From 19c52228f7a9ab006794d8ef8599b54d910c6cd8 Mon Sep 17 00:00:00 2001 From: Donald Buczek Date: Tue, 12 Apr 2022 20:26:49 +0200 Subject: [PATCH] git: Update version from 2.30.2 to 2.30.3 Upgrade to 2.30.3 because of CVE-2022-24765: On multi-user machines, Git users might find themselves unexpectedly in a Git worktree, e.g. when there is a scratch space (`/scratch/`) intended for all users and another user created a repository in `/scratch/.git`. Merely having a Git-aware prompt that runs `git status` (or `git diff`) and navigating to a directory which is supposedly not a Git worktree, or opening such a directory in an editor or IDE such as VS Code or Atom, will potentially run commands defined by that other user via `/scratch/.git/config`. --- git.be0 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/git.be0 b/git.be0 index 14ebd890e..8d0ae3a63 100755 --- a/git.be0 +++ b/git.be0 @@ -1,6 +1,6 @@ #!/usr/bin/env beesh -# BEE_VERSION git-2.30.2-0 +# BEE_VERSION git-2.30.3-0 SRCURL[0]="https://www.kernel.org/pub/software/scm/git/git-${PKGVERSION}.tar.xz"