diff options
| author | Vincent Ambo <Vincent Ambo> | 2020-01-11T23·36+0000 |
|---|---|---|
| committer | Vincent Ambo <Vincent Ambo> | 2020-01-11T23·36+0000 |
| commit | 1b593e1ea4d2af0f6444d9a7788d5d99abd6fde5 (patch) | |
| tree | e3accb9beed5c4c1b5a05c99db71ab2841f0ed04 /Documentation/RelNotes/2.13.6.txt | |
Squashed 'third_party/git/' content from commit cb71568594
git-subtree-dir: third_party/git git-subtree-split: cb715685942260375e1eb8153b0768a376e4ece7
Diffstat (limited to 'Documentation/RelNotes/2.13.6.txt')
| -rw-r--r-- | Documentation/RelNotes/2.13.6.txt | 17 |
1 files changed, 17 insertions, 0 deletions
diff --git a/Documentation/RelNotes/2.13.6.txt b/Documentation/RelNotes/2.13.6.txt new file mode 100644 index 0000000000..afcae9c808 --- /dev/null +++ b/Documentation/RelNotes/2.13.6.txt @@ -0,0 +1,17 @@ +Git v2.13.6 Release Notes +========================= + +Fixes since v2.13.5 +------------------- + + * "git cvsserver" no longer is invoked by "git daemon" by default, + as it is old and largely unmaintained. + + * Various Perl scripts did not use safe_pipe_capture() instead of + backticks, leaving them susceptible to end-user input. They have + been corrected. + +Credits go to joernchen <joernchen@phenoelit.de> for finding the +unsafe constructs in "git cvsserver", and to Jeff King at GitHub for +finding and fixing instances of the same issue in other scripts. + |