-core/git > +#usr/libexec/git-core > +#usr/libexec/git-core/git > =C2=A0usr/libexec/git-core/git-add > =C2=A0usr/libexec/git-core/git-add--interactive > =C2=A0usr/libexec/git-core/git-am > @@ -172,6 +172,7 @@ usr/libexec/git-core/git-stash > =C2=A0usr/libexec/git-core/git-status > =C2=A0usr/libexec/git-core/git-stripspace > =C2=A0usr/libexec/git-core/git-submodule > +usr/libexec/git-core/git-submodule--helper > =C2=A0usr/libexec/git-core/git-svn > =C2=A0usr/libexec/git-core/git-symbolic-ref > =C2=A0usr/libexec/git-core/git-tag > @@ -188,8 +189,9 @@ usr/libexec/git-core/git-verify-pack > =C2=A0usr/libexec/git-core/git-verify-tag > =C2=A0usr/libexec/git-core/git-web--browse > =C2=A0usr/libexec/git-core/git-whatchanged > +usr/libexec/git-core/git-worktree > =C2=A0usr/libexec/git-core/git-write-tree > -usr/libexec/git-core/mergetools > +#usr/libexec/git-core/mergetools > =C2=A0usr/libexec/git-core/mergetools/araxis > =C2=A0usr/libexec/git-core/mergetools/bc > =C2=A0usr/libexec/git-core/mergetools/bc3 > @@ -212,12 +214,13 @@ usr/libexec/git-core/mergetools/tortoisemerge > =C2=A0usr/libexec/git-core/mergetools/vimdiff > =C2=A0usr/libexec/git-core/mergetools/vimdiff2 > =C2=A0usr/libexec/git-core/mergetools/vimdiff3 > +usr/libexec/git-core/mergetools/winmerge > =C2=A0usr/libexec/git-core/mergetools/xxdiff > -usr/share/git-core > -usr/share/git-core/templates > +#usr/share/git-core > +#usr/share/git-core/templates > =C2=A0usr/share/git-core/templates/branches > =C2=A0usr/share/git-core/templates/description > -usr/share/git-core/templates/hooks > +#usr/share/git-core/templates/hooks > =C2=A0usr/share/git-core/templates/hooks/applypatch-msg.sample > =C2=A0usr/share/git-core/templates/hooks/commit-msg.sample > =C2=A0usr/share/git-core/templates/hooks/post-update.sample > @@ -227,7 +230,7 @@ usr/share/git-core/templates/hooks/pre-push.sample > =C2=A0usr/share/git-core/templates/hooks/pre-rebase.sample > =C2=A0usr/share/git-core/templates/hooks/prepare-commit-msg.sample > =C2=A0usr/share/git-core/templates/hooks/update.sample > -usr/share/git-core/templates/info > +#usr/share/git-core/templates/info > =C2=A0usr/share/git-core/templates/info/exclude > =C2=A0#usr/share/git-gui > =C2=A0#usr/share/git-gui/lib > @@ -315,6 +318,7 @@ usr/share/git-core/templates/info/exclude > =C2=A0#usr/share/locale/fr/LC_MESSAGES/git.mo > =C2=A0#usr/share/locale/is/LC_MESSAGES/git.mo > =C2=A0#usr/share/locale/it/LC_MESSAGES/git.mo > +#usr/share/locale/ko/LC_MESSAGES/git.mo > =C2=A0#usr/share/locale/pt_PT/LC_MESSAGES/git.mo > =C2=A0#usr/share/locale/ru/LC_MESSAGES/git.mo > =C2=A0#usr/share/locale/sv/LC_MESSAGES/git.mo > diff --git a/lfs/git b/lfs/git > index bbec140..a3f6636 100644 > --- a/lfs/git > +++ b/lfs/git > @@ -24,7 +24,7 @@ > =C2=A0 > =C2=A0include Config > =C2=A0 > -VER=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=3D 2.4.4 > +VER=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=3D 2.7.1 > =C2=A0 > =C2=A0THISAPP=C2=A0=C2=A0=C2=A0=C2=A0=3D git-$(VER) > =C2=A0DL_FILE=C2=A0=C2=A0=C2=A0=C2=A0=3D $(THISAPP).tar.xz > @@ -34,7 +34,7 @@ TARGET=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=3D $(DIR_INFO)/$(THI= SAPP) > =C2=A0PROG=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=3D git > =C2=A0PAK_VER=C2=A0=C2=A0=C2=A0=C2=A0=3D 12 > =C2=A0 > -DEPS=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=3D "perl-Authen-SASL perl-M= IME-Base64 perl-Net-SMTP-SSL" > +DEPS=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=3D "perl" Why did you change this? There is no such add-on as "perl". The other ones however are requirements that must be installed. =C2=A0 > =C2=A0#####################################################################= ######## > ## > =C2=A0# Top-level Rules > @@ -44,7 +44,7 @@ objects =3D $(DL_FILE) > =C2=A0 > =C2=A0$(DL_FILE) =3D $(DL_FROM)/$(DL_FILE) > =C2=A0 > -$(DL_FILE)_MD5 =3D 847787cd0616d38b0e429ea85f558c31 > +$(DL_FILE)_MD5 =3D eece7b1e87983271621a0cb6aab37a25 > =C2=A0 > =C2=A0install : $(TARGET) > =C2=A0 > @@ -78,13 +78,12 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) > =C2=A0 @$(PREBUILD) > =C2=A0 @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar axf $(DIR_DL)/$(DL_FILE) > =C2=A0 cd $(DIR_APP) && ./configure \ > + --with-gitconfig=3D/etc/gitconfig \ Why is this necessary? > =C2=A0 --prefix=3D/usr \ > =C2=A0 --with-libpcre \ > =C2=A0 --with-curl \ > =C2=A0 --with-expat > - > =C2=A0 cd $(DIR_APP) && make $(MAKETUNING) > =C2=A0 cd $(DIR_APP) && make install > - > =C2=A0 @rm -rf $(DIR_APP) > =C2=A0 @$(POSTBUILD) No need to remove empty lines that just improve readability. Best, -Michael --===============6762541708400345295== Content-Type: application/pgp-signature Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="signature.asc" MIME-Version: 1.0 LS0tLS1CRUdJTiBQR1AgU0lHTkFUVVJFLS0tLS0KVmVyc2lvbjogR251UEcgdjIKCmlRSWNCQUFC Q2dBR0JRSlc4SVFUQUFvSkVJQjU4UDl2a0FrSEZsWVFBSmh2MUxTbVkzcmxkZzhYdjVSRmdpUWYK NWM4Nk9NM2svMXU2cE9GRWZzMnBzSTJFbXhEV0VVUG54WU9EU3JQaTRtUGl5b3hheHNwSmVwK2g1 Y2tvL2hoegpuM29nMzByNDhoM0d2V0Fkd2wvdjJkL3BWUXp0YWxWcldvUFNhTS82MGN1djAwbUxW eGFUVThiV1Nyb2lmOW9KCjRGckRZeTlveGpNQmUvSkVIMGFEUHR5ZXljRFFodlJ0clN0WERNSlRE andGaVhBSjhsbkRwem90NnRHdS8zQVEKRERHa2FDYkNBblhpQlAwTEpIcmlPc0o3U29hd2pZMmQx cVU3SU1nUGJUaThMSE1EUmgvYXhyV1dLOE9jZWxQRQowR3ZIbkhkNy9vSmxqV0JRSk9JVjMvdXBY NmNiOW1JSEdRQWZhd3dub01XT05OTUVZUGs1OGJZNXJibXJKZk1WCmUyUklFNTJxR21oR0tCdXVp NlRhbWJaNVJheUQ4RXpMbGlJd0hvTUVJTFp6Y0dLcm1EUEprajJyVlV0Z0tISFMKbXd6RldwNGdk TGM4em41L3JVSlZDNzcrK0Y3bkJSTGpzRUI3Rnh2VXM1NGRrT2tmeUxXUXF4d0Q1YlhuSmJsWgpN emNZQXk4SXd4U1BVY2lMVFM2dDRuVlF3OTZQR3FPWEw2ckJINjZjdU9PcHhjL2JpTWt6bUVtMVZx c1NGT0twCjcwblFISnpTcEVUOXZxZ3BtTURCRDdmTkFZMlJPaTVBdWhOdndtcjh1YllWdXZPc1Rr ckY4UjVHRXlNaW9DZUsKUWVoaGYyL2VKUHlWZEg5emRuYkgrV0lFVFBwNGZyTmlmL21EQ2RMVFBL MlE1ZkQxYlljNUVRY1lLdDc5TXBWNAp1dVJ4RFhiSTBJQUNtQkVBamZwawo9QTU2MAotLS0tLUVO RCBQR1AgU0lHTkFUVVJFLS0tLS0K --===============6762541708400345295==--