Skip to content
This repository has been archived by the owner on May 16, 2020. It is now read-only.

Backported Security Fixes #14

Closed
davecarlson opened this issue Dec 11, 2019 · 2 comments
Closed

Backported Security Fixes #14

davecarlson opened this issue Dec 11, 2019 · 2 comments

Comments

@davecarlson
Copy link

There hasn't been an update to this package for over one year.

Given this happened today : https://github.blog/2019-12-10-multiple-git-vulnerabilities-in-2-24-and-older/

Can we expect these fixes to be backported ?
@carlwgeorge
Copy link
Member

This package hasn't been updated in a while because we decided to keep it on the 2.16.x series (more details here). That series hadn't seen an update in over a year, until it did recently for these new vulnerabilities. Thanks for bringing the recent releases to my attention.

To clarify the intent of this package, I've renamed it to git216. I've updated git216 and git222 to their latest respective versions to address the vulnerabilities. Those updates can be found in the ius-testing repositories. I'll promote those to the main repositories next week, or sooner if anyone tests them and reports back that they work as expected.

@carlwgeorge
Copy link
Member

I'll promote those to the main repositories next week

Done.

@carlwgeorge carlwgeorge mentioned this issue Apr 16, 2020
Closed
@carlwgeorge carlwgeorge mentioned this issue May 20, 2020
Closed
@carlwgeorge carlwgeorge mentioned this issue Oct 14, 2020
Closed
@richardlau richardlau mentioned this issue Mar 23, 2021
Closed
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@davecarlson @carlwgeorge