[Buildroot] [PATCH v1 1/2] package/git: bump version to 2.30.2

Thomas Petazzoni thomas.petazzoni at bootlin.com
Sat Mar 20 20:47:39 UTC 2021


On Thu, 18 Mar 2021 21:16:54 +0100
Peter Seiderer <ps.report at gmx.net> wrote:

> Fix CVE-2021-21300:
> 
>   On case-insensitive file systems with support for symbolic links,
>   if Git is configured globally to apply delay-capable clean/smudge
>   filters (such as Git LFS), Git could be fooled into running
>   remote code during a clone.
> 
> For details see [1] and [2].
> 
> [1] http://lkml.iu.edu/hypermail/linux/kernel/2102.1/01858.html
> [2] http://lkml.iu.edu/hypermail/linux/kernel/2103.1/02533.html
> 
> Signed-off-by: Peter Seiderer <ps.report at gmx.net>
> ---
>  package/git/git.hash | 2 +-
>  package/git/git.mk   | 2 +-
>  2 files changed, 2 insertions(+), 2 deletions(-)

Both applied to master, thanks!

Thomas
-- 
Thomas Petazzoni, CTO, Bootlin
Embedded Linux and Kernel engineering
https://bootlin.com



More information about the buildroot mailing list