diff options
| author | Junio C Hamano <gitster@pobox.com> | 2022-04-12 09:45:59 -0700 |
|---|---|---|
| committer | Junio C Hamano <gitster@pobox.com> | 2022-04-12 09:45:59 -0700 |
| commit | bc0ca6c391b654c5e7ccb6e405496919683de6c4 (patch) | |
| tree | 9659cea8d62337ae8e4735ae1513ca2fdd4877ee | |
| parent | fcbe4c3f35e12757fa03b7e8c9b392e427aa5ec1 (diff) | |
| download | git-htmldocs-bc0ca6c391b654c5e7ccb6e405496919683de6c4.tar.gz | |
Autogenerated HTML docs for v2.36.0-rc2
28 files changed, 111 insertions, 19 deletions
diff --git a/RelNotes/2.30.3.txt b/RelNotes/2.30.3.txt new file mode 100644 index 000000000..31b2a4daa --- /dev/null +++ b/RelNotes/2.30.3.txt @@ -0,0 +1,24 @@ +Git v2.30.2 Release Notes +========================= + +This release addresses the security issue CVE-2022-24765. + +Fixes since v2.30.2 +------------------- + + * Build fix on Windows. + + * Fix `GIT_CEILING_DIRECTORIES` with Windows-style root directories. + + * CVE-2022-24765: + On multi-user machines, Git users might find themselves + unexpectedly in a Git worktree, e.g. when another user created a + repository in `C:\.git`, in a mounted network drive or in a + scratch space. Merely having a Git-aware prompt that runs `git + status` (or `git diff`) and navigating to a directory which is + supposedly not a Git worktree, or opening such a directory in an + editor or IDE such as VS Code or Atom, will potentially run + commands defined by that other user. + +Credit for finding this vulnerability goes to 俞晨东; The fix was +authored by Johannes Schindelin. diff --git a/RelNotes/2.31.2.txt b/RelNotes/2.31.2.txt new file mode 100644 index 000000000..aa13a5b02 --- /dev/null +++ b/RelNotes/2.31.2.txt @@ -0,0 +1,6 @@ +Git v2.31.2 Release Notes +========================= + +This release merges up the fixes that appear in v2.30.3 to address +the security issue CVE-2022-24765; see the release notes for that +version for details. diff --git a/RelNotes/2.32.1.txt b/RelNotes/2.32.1.txt new file mode 100644 index 000000000..7dcca13b9 --- /dev/null +++ b/RelNotes/2.32.1.txt @@ -0,0 +1,6 @@ +Git v2.32.1 Release Notes +========================= + +This release merges up the fixes that appear in v2.30.3 and +v2.31.2 to address the security issue CVE-2022-24765; see the +release notes for these versions for details. diff --git a/RelNotes/2.33.2.txt b/RelNotes/2.33.2.txt new file mode 100644 index 000000000..e504489d6 --- /dev/null +++ b/RelNotes/2.33.2.txt @@ -0,0 +1,15 @@ +Git v2.33.2 Release Notes +========================= + +This release merges up the fixes that appear in v2.30.3, v2.31.2 +and v2.32.1 to address the security issue CVE-2022-24765; see +the release notes for these versions for details. + +In addition, it contains the following fixes: + + * Squelch over-eager warning message added during this cycle. + + * A bug in "git rebase -r" has been fixed. + + * One CI task based on Fedora image noticed a not-quite-kosher + construct recently, which has been corrected. diff --git a/RelNotes/2.34.2.txt b/RelNotes/2.34.2.txt new file mode 100644 index 000000000..0c32cd844 --- /dev/null +++ b/RelNotes/2.34.2.txt @@ -0,0 +1,6 @@ +Git v2.34.2 Release Notes +========================= + +This release merges up the fixes that appear in v2.30.3, v2.31.2, +v2.32.1 and v2.33.2 to address the security issue CVE-2022-24765; +see the release notes for these versions for details. diff --git a/RelNotes/2.35.2.txt b/RelNotes/2.35.2.txt new file mode 100644 index 000000000..290bfa9ea --- /dev/null +++ b/RelNotes/2.35.2.txt @@ -0,0 +1,7 @@ +Git v2.35.2 Release Notes +========================= + +This release merges up the fixes that appear in v2.30.3, +v2.31.2, v2.32.1, v2.33.2 and v2.34.2 to address the security +issue CVE-2022-24765; see the release notes for these versions +for details. diff --git a/RelNotes/2.36.0.txt b/RelNotes/2.36.0.txt index 8da5b2e1e..d61ade21e 100644 --- a/RelNotes/2.36.0.txt +++ b/RelNotes/2.36.0.txt @@ -397,6 +397,8 @@ Fixes since v2.35 entry it moved. (merge b7f9130a06 vd/mv-refresh-stat later to maint). + * Fix for CVE-2022-24765 has been merged up from 2.35.2 and others. + * Other code cleanup, docfix, build fix, etc. (merge cfc5cf428b jc/find-header later to maint). (merge 40e7cfdd46 jh/p4-fix-use-of-process-error-exception later to maint). diff --git a/SubmittingPatches.html b/SubmittingPatches.html index 27b492a4c..f64d564c8 100644 --- a/SubmittingPatches.html +++ b/SubmittingPatches.html @@ -1439,7 +1439,7 @@ this problem around.</p></div> <div id="footer">
<div id="footer-text">
Last updated
- 2022-04-08 14:16:09 PDT
+ 2022-04-12 09:44:04 PDT
</div>
</div>
</body>
diff --git a/config.txt b/config.txt index 43f5e6fd6..e284b042f 100644 --- a/config.txt +++ b/config.txt @@ -495,6 +495,8 @@ include::config/repack.txt[] include::config/rerere.txt[] +include::config/safe.txt[] + include::config/sendemail.txt[] include::config/sequencer.txt[] diff --git a/git-config.html b/git-config.html index 36ab8b637..0fdac7053 100644 --- a/git-config.html +++ b/git-config.html @@ -9540,6 +9540,30 @@ rerere.enabled </p>
</dd>
<dt class="hdlist1">
+safe.directory
+</dt>
+<dd>
+<p>
+ These config entries specify Git-tracked directories that are
+ considered safe even if they are owned by someone other than the
+ current user. By default, Git will refuse to even parse a Git
+ config of a repository owned by someone else, let alone run its
+ hooks, and this config setting allows users to specify exceptions,
+ e.g. for intentionally shared repositories (see the <code>--shared</code>
+ option in <a href="git-init.html">git-init(1)</a>).
+</p>
+<div class="paragraph"><p>This is a multi-valued setting, i.e. you can add more than one directory
+via <code>git config --add</code>. To reset the list of safe directories (e.g. to
+override any such directories specified in the system config), add a
+<code>safe.directory</code> entry with an empty value.</p></div>
+<div class="paragraph"><p>This config setting is only respected when specified in a system or global
+config, not when it is specified in a repository config or via the command
+line option <code>-c safe.directory=<path></code>.</p></div>
+<div class="paragraph"><p>The value of this setting is interpolated, i.e. <code>~/<path></code> expands to a
+path relative to the home directory and <code>%(prefix)/<path></code> expands to a
+path relative to Git’s (runtime) prefix.</p></div>
+</dd>
+<dt class="hdlist1">
sendemail.identity
</dt>
<dd>
diff --git a/howto-index.html b/howto-index.html index fd2a237c0..967cb796d 100644 --- a/howto-index.html +++ b/howto-index.html @@ -894,7 +894,7 @@ later validate it.</p></div> <div id="footer">
<div id="footer-text">
Last updated
- 2022-04-08 14:16:05 PDT
+ 2022-04-12 09:44:00 PDT
</div>
</div>
</body>
diff --git a/howto/coordinate-embargoed-releases.html b/howto/coordinate-embargoed-releases.html index 9b1bbe656..638fe9b66 100644 --- a/howto/coordinate-embargoed-releases.html +++ b/howto/coordinate-embargoed-releases.html @@ -873,7 +873,7 @@ Thanks, <div id="footer">
<div id="footer-text">
Last updated
- 2022-04-08 14:16:08 PDT
+ 2022-04-12 09:44:03 PDT
</div>
</div>
</body>
diff --git a/howto/keep-canonical-history-correct.html b/howto/keep-canonical-history-correct.html index acd2ada0f..d149bf661 100644 --- a/howto/keep-canonical-history-correct.html +++ b/howto/keep-canonical-history-correct.html @@ -938,7 +938,7 @@ tip of your <em>master</em> again and redo the two merges:</p></div> <div id="footer">
<div id="footer-text">
Last updated
- 2022-04-08 14:16:08 PDT
+ 2022-04-12 09:44:03 PDT
</div>
</div>
</body>
diff --git a/howto/maintain-git.html b/howto/maintain-git.html index 7d8bc17e8..94a69e6fa 100644 --- a/howto/maintain-git.html +++ b/howto/maintain-git.html @@ -1469,7 +1469,7 @@ $ git update-ref -d $mf/ai/topic</code></pre> <div id="footer">
<div id="footer-text">
Last updated
- 2022-04-08 14:16:08 PDT
+ 2022-04-12 09:44:03 PDT
</div>
</div>
</body>
diff --git a/howto/new-command.html b/howto/new-command.html index 4647780c9..77a4f4ec0 100644 --- a/howto/new-command.html +++ b/howto/new-command.html @@ -863,7 +863,7 @@ letter [PATCH 0/n]. <div id="footer">
<div id="footer-text">
Last updated
- 2022-04-08 14:16:06 PDT
+ 2022-04-12 09:44:01 PDT
</div>
</div>
</body>
diff --git a/howto/rebase-from-internal-branch.html b/howto/rebase-from-internal-branch.html index 77f8daece..72efc2c92 100644 --- a/howto/rebase-from-internal-branch.html +++ b/howto/rebase-from-internal-branch.html @@ -895,7 +895,7 @@ the #1' commit.</p></div> <div id="footer">
<div id="footer-text">
Last updated
- 2022-04-08 14:16:08 PDT
+ 2022-04-12 09:44:03 PDT
</div>
</div>
</body>
diff --git a/howto/rebuild-from-update-hook.html b/howto/rebuild-from-update-hook.html index 79f12b5ff..fef9ab961 100644 --- a/howto/rebuild-from-update-hook.html +++ b/howto/rebuild-from-update-hook.html @@ -847,7 +847,7 @@ This is still crude and does not protect against simultaneous <div id="footer">
<div id="footer-text">
Last updated
- 2022-04-08 14:16:08 PDT
+ 2022-04-12 09:44:03 PDT
</div>
</div>
</body>
diff --git a/howto/recover-corrupted-blob-object.html b/howto/recover-corrupted-blob-object.html index 6f392d747..d25ad0849 100644 --- a/howto/recover-corrupted-blob-object.html +++ b/howto/recover-corrupted-blob-object.html @@ -880,7 +880,7 @@ thing.</p></div> <div id="footer">
<div id="footer-text">
Last updated
- 2022-04-08 14:16:08 PDT
+ 2022-04-12 09:44:02 PDT
</div>
</div>
</body>
diff --git a/howto/recover-corrupted-object-harder.html b/howto/recover-corrupted-object-harder.html index fc069e3f0..06e107d8f 100644 --- a/howto/recover-corrupted-object-harder.html +++ b/howto/recover-corrupted-object-harder.html @@ -1189,7 +1189,7 @@ int main(int argc, char **argv) <div id="footer">
<div id="footer-text">
Last updated
- 2022-04-08 14:16:08 PDT
+ 2022-04-12 09:44:03 PDT
</div>
</div>
</body>
diff --git a/howto/revert-a-faulty-merge.html b/howto/revert-a-faulty-merge.html index 0f3129eea..76ffbb15c 100644 --- a/howto/revert-a-faulty-merge.html +++ b/howto/revert-a-faulty-merge.html @@ -1025,7 +1025,7 @@ P---o---o---M---x---x---W---x---M2 <div id="footer">
<div id="footer-text">
Last updated
- 2022-04-08 14:16:07 PDT
+ 2022-04-12 09:44:02 PDT
</div>
</div>
</body>
diff --git a/howto/revert-branch-rebase.html b/howto/revert-branch-rebase.html index 215510616..03d2c8634 100644 --- a/howto/revert-branch-rebase.html +++ b/howto/revert-branch-rebase.html @@ -907,7 +907,7 @@ Committed merge 7fb9b7262a1d1e0a47bbfdcbbcf50ce0635d3f8f <div id="footer">
<div id="footer-text">
Last updated
- 2022-04-08 14:16:06 PDT
+ 2022-04-12 09:44:01 PDT
</div>
</div>
</body>
diff --git a/howto/separating-topic-branches.html b/howto/separating-topic-branches.html index 791e99efe..31255b2df 100644 --- a/howto/separating-topic-branches.html +++ b/howto/separating-topic-branches.html @@ -841,7 +841,7 @@ o---o"master"</code></pre> <div id="footer">
<div id="footer-text">
Last updated
- 2022-04-08 14:16:07 PDT
+ 2022-04-12 09:44:02 PDT
</div>
</div>
</body>
diff --git a/howto/setup-git-server-over-http.html b/howto/setup-git-server-over-http.html index 5d471fb08..e8386da2e 100644 --- a/howto/setup-git-server-over-http.html +++ b/howto/setup-git-server-over-http.html @@ -1071,7 +1071,7 @@ help diagnosing the problem, but removes security checks.</p></div> <div id="footer">
<div id="footer-text">
Last updated
- 2022-04-08 14:16:07 PDT
+ 2022-04-12 09:44:02 PDT
</div>
</div>
</body>
diff --git a/howto/update-hook-example.html b/howto/update-hook-example.html index 7ca011217..e96bfa2f8 100644 --- a/howto/update-hook-example.html +++ b/howto/update-hook-example.html @@ -930,7 +930,7 @@ that JC can make non-fast-forward pushes on it.</p></div> <div id="footer">
<div id="footer-text">
Last updated
- 2022-04-08 14:16:07 PDT
+ 2022-04-12 09:44:02 PDT
</div>
</div>
</body>
diff --git a/howto/use-git-daemon.html b/howto/use-git-daemon.html index b01be6f3a..55b0d3d34 100644 --- a/howto/use-git-daemon.html +++ b/howto/use-git-daemon.html @@ -791,7 +791,7 @@ a good practice to put the paths after a "--" separator.</p></div> <div id="footer">
<div id="footer-text">
Last updated
- 2022-04-08 14:16:07 PDT
+ 2022-04-12 09:44:02 PDT
</div>
</div>
</body>
diff --git a/howto/using-merge-subtree.html b/howto/using-merge-subtree.html index b7e9d77a6..0b76186e2 100644 --- a/howto/using-merge-subtree.html +++ b/howto/using-merge-subtree.html @@ -848,7 +848,7 @@ Please note that if the other project merges from you, then it will <div id="footer">
<div id="footer-text">
Last updated
- 2022-04-08 14:16:07 PDT
+ 2022-04-12 09:44:01 PDT
</div>
</div>
</body>
diff --git a/howto/using-signed-tag-in-pull-request.html b/howto/using-signed-tag-in-pull-request.html index d41b6e562..e2ae482cc 100644 --- a/howto/using-signed-tag-in-pull-request.html +++ b/howto/using-signed-tag-in-pull-request.html @@ -952,7 +952,7 @@ as part of the merge commit.</p></div> <div id="footer">
<div id="footer-text">
Last updated
- 2022-04-08 14:16:07 PDT
+ 2022-04-12 09:44:01 PDT
</div>
</div>
</body>
diff --git a/technical/api-index.html b/technical/api-index.html index e8114a711..021c4c25c 100644 --- a/technical/api-index.html +++ b/technical/api-index.html @@ -775,7 +775,7 @@ documents them.</p></div> <div id="footer">
<div id="footer-text">
Last updated
- 2022-04-08 14:16:12 PDT
+ 2022-04-12 09:44:07 PDT
</div>
</div>
</body>
|