[Bug 1563336] Re: [Ffe] Sync git 1:2.8.0~rc3-1 (main) from Debian unstable (main)
Logan Rosen
loganrosen at gmail.com
Sat Apr 2 03:11:15 UTC 2016
Unsubscribing ~ubuntu-sponsors. Please only subscribe once there is an
ack from the release team.
--
You received this bug notification because you are a member of Ubuntu
Sponsors Team, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1563336
Title:
[Ffe] Sync git 1:2.8.0~rc3-1 (main) from Debian unstable (main)
Status in git package in Ubuntu:
New
Bug description:
Please sync git 1:2.8.0~rc3-1 (main) from Debian unstable (main)
Explanation of the Ubuntu delta and why it can be dropped:
* SECURITY UPDATE: New upstream release to fix denial of service or possible
remote code execution (LP: #1557787)
+ CVE-2016-2324
+ The previous upload only fixed one of the two security issues and 2.7.4
is needed to address the second
* New upstream release, with critical security bugfixes (LP: #1557787)
Included in new release.
Changelog entries since current xenial version 1:2.7.4-0ubuntu1:
git (1:2.8.0~rc3-1) unstable; urgency=medium
* new upstream release candidate (see RelNotes/2.8.0.txt).
* harden against on-stack and on-heap buffer overflows (CVE-2016-2324,
CVE-2016-2315; closes: #818318).
* debian/git.docs: update for README -> README.md renaming.
-- Jonathan Nieder <jrnieder at gmail.com> Wed, 16 Mar 2016 18:28:12
-0700
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/git/+bug/1563336/+subscriptions
More information about the Ubuntu-sponsors
mailing list