Skip to content

Releases: git-for-windows/git

Git for Windows v2.45.2.windows.1

03 Jun 09:13
v2.45.2.windows.1
Compare
Choose a tag to compare

Changes since Git for Windows v2.45.1 (May 14th 2024)

Git for Windows for Windows v2.45 is the last version to support for Windows 7 and for Windows 8, see MSYS2's corresponding deprecation announcement (Git for Windows relies on MSYS2 for components such as Bash and Perl).

Please also note that the 32-bit variant of Git for Windows is deprecated; Its last official release is planned for 2025.

New Features

Bug Fixes

Filename SHA-256
Git-2.45.2-64-bit.exe ce022a6a19e58bbbd4823f51cf798b006b4a683b93b0616a7bb5beeee901da98
Git-2.45.2-32-bit.exe b8e6db9004c602d9dc375196244484399eb3e33ad71ba3c71455dde4487b4ce6
PortableGit-2.45.2-64-bit.7z.exe 851a15074dea6b272785b2a2a4697a72970256de2afe7b8e4a9c5e168c27ccdd
PortableGit-2.45.2-32-bit.7z.exe cfea9e414567d0c59c75ccc5a0e58feeef4dcfc0ea8bfd76efb5e4e22813f5d0
MinGit-2.45.2-64-bit.zip 7ed2a3ce5bbbf8eea976488de5416894ca3e6a0347cee195a7d768ac146d5290
MinGit-2.45.2-32-bit.zip 0c0251d02c322d208fb59ba81e7d72db621cd53a3f93b105677dab4dc565199e
MinGit-2.45.2-busybox-64-bit.zip e841b7aefa8d166fb9dd91afcfb42f163ae6f8d9bd9061da9856084af214a011
MinGit-2.45.2-busybox-32-bit.zip 9e8ede5629d928f943909f0f3225b27716bdaa95018a3c6cf6276fbc99ee19da
Git-2.45.2-64-bit.tar.bz2 ef73e007a44a15e8c21fed165faea8707a28703c21c326ac609d706225ba1662
Git-2.45.2-32-bit.tar.bz2 451e476b925842546fe47429efcfa91185727da2c2477413556e7827daeab847

Git for Windows v2.45.1

14 May 17:10
v2.45.1.windows.1
Compare
Choose a tag to compare

Changes since Git for Windows v2.45.0 (April 29th 2024)

Git for Windows for Windows v2.45 is the last version to support for Windows 7 and for Windows 8, see MSYS2's corresponding deprecation announcement (Git for Windows relies on MSYS2 for components such as Bash and Perl).

Please also note that the 32-bit variant of Git for Windows is deprecated; Its last official release is planned for 2025.

New Features

Bug Fixes

  • CVE-2024-32002: Recursive clones on case-insensitive filesystems that support
    symbolic links are susceptible to case confusion that can be exploited to
    execute just-cloned code during the clone operation.
  • CVE-2024-32004: Repositories can be configured to execute arbitrary code
    during local clones. To address this, the ownership checks introduced in
    v2.30.3 are now extended to cover cloning local repositories.
  • CVE-2024-32020: Local clones may end up hardlinking files into the target
    repository's object database when source and target repository reside on the
    same disk. If the source repository is owned by a different user, then those
    hardlinked files may be rewritten at any point in time by the untrusted user.
  • CVE-2024-32021: When cloning a local source repository that contains symlinks
    via the filesystem, Git may create hardlinks to arbitrary user-readable files
    on the same filesystem as the target repository in the objects/ directory.
  • CVE-2024-32465: It is supposed to be safe to clone untrusted repositories,
    even those unpacked from zip archives or tarballs originating from untrusted
    sources, but Git can be tricked to run arbitrary code as part of the clone.
  • Defense-in-depth: submodule: require the submodule path to contain
    directories only.
  • Defense-in-depth: clone: when symbolic links collide with directories, keep
    the latter.
  • Defense-in-depth: clone: prevent hooks from running during a clone.
  • Defense-in-depth: core.hooksPath: add some protection while cloning.
  • Defense-in-depth: fsck: warn about symlink pointing inside a gitdir.
  • Various fix-ups on HTTP tests.
  • HTTP Header redaction code has been adjusted for a newer version of cURL
    library that shows its traces differently from earlier versions.
  • Fix was added to work around a regression in libcURL 8.7.0 (which has already
    been fixed in their tip of the tree).
  • Replace macos-12 used at GitHub CI with macos-13.
  • ci(linux-asan/linux-ubsan): let's save some time
  • Tests with LSan from time to time seem to emit harmless message that makes
    our tests unnecessarily flakey; we work it around by filtering the
    uninteresting output.
  • Update GitHub Actions jobs to avoid warnings against using deprecated version
    of Node.js.
Filename SHA-256
Git-2.45.1-64-bit.exe 1b2b58fb516495feb70353aa91da230be0a2b4aa01acc3bc047ee1fe4846bc4e
Git-2.45.1-32-bit.exe f46c2f013b6767fc5da15783643d7243f037cbdf6e0b2779ad157ab0741318ca
PortableGit-2.45.1-64-bit.7z.exe f4be1f923e9cc1ee0cb09e99f0e90cf254b530bb622d12064361563307e2f505
PortableGit-2.45.1-32-bit.7z.exe 43d0f03af3d5a12a60cab82a02f386896ed2d61af93496fa8110f2dac83ebee1
MinGit-2.45.1-64-bit.zip f7ba0e2acdc603cf8893b446f6871c869b7644b88a1116b00d6b30fb30f18c74
MinGit-2.45.1-32-bit.zip 9c1089f13f5873190ac9473375126ba697df6773188f01ca2d6a0cf920c44287
MinGit-2.45.1-busybox-64-bit.zip b9151e9ff31d4cbf0b45c5dad1d45e115c3942bdf3822cf0729efe54d42d909f
MinGit-2.45.1-busybox-32-bit.zip 44c61ff4706c8db83009670bd6a67036f6ea5e0dc3c901bc1d37d7649879ece4
Git-2.45.1-64-bit.tar.bz2 3314914e47c080e80ddcbc543e374890bdfe4d60e9cd7d0faa996d3d0a174a05
Git-2.45.1-32-bit.tar.bz2 e5d04b0228fda44f50f9d52730b72c2ad5773faebe12b54b009e3952f5b19f2b

Git for Windows v2.45.0.windows.1

29 Apr 20:36
v2.45.0.windows.1
Compare
Choose a tag to compare

Changes since Git for Windows v2.44.0 (February 23rd 2024)

Git for Windows for Windows v2.45 is the last version to support for Windows 7 and for Windows 8, see MSYS2's corresponding deprecation announcement (Git for Windows relies on MSYS2 for components such as Bash and Perl).

Please also note that the 32-bit variant of Git for Windows is deprecated; Its last official release is planned for 2025.

New Features

Bug Fixes

Filename SHA-256
Git-2.45.0-64-bit.exe 7694a2118ac80146636be1ee751ee81d2aea7e9106d29dd8fed06c32cff0c59f
Git-2.45.0-32-bit.exe cc880827837e773835a51a32099cc919d37d10ce090734c183dc6713681dc382
PortableGit-2.45.0-64-bit.7z.exe e9caf1cab7d2c1dc531a07c48445d84a8b27fae129ca7244e0d4f7b1e4949f60
PortableGit-2.45.0-32-bit.7z.exe 652b5d6cb381ee9df6d6d411d8e6c02284d3b84ac6c5b5ced50a1d167d9f825a
MinGit-2.45.0-64-bit.zip f607bbd459bae73369e6509fe849c4c48152f4d33b0021d5881e1e9e7ae79e26
MinGit-2.45.0-32-bit.zip a9a76b14f3d80be346e93e053d65a0ea6d45cfba310076ac033b7f24a09e700f
MinGit-2.45.0-busybox-64-bit.zip fccc3749e5412330c191da686a9d4bd817ca0844725c9ab80a73c5918af9b232
MinGit-2.45.0-busybox-32-bit.zip 1c89a0a7d7d9c8d17e6cd861893e8a6b864b436fe8241532c53748c1308890fd
Git-2.45.0-64-bit.tar.bz2 6d1bbeaa92eb351e483c8be98bb0232ba4eedca938172761bc4efd9902e0a40b
Git-2.45.0-32-bit.tar.bz2 1316509c7c6e6b09d1cebe7e1ed9fc463a79455e8f5379cb840ef3e8dcc5634e

Git for Windows v2.45.0-rc1.windows.1

24 Apr 19:50
v2.45.0-rc1.windows.1
Compare
Choose a tag to compare
Pre-release

Changes since Git for Windows v2.44.0 (February 23rd 2024)

New Features

Bug Fixes

Filename SHA-256
Git-2.45.0-rc1-64-bit.exe f009e47d00a22d3052c37f3abd2d94870f54b03990f6070b4ff68f255f802f4a
Git-2.45.0-rc1-32-bit.exe 6963e04a881cce9b6246911c01da222197dfb3fab8db63806623fd38d5673570
PortableGit-2.45.0-rc1-64-bit.7z.exe 39ee6f9609a0955026fb347bb44a38eaf419be5d3ff9b1681711f1dfd3b778e6
PortableGit-2.45.0-rc1-32-bit.7z.exe 945c60406fd4176905bc524c600acd21c35f5d41cb32c88101d6cd6178364433
MinGit-2.45.0-rc1-64-bit.zip c2bbdb51194584932cfbca7a8720d7bb5c91cc952a66212a362df93740d37918
MinGit-2.45.0-rc1-32-bit.zip 61ca022034ba7745912f423d672aad61620dcefb3ac024d04bd12608e1197b1c
MinGit-2.45.0-rc1-busybox-64-bit.zip 031c18270e340dcd66c72391142d4069d4b2319c3a82c3cb47167ac9df82ebe8
MinGit-2.45.0-rc1-busybox-32-bit.zip 7bbcf8077c410ab658f3dc28bd422227e4cf85b5d49db39698282b2f2769c10b
Git-2.45.0-rc1-64-bit.tar.bz2 4eeb340066cf392c434df5d09cfeccc76024f158b2ae3de64798155c6d4b0b3f
Git-2.45.0-rc1-32-bit.tar.bz2 710ec0ae24d47602b93ebb75cc7a87ba8486c967e4ce2cbaa124473c3d5d5225

Git for Windows v2.44.1

14 May 17:25
v2.44.1.windows.1
Compare
Choose a tag to compare

Changes since Git for Windows v2.44.0 (February 23rd 2024)

New Features

Bug Fixes

  • CVE-2024-32002: Recursive clones on case-insensitive filesystems that support
    symbolic links are susceptible to case confusion that can be exploited to
    execute just-cloned code during the clone operation.
  • CVE-2024-32004: Repositories can be configured to execute arbitrary code
    during local clones. To address this, the ownership checks introduced in
    v2.30.3 are now extended to cover cloning local repositories.
  • CVE-2024-32020: Local clones may end up hardlinking files into the target
    repository's object database when source and target repository reside on the
    same disk. If the source repository is owned by a different user, then those
    hardlinked files may be rewritten at any point in time by the untrusted user.
  • CVE-2024-32021: When cloning a local source repository that contains symlinks
    via the filesystem, Git may create hardlinks to arbitrary user-readable files
    on the same filesystem as the target repository in the objects/ directory.
  • CVE-2024-32465: It is supposed to be safe to clone untrusted repositories,
    even those unpacked from zip archives or tarballs originating from untrusted
    sources, but Git can be tricked to run arbitrary code as part of the clone.
  • Defense-in-depth: submodule: require the submodule path to contain
    directories only.
  • Defense-in-depth: clone: when symbolic links collide with directories, keep
    the latter.
  • Defense-in-depth: clone: prevent hooks from running during a clone.
  • Defense-in-depth: core.hooksPath: add some protection while cloning.
  • Defense-in-depth: fsck: warn about symlink pointing inside a gitdir.
  • Various fix-ups on HTTP tests.
  • HTTP Header redaction code has been adjusted for a newer version of cURL
    library that shows its traces differently from earlier versions.
  • Fix was added to work around a regression in libcURL 8.7.0 (which has already
    been fixed in their tip of the tree).
  • Replace macos-12 used at GitHub CI with macos-13.
  • ci(linux-asan/linux-ubsan): let's save some time
  • Tests with LSan from time to time seem to emit harmless message that makes
    our tests unnecessarily flakey; we work it around by filtering the
    uninteresting output.
  • Update GitHub Actions jobs to avoid warnings against using deprecated version
    of Node.js.
Filename SHA-256
Git-2.44.1-64-bit.exe da022749f6952f3fad684efd0687cd7150156e9b1d5aaa114f8769535e360a0f
Git-2.44.1-32-bit.exe ceb5c95889c997a0b31a864ccb74ad3264276b4f0b6fdb48d6ecb4efcc2950bc
PortableGit-2.44.1-64-bit.7z.exe 1300ebcd98e91df53f4a0af9bfd955450f7a362aa1e8f6126eb2aa437bf7e497
PortableGit-2.44.1-32-bit.7z.exe 31e3697ec151067f3bdf5665b25230ae5cc77f9e56fd3e3f7889729c3ef3b405
MinGit-2.44.1-64-bit.zip 9f8ce390ff9b9e540c6be26cd9578904fe3bbd7f7581f2376f452ba858bb36db
MinGit-2.44.1-32-bit.zip ed1019bc0d3da92dc2fe694603f80ff8c4d582d378126589db04651e5c49a763
MinGit-2.44.1-busybox-64-bit.zip 2a56b030114faeffb3096ea371ffb5c518a13d2938165704a64c6f957df51554
MinGit-2.44.1-busybox-32-bit.zip b0726058ef8c763c9439083bccb387d9fe495bbbf8e0b9269676d97abed1718c
Git-2.44.1-64-bit.tar.bz2 4da7c9b80ef6e43415544ef4f10fc892c27ba3fd81a22a5735a7c903d0c3e893
Git-2.44.1-32-bit.tar.bz2 b4e2afa28b76c9e79c8c3b63c2eb9cb3b2a0a9484c9b0629526c32f1249efbcf

v2.43.4.windows.1: MinGit for Windows v2.43.4

14 May 17:14
v2.43.4.windows.1
Compare
Choose a tag to compare
Changes since Git for Windows v2.43.0 (November 20th 2023):

New Features

  * Comes with Git v2.43.4.

Bug Fixes

  * CVE-2024-32002: Recursive clones on case-insensitive filesystems
    that support symbolic links are susceptible to case confusion that
    can be exploited to execute just-cloned code during the clone
    operation.
  * CVE-2024-32004: Repositories can be configured to execute arbitrary
    code during local clones. To address this, the ownership checks
    introduced in v2.30.3 are now extended to cover cloning local
    repositories.
  * CVE-2024-32020: Local clones may end up hardlinking files into the
    target repository's object database when source and target
    repository reside on the same disk. If the source repository is
    owned by a different user, then those hardlinked files may be
    rewritten at any point in time by the untrusted user.
  * CVE-2024-32021: When cloning a local source repository that
    contains symlinks via the filesystem, Git may create hardlinks to
    arbitrary user-readable files on the same filesystem as the target
    repository in the objects/ directory.
  * CVE-2024-32465: It is supposed to be safe to clone untrusted
    repositories, even those unpacked from zip archives or tarballs
    originating from untrusted sources, but Git can be tricked to run
    arbitrary code as part of the clone.
  * Defense-in-depth: submodule: require the submodule path to contain
    directories only.
  * Defense-in-depth: clone: when symbolic links collide with
    directories, keep the latter.
  * Defense-in-depth: clone: prevent hooks from running during a clone.
  * Defense-in-depth: core.hooksPath: add some protection while
    cloning.
  * Defense-in-depth: fsck: warn about symlink pointing inside a
    gitdir.
  * Various fix-ups on HTTP tests.
  * HTTP Header redaction code has been adjusted for a newer version of
    cURL library that shows its traces differently from earlier
    versions.
  * Fix was added to work around a regression in libcURL 8.7.0 (which
    has already been fixed in their tip of the tree).
  * Replace macos-12 used at GitHub CI with macos-13.
  * ci(linux-asan/linux-ubsan): let's save some time
  * Tests with LSan from time to time seem to emit harmless message
    that makes our tests unnecessarily flakey; we work it around by
    filtering the uninteresting output.
  * Update GitHub Actions jobs to avoid warnings against using
    deprecated version of Node.js.

v2.39.4.windows.1: MinGit for Windows v2.39.4

14 May 17:32
v2.39.4.windows.1
Compare
Choose a tag to compare
Changes since MinGit for Windows v2.39.3 (April 18th 2023):

Bug Fixes

  * CVE-2024-32002: Recursive clones on case-insensitive filesystems
    that support symbolic links are susceptible to case confusion that
    can be exploited to execute just-cloned code during the clone
    operation.
  * CVE-2024-32004: Repositories can be configured to execute arbitrary
    code during local clones. To address this, the ownership checks
    introduced in v2.30.3 are now extended to cover cloning local
    repositories.
  * CVE-2024-32020: Local clones may end up hardlinking files into the
    target repository's object database when source and target
    repository reside on the same disk. If the source repository is
    owned by a different user, then those hardlinked files may be
    rewritten at any point in time by the untrusted user.
  * CVE-2024-32021: When cloning a local source repository that
    contains symlinks via the filesystem, Git may create hardlinks to
    arbitrary user-readable files on the same filesystem as the target
    repository in the objects/ directory.
  * CVE-2024-32465: It is supposed to be safe to clone untrusted
    repositories, even those unpacked from zip archives or tarballs
    originating from untrusted sources, but Git can be tricked to run
    arbitrary code as part of the clone.
  * Defense-in-depth: submodule: require the submodule path to contain
    directories only.
  * Defense-in-depth: clone: when symbolic links collide with
    directories, keep the latter.
  * Defense-in-depth: clone: prevent hooks from running during a clone.
  * Defense-in-depth: core.hooksPath: add some protection while
    cloning.
  * Defense-in-depth: fsck: warn about symlink pointing inside a
    gitdir.
  * Various fix-ups on HTTP tests.
  * HTTP Header redaction code has been adjusted for a newer version of
    cURL library that shows its traces differently from earlier
    versions.
  * Fix was added to work around a regression in libcURL 8.7.0 (which
    has already been fixed in their tip of the tree).
  * Replace macos-12 used at GitHub CI with macos-13.
  * ci(linux-asan/linux-ubsan): let's save some time
  * Tests with LSan from time to time seem to emit harmless message
    that makes our tests unnecessarily flakey; we work it around by
    filtering the uninteresting output.
  * Update GitHub Actions jobs to avoid warnings against using
    deprecated version of Node.js.

Git for Windows v2.45.0-rc0.windows.1

19 Apr 21:55
v2.45.0-rc0.windows.1
Compare
Choose a tag to compare
Pre-release

Changes since Git for Windows v2.44.0 (February 23rd 2024)

New Features

Bug Fixes

Filename SHA-256
Git-2.45.0-rc0-64-bit.exe 63f07d6fc53b0ac836f0667e891378ba7a00c56c5bd2989309ed55c55fb22b74
Git-2.45.0-rc0-32-bit.exe 806b4b4ad5ca8bf3c02ac332d3a808bd8b827e9d503489d39378abb5a99133e5
PortableGit-2.45.0-rc0-64-bit.7z.exe 17f8be3a2223868f8da1ef0701ed1e1189859e1a9f0354d9d1f1046dd1ea472b
PortableGit-2.45.0-rc0-32-bit.7z.exe d98df3750a3265134b909d59310e87d4591d04ba8586c67953b1ca09b75a011e
MinGit-2.45.0-rc0-64-bit.zip 05635a6945d160e8cb3ecc33643925184c2732db88c3382a831af07bd1b41248
MinGit-2.45.0-rc0-32-bit.zip 590de1226b0e5853ace6c7eb0a7eb75dd4cb70fcc7b91799bcf7cfed0ca3c587
MinGit-2.45.0-rc0-busybox-64-bit.zip c978df1eb415822d0ce890191f35dc915d550ca5d8989f82fda831242ec5b784
MinGit-2.45.0-rc0-busybox-32-bit.zip 7cb98a1a2fb819dafbde296a805ee87e44a5c2e86bcea43e66982dd3b958b646
Git-2.45.0-rc0-64-bit.tar.bz2 3083bef250da158f5ae1a7e8077b2da57662760d5d5c773ce899362a7442a148
Git-2.45.0-rc0-32-bit.tar.bz2 d40fa3708b133c9b4782ff35178cf8a57fad9353b4d7472b3bee8c460e3b42f9

Git for Windows v2.44.0.windows.1

23 Feb 20:57
v2.44.0.windows.1
Compare
Choose a tag to compare

Changes since Git for Windows v2.43.0 (November 20th 2023)

Git for Windows for Windows v2.44 is the last version to support for Windows 7 and for Windows 8, see MSYS2's corresponding deprecation announcement (Git for Windows relies on MSYS2 for components such as Bash and Perl).

Please also note that the 32-bit variant of Git for Windows is deprecated; Its last official release is planned for 2025.

New Features

Bug Fixes

Filename SHA-256
Git-2.44.0-64-bit.exe 914ffc96cee0631d09049b9d87d4cd8ac9c98ead9a9f9a094d3341348324a9ec
Git-2.44.0-32-bit.exe 5ba23d73e861d872416175ac6a05304875d6ec420c08d0217329580ca1ea0fff
PortableGit-2.44.0-64-bit.7z.exe 1fc64ca91b9b475ab0ada72c9f7b3addbe69a6c8f520be31425cf21841cca369
PortableGit-2.44.0-32-bit.7z.exe e70c80672069907961f6db68b0db5e14ea0447f39c74cfd3c385882f3b934c6f
MinGit-2.44.0-64-bit.zip ed4e74e171c59c9c9d418743c7109aa595e0cc0d1c80cac574d69ed5e571ae59
MinGit-2.44.0-32-bit.zip 3c946898cd78c5106b1672dd80051953bdb245fb46352a70606f271d8b0233c7
MinGit-2.44.0-busybox-64-bit.zip a2377f6e4214f16afa1a5a23d9a291d09a2234bcac67c5aeb36d9cce4b7b4d5b
MinGit-2.44.0-busybox-32-bit.zip 83dd7903f8a4b2a035eda510d6d1394acc9ff36ce45b9e55efd7dd48c83471a4
Git-2.44.0-64-bit.tar.bz2 d78c40d768eb7af7e14d5cd47dac89a2e50786c89a67be6249e1a041ae5eb20d
Git-2.44.0-32-bit.tar.bz2 14541119fe97b4d34126ee136cbdba8da171b8cbd42543185a259128a3eed6b3

Git for Windows v2.44.0-rc2.windows.1

20 Feb 19:05
v2.44.0-rc2.windows.1
Compare
Choose a tag to compare
Pre-release

Changes since Git for Windows v2.43.0 (November 20th 2023)

Git for Windows for Windows v2.44 is the last version to support for Windows 7 and for Windows 8, see MSYS2's corresponding deprecation announcement (Git for Windows relies on MSYS2 for components such as Bash and Perl).

Please also note that the 32-bit variant of Git for Windows is deprecated; Its last official release is planned for 2025.

New Features

Bug Fixes

Filename SHA-256
Git-2.44.0-rc2-64-bit.exe d188ba8cb0d36fda22fa12759de00c9e23cc45f57521f05184d3cf8c36a6fec3
Git-2.44.0-rc2-32-bit.exe 12149c903330ccae8298a6890d3eed49939393c3a806775ef0ddb27674315556
PortableGit-2.44.0-rc2-64-bit.7z.exe 4b753124cec6aa6635001c48716b249cc43a37db10aec3f0cccfc68d6d20ac7c
PortableGit-2.44.0-rc2-32-bit.7z.exe b8cfa7ae7549a3c12a4e19fb9598e16161858075bba3df4110f0585e2476bb5a
MinGit-2.44.0-rc2-64-bit.zip 6db61b0855f4dd67770a221debea944c7a69cb8fa37acb5b1c85c10ea914464e
MinGit-2.44.0-rc2-32-bit.zip e92da5248e2165c1a25fcfce0469754cee218e8954bfe7711890d06803be1659
MinGit-2.44.0-rc2-busybox-64-bit.zip 117839c34a0dba2323d46bf1c66172b4452c9323ab8f917266ef088aec1dc118
MinGit-2.44.0-rc2-busybox-32-bit.zip d9820cccb91d80f46914c047f65424599cb29e87ff7a015e9fcd82b84e7b9abd
Git-2.44.0-rc2-64-bit.tar.bz2 e6346c6ca380035642334d81480f24e74dfaed56f3b8d8313df6989c7b7cad11
Git-2.44.0-rc2-32-bit.tar.bz2 d94aee3941b289f6b1ebf20cca84165628603cce71a067c44338b20e380deaa3