|| ||Junio C Hamano <email@example.com>|
|| ||[ANNOUNCE] GIT 1.1.5|
|| ||Fri, 27 Jan 2006 20:48:33 -0800|
The latest maintenance release GIT 1.1.5 is available at the
Mark Wooding noticed that there is a bug in git-checkout-index
to overflow its internal buffer, if you construct a blob that
records an insanely long symbolic link in your index file and
try to check it out. This makes it dump core or worse.
The fix for this problem is the only change from v1.1.4. The
master branch has been updated with the same fix (so has "pu").
By the way, "dump core or worse" is a subtle way to say that
this is a security fix. To be victimized, you have to somehow
first get such a bogus symbolic link in your index. Merging
with somebody of dubious trustworthiness is a way to do so;
please practice safe merge ;-).
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to firstname.lastname@example.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/