about summary refs log tree commit diff
path: root/third_party/git/Documentation/RelNotes/2.20.2.txt
diff options
context:
space:
mode:
authorVincent Ambo <tazjin@google.com>2020-05-25T23·06+0100
committerVincent Ambo <tazjin@google.com>2020-05-25T23·06+0100
commit93ba78d6f4632ef1c5228965e3edc8c0faf88c1e (patch)
tree85730c182a9f5f492ade8e8ccdb1c2356f9900bd /third_party/git/Documentation/RelNotes/2.20.2.txt
parent6f8fbf4aa4b1654ab27d4829e114538761817de0 (diff)
revert(3p/git): Revert merge of git upstream at v2.26.2 r/852
This causes cgit to serve error pages, which is undesirable.

This reverts commit 5229c9b232de5bfa959ad6ebbb4c8192ac513352, reversing
changes made to f2b211131f2347342dde63975b09cf603149f1a3.
Diffstat (limited to 'third_party/git/Documentation/RelNotes/2.20.2.txt')
-rw-r--r--third_party/git/Documentation/RelNotes/2.20.2.txt18
1 files changed, 0 insertions, 18 deletions
diff --git a/third_party/git/Documentation/RelNotes/2.20.2.txt b/third_party/git/Documentation/RelNotes/2.20.2.txt
deleted file mode 100644
index 8e680cb9fbf4..000000000000
--- a/third_party/git/Documentation/RelNotes/2.20.2.txt
+++ /dev/null
@@ -1,18 +0,0 @@
-Git v2.20.2 Release Notes
-=========================
-
-This release merges up the fixes that appear in v2.14.6, v2.15.4
-and in v2.17.3, addressing the security issues CVE-2019-1348,
-CVE-2019-1349, CVE-2019-1350, CVE-2019-1351, CVE-2019-1352,
-CVE-2019-1353, CVE-2019-1354, and CVE-2019-1387; see the release notes
-for those versions for details.
-
-The change to disallow `submodule.<name>.update=!command` entries in
-`.gitmodules` which was introduced v2.15.4 (and for which v2.17.3
-added explicit fsck checks) fixes the vulnerability in v2.20.x where a
-recursive clone followed by a submodule update could execute code
-contained within the repository without the user explicitly having
-asked for that (CVE-2019-19604).
-
-Credit for finding this vulnerability goes to Joern Schneeweisz,
-credit for the fixes goes to Jonathan Nieder.