Revision a7b1ad3b05fd1dc03c3de12ea4f2d8118ad24e2c authored by Johannes Schindelin on 03 October 2019, 18:44:34 UTC, committed by Johannes Schindelin on 04 December 2019, 12:23:22 UTC
The `--export-marks` option of `git fast-import` is exposed also via the in-stream command `feature export-marks=...` and it allows overwriting arbitrary paths. This topic branch prevents the in-stream version, to prevent arbitrary file accesses by `git fast-import` streams coming from untrusted sources (e.g. in remote helpers that are based on `git fast-import`). This fixes CVE-2019-1348. Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
| File | Mode | Size |
|---|---|---|
| .gitignore | -rw-r--r-- | 7 bytes |
| README | -rw-r--r-- | 10.6 KB |
| TEAMS | -rw-r--r-- | 2.1 KB |
| bg.po | -rw-r--r-- | 614.9 KB |
| ca.po | -rw-r--r-- | 474.2 KB |
| de.po | -rw-r--r-- | 488.0 KB |
| fr.po | -rw-r--r-- | 508.5 KB |
| git.pot | -rw-r--r-- | 305.4 KB |
| is.po | -rw-r--r-- | 3.3 KB |
| it.po | -rw-r--r-- | 128.2 KB |
| ko.po | -rw-r--r-- | 496.6 KB |
| pt_PT.po | -rw-r--r-- | 482.9 KB |
| ru.po | -rw-r--r-- | 591.4 KB |
| sv.po | -rw-r--r-- | 492.5 KB |
| vi.po | -rw-r--r-- | 544.8 KB |
| zh_CN.po | -rw-r--r-- | 449.0 KB |
Computing file changes ...
