Git - v2.30.3

Security

This release addresses the security issue CVE-2022-24765.

Fixes since v2.30.2

  • Build fix on Windows.

  • Fix GIT_CEILING_DIRECTORIES with Windows-style root directories.

  • CVE-2022-24765:
    On multi-user machines, Git users might find themselves
    unexpectedly in a Git worktree, e.g. when another user created a
    repository in C:\.git, in a mounted network drive or in a
    scratch space. Merely having a Git-aware prompt that runs git status (or git diff) and navigating to a directory which is
    supposedly not a Git worktree, or opening such a directory in an
    editor or IDE such as VS Code or Atom, will potentially run
    commands defined by that other user.

Credit for finding this vulnerability goes to δΏžζ™¨δΈœ; The fix was
authored by Johannes Schindelin.

Details

date
March 23, 2022, 11:22 p.m.
type
Patch
official page
https://raw.githubusercontent.com/git/git/master/Documentation/RelNotes/2.30.3.txt
πŸ‘‡
Register or login to:
  • πŸ”View and search all Git releases.
  • πŸ› οΈCreate and share lists to track your tools.
  • 🚨Setup notifications for major, security, feature or patch updates.
  • πŸš€Much more coming soon!
Continue with GitHub
Continue with Google
or