mirrors/poky
1
0
Fork 0
mirror of https://git.yoctoproject.org/poky synced 2026-02-07 09:16:36 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
01eb48b7f5681f2c4a51ae63243a7c7ccdc8435e
poky/meta/recipes-devtools/git
History
Minjae Kim e006c87e22 git: fix CVE-2021-40330 
git_connect_git in connect.c in Git before 2.30.1 allows a repository path to contain a newline character,
which may result in unexpected cross-protocol requests,
as demonstrated by the git://localhost:1234/%0d%0a%0d%0aGET%20/%20HTTP/1.1 substring.

Upstream-Status: Backport [a02ea57717]
CVE: CVE-2021-40330
(From OE-Core rev: ea0d7ef4a8c9bba94bd603ebd19e502faa86293b)

Signed-off-by: Minjae Kim <flowergom@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2021-12-02 16:53:07 +00:00
..
files
git: fix CVE-2021-40330
2021-12-02 16:53:07 +00:00
git
git: Fix determinism issue
2021-11-03 11:18:56 +00:00
git_2.24.3.bb
git: Upgrade 2.24.1 -> 2.24.3
2020-05-28 18:15:29 +01:00
git.inc
git: fix CVE-2021-40330
2021-12-02 16:53:07 +00:00