[ubuntu/jammy-security] git 1:2.34.1-1ubuntu1.12 (Accepted)

[Leonidas S. Barbosa]

git (1:2.34.1-1ubuntu1.12) jammy-security; urgency=medium

  * SECURITY UPDATE: crafted URL susceptibility
    - debian/patches/CVE-2024-50349-1.patch: sanitize credentials
      in credential.c, strbuf.c, strbuf.h,
      t/t0300-credentials.sh.
    - debian/patches/CVE-2024-50349-2.patch: credential sanitize
      the user prompt in credential.c, credential.h,
      t/t0300-credentials.sh, t/t5541-http-push-smart.sh,
      t/t5550-http-fetch-dumb.sh, t/t5551-http-fetch-smart.sh.
    - CVE-2024-50349
  * SECURITY UPDATE: Git may pass on Carriage Returns
    - debian/patches/CVE-2024-52006.patch: disallow carriage
      returns in the protocol by default in credential.c,
      credential.h, t/t0300-credentials.sh.
    - CVE-2024-52006

Date: 2025-01-14 09:30:12.271939+00:00
Changed-By: leo.barbosa at canonical.com (Leonidas S. Barbosa)
https://launchpad.net/ubuntu/+source/git/1:2.34.1-1ubuntu1.12
-------------- next part --------------
Sorry, changesfile not available.