godotengine/buildroot
1
0
Fork 0
mirror of https://github.com/godotengine/buildroot.git synced 2026-01-02 21:48:20 +03:00
Code Issues Packages Projects Releases Wiki Activity
54,619 Commits 28 Branches 277 Tags
2020.11.x
Commit Graph

44 Commits

Author SHA1 Message Date
Thomas Petazzoni
80898842bf package/git: indicate that license file hashes are locally calculated 
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
 2020-04-27 22:04:32 +02:00
Matt Weber
65418eabd4 package/git: bump to 2.26.2 
Signed-off-by: Matthew Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
 2020-04-27 22:04:06 +02:00
Matt Weber
4f35396135 package/git: bump to 2.26.1 
Signed-off-by: Matthew Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
 2020-04-21 21:37:33 +02:00
Fabrice Fontaine
390b8d6b42 package/git: bump to version 2.26.0 
Update indentation of hash file (two spaces)

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
 2020-04-11 09:51:06 +02:00
Peter Korsgaard
108b76dbd4 package/git: security bump to version 2.24.1 
Fixes the following security vulnerabilities:

* CVE-2019-1348:
   The --export-marks option of git fast-import is exposed also via
   the in-stream command feature export-marks=... and it allows
   overwriting arbitrary paths.

 * CVE-2019-1349:
   When submodules are cloned recursively, under certain circumstances
   Git could be fooled into using the same Git directory twice. We now
   require the directory to be empty.

 * CVE-2019-1350:
   Incorrect quoting of command-line arguments allowed remote code
   execution during a recursive clone in conjunction with SSH URLs.

 * CVE-2019-1351:
   While the only permitted drive letters for physical drives on
   Windows are letters of the US-English alphabet, this restriction
   does not apply to virtual drives assigned via subst <letter>:
   <path>. Git mistook such paths for relative paths, allowing writing
   outside of the worktree while cloning.

 * CVE-2019-1352:
   Git was unaware of NTFS Alternate Data Streams, allowing files
   inside the .git/ directory to be overwritten during a clone.

 * CVE-2019-1353:
   When running Git in the Windows Subsystem for Linux (also known as
   "WSL") while accessing a working directory on a regular Windows
   drive, none of the NTFS protections were active.

 * CVE-2019-1354:
   Filenames on Linux/Unix can contain backslashes. On Windows,
   backslashes are directory separators. Git did not use to refuse to
   write out tracked files with such filenames.

 * CVE-2019-1387:
   Recursive clones are currently affected by a vulnerability that is
   caused by too-lax validation of submodule names, allowing very
   targeted attacks via remote code execution in recursive clones.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
 2019-12-12 08:21:34 +01:00
Matt Weber
cfb4d62b68 package/git: bump to 2.24.0 
Signed-off-by: Matthew Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
 2019-11-16 23:44:30 +01:00
Vadim Kochan
8aa5ee1721 package/git: bump to version 2.22.0 
Remove patch with NLS fix because it is was added into latest version.

Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
 2019-06-11 00:35:21 +02:00
Peter Korsgaard
063eff9bc6 git: security bump to version 2.16.5 
Fixes CVE-2018-17456: RCE issue in handling of git submodules

For more details, see the announcement:
https://marc.info/?l=git&m=153875888916397&w=2

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
 2018-10-07 21:52:37 +02:00
Baruch Siach
ae1f047295 git: security bump to version 2.16.4 
Forward port of security fixes from the 2.13.7 release. The 2.13.7
release notes say this:

 * Submodule "names" come from the untrusted .gitmodules file, but we
   blindly append them to $GIT_DIR/modules to create our on-disk repo
   paths. This means you can do bad things by putting "../" into the
   name. We now enforce some rules for submodule names which will cause
   Git to ignore these malicious names (CVE-2018-11235).

   Credit for finding this vulnerability and the proof of concept from
   which the test script was adapted goes to Etienne Stalmans.

 * It was possible to trick the code that sanity-checks paths on NTFS
   into reading random piece of memory (CVE-2018-11233).

Cc: Matt Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
 2018-05-29 21:45:36 +02:00
Bernd Kuhls
9447e86618 package/git: bump version to 2.16.3 
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
 2018-04-02 15:45:02 +02:00
Bernd Kuhls
5e7e27a3a7 package/git: bump version to 2.16.1 
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
 2018-01-28 11:54:20 +01:00
Bernd Kuhls
e8ba19ba60 package/git: bump version to 2.15.0 
To avoid the build error

grep.c:(.text+0xa02): undefined reference to `pcre_jit_exec'

we need to add NO_LIBPCRE1_JIT=1 according to
https://www.spinics.net/lists/git/msg314515.html

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
 2017-10-31 20:09:20 +01:00
Bernd Kuhls
8e0c7ce50b package/git: security bump to version 2.13.6 
Release notes:
https://public-inbox.org/git/xmqqy3p29ekj.fsf@gitster.mtv.corp.google.com/

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
 2017-09-27 22:03:50 +02:00
Bernd Kuhls
20cf789403 package/git: security bump to version 2.13.5 
Fixes CVE-2017-1000117:
http://www.mail-archive.com/linux-kernel@vger.kernel.org/msg1466490.html

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Acked-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
 2017-08-12 22:56:21 +02:00
Baruch Siach
cd60692427 git: bump to version 2.13.3 
Add license files hashes.

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
 2017-07-18 23:57:18 +02:00
Vicente Olivert Riera
312d71c7a9 git: bump version to 2.13.0 
Patches 0001 and 0002 already included in this release:
  379642bcd8
  2225e1ea20

Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
 2017-05-10 23:44:27 +02:00
Vicente Olivert Riera
3967abfc89 git: bump version to 2.12.2 
Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
 2017-03-28 21:44:21 +02:00
Vicente Olivert Riera
cbb23d5d05 git: bump version to 2.12.1 
Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
 2017-03-21 17:30:29 +01:00
Vicente Olivert Riera
941dc2ac8c git: bump version to 2.12.0 
Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
 2017-03-10 21:50:26 +01:00
Bernd Kuhls
738871e601 package/git: bump version to 2.11.1 
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
 2017-02-04 13:03:09 +01:00
Vicente Olivert Riera
a8ab83fada git: bump version to 2.11.0 
Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
 2016-11-30 11:59:27 +01:00
Vicente Olivert Riera
dcf7a64b46 git: bump version to 2.10.2 
Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
 2016-11-01 14:58:34 +01:00
Vicente Olivert Riera
917bf769db git: bump version to 2.10.1 
Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
 2016-10-13 08:01:55 +02:00
Vicente Olivert Riera
d1cb59adac git: bump version to 2.10.0 
Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
 2016-09-05 21:07:42 +02:00
Rodrigo Rebello
ca4237c766 git: bump version to 2.9.3 
Signed-off-by: Rodrigo Rebello <rprebello@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
 2016-08-17 15:04:23 +02:00
Vicente Olivert Riera
f96e951275 git: bump version to 2.9.1 
Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
 2016-07-14 12:31:45 +02:00
Vicente Olivert Riera
ae61f4ecbb git: bump version to 2.8.3 
Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
 2016-05-22 22:48:16 +02:00
Vicente Olivert Riera
f3698c600c git: bump version to 2.8.2 
Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
 2016-05-04 22:45:26 +02:00
Vicente Olivert Riera
576e073a36 git: bump version to 2.8.1 
Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
 2016-04-05 21:32:12 +02:00
Vicente Olivert Riera
62b1de3fb4 git: bump version to 2.8.0 
Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
 2016-03-29 16:55:29 +02:00
Vicente Olivert Riera
8d73629bb2 git: bump version to 2.7.4 
Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
 2016-03-18 21:52:47 +01:00
Vicente Olivert Riera
bdf2bfe8b4 git: bump version to 2.6.4 
- Bump version to 2.6.4
- Update the hash value
- Remove 0002-Makefile-make-curl-config-path-configurable.patch
  - This patch is now part of upstream:
    f89158760d

Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
 2015-12-09 23:12:01 +01:00
Vicente Olivert Riera
1c25c63a14 git: bump to version 2.6.1 
Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
 2015-10-06 18:34:59 +02:00
Vicente Olivert Riera
3cda54971e git: bump to version 2.6.0 
Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
 2015-09-30 13:52:44 +02:00
Vicente Olivert Riera
71a0b33a0d git: bump to version 2.5.3 
Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
 2015-09-19 13:58:15 +02:00
Vicente Olivert Riera
d4d2bcfa1e git: bump version to 2.5.2 
Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
 2015-09-11 19:48:43 +02:00
Vicente Olivert Riera
614c287a6c git: bump to version 2.4.5 
Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
 2015-07-02 11:00:29 +02:00
Vicente Olivert Riera
c7fec23ecc git: bump to version 2.4.4 
- Bump to version 2.4.4
- Update hash file

Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
 2015-06-19 20:13:50 +02:00
Vicente Olivert Riera
9a426b6bcb git: bump version to 2.3.2 
- Bump version to 2.3.2
- Update the hash file

Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
 2015-03-07 17:41:40 +01:00
Vicente Olivert Riera
9085505c02 git: bump version to 2.3.1 
- Bump version to 2.3.1
- Update the hash file

Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
 2015-02-26 22:36:25 +01:00
Vicente Olivert Riera
58c1d5baed git: bump verstion to 2.3.0 
- Bump version to 2.3.0
- Update the hash file

Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
 2015-02-07 17:40:59 +01:00
Gustavo Zacarias
59b3b3edd6 git: security bump to version 2.2.1 
Fixes:
CVE-2014-9390 - arbitrary command execution vulnerability on
case-insensitive file systems.

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
 2014-12-19 21:41:03 +01:00
Vicente Olivert Riera
46ede997d4 git: bump version to 2.2.0 
- Bump version to 2.2.0
- Update the hash value

Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
 2014-11-27 20:34:50 +01:00
Vicente Olivert Riera
ff9b9adb06 git: bump version to 2.1.3 
- Bump version to 2.1.3
- Add a hash file

Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
 2014-11-19 22:41:00 +01:00