diff options
author | Vincent Ambo <mail@tazj.in> | 2021-09-21T10·03+0300 |
---|---|---|
committer | Vincent Ambo <mail@tazj.in> | 2021-09-21T11·29+0300 |
commit | 43b1791ec601732ac31195df96781a848360a9ac (patch) | |
tree | daae8d638343295d2f1f7da955e556ef4c958864 /third_party/git/Documentation/RelNotes/2.14.5.txt | |
parent | 2d8e7dc9d9c38127ec4ebd13aee8e8f586a43318 (diff) |
chore(3p/git): Unvendor git and track patches instead r/2903
This was vendored a long time ago under the expectation that keeping it in sync with cgit would be easier this way, but it has proven not to be a big issue. On the other hand, a vendored copy of git is an annoying maintenance burden. It is much easier to rebase the single (dottime) patch that we have. This removes the vendored copy of git and instead passes the git source code to cgit via `pkgs.srcOnly`, which includes the applied patch so that cgit can continue rendering dottime. Change-Id: If31f62dea7ce688fd1b9050204e9378019775f2b
Diffstat (limited to 'third_party/git/Documentation/RelNotes/2.14.5.txt')
-rw-r--r-- | third_party/git/Documentation/RelNotes/2.14.5.txt | 16 |
1 files changed, 0 insertions, 16 deletions
diff --git a/third_party/git/Documentation/RelNotes/2.14.5.txt b/third_party/git/Documentation/RelNotes/2.14.5.txt deleted file mode 100644 index 130645fb292a..000000000000 --- a/third_party/git/Documentation/RelNotes/2.14.5.txt +++ /dev/null @@ -1,16 +0,0 @@ -Git v2.14.5 Release Notes -========================= - -This release is to address the recently reported CVE-2018-17456. - -Fixes since v2.14.4 -------------------- - - * Submodules' "URL"s come from the untrusted .gitmodules file, but - we blindly gave it to "git clone" to clone submodules when "git - clone --recurse-submodules" was used to clone a project that has - such a submodule. The code has been hardened to reject such - malformed URLs (e.g. one that begins with a dash). - -Credit for finding and fixing this vulnerability goes to joernchen -and Jeff King, respectively. |