Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Github pipelines using git with fix for CVE-2022-24765 broken due to insecure directory. #19621

Closed
demerphq opened this issue Apr 13, 2022 · 0 comments
Closed

Github pipelines using git with fix for CVE-2022-24765 broken due to insecure directory. #19621

demerphq opened this issue Apr 13, 2022 · 0 comments
Assignees
@demerphq

Comments

@demerphq
Copy link
Collaborator

Description
Our CI jobs were failing with the following error:

        Run git remote set-url origin "***[github.com/$GITHUB_REPOSITORY](http://github.com/$GITHUB_REPOSITORY)"
        fatal: unsafe repository ('/__w/perl5/perl5' is owned by someone else)
        To add an exception for this directory, call:
    
        git config --global --add safe.directory /__w/perl5/perl5
        Process completed with exit code 128.

As far as I understand it this is due to the fix for CVE-2022-24765.

I have already pushed a fix. This is retrospective issue for the records.

Steps to Reproduce
Use a modern git on a directory that is shared.

Reproducing this on github might be hard, I have already pushed a fix in: #19618

Specifically: 4303fd2

Expected behavior
CI not to die due to insecure directories.

Perl configuration
N/A.
@demerphq demerphq self-assigned this Apr 13, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@demerphq demerphq

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@demerphq