-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Sat, 11 Jan 2025 20:46:03 +0100 Source: git Binary: git-all git-cvs git-daemon-run git-daemon-sysvinit git-doc git-email git-gui git-man git-mediawiki git-svn gitk gitweb Architecture: all Version: 1:2.39.5-0+deb12u2 Distribution: bookworm-security Urgency: high Maintainer: all Build Daemon (x86-grnet-02) Changed-By: Salvatore Bonaccorso Description: git-all - fast, scalable, distributed revision control system (all subpacka git-cvs - fast, scalable, distributed revision control system (cvs interope git-daemon-run - fast, scalable, distributed revision control system (git-daemon s git-daemon-sysvinit - fast, scalable, distributed revision control system (git-daemon s git-doc - fast, scalable, distributed revision control system (documentatio git-email - fast, scalable, distributed revision control system (email add-on git-gui - fast, scalable, distributed revision control system (GUI) git-man - fast, scalable, distributed revision control system (manual pages git-mediawiki - fast, scalable, distributed revision control system (MediaWiki re git-svn - fast, scalable, distributed revision control system (svn interope gitk - fast, scalable, distributed revision control system (revision tre gitweb - fast, scalable, distributed revision control system (web interfac Changes: git (1:2.39.5-0+deb12u2) bookworm-security; urgency=high . * Non-maintainer upload by the Security Team. * credential_format(): also encode [:] * credential: sanitize the user prompt (CVE-2024-50349) * credential: disallow Carriage Returns in the protocol by default (CVE-2024-52006) Checksums-Sha1: ea1707449253993c72c79801901f3d7c392bd50b 981124 git-all_2.39.5-0+deb12u2_all.deb 44609eb62914db6d5e2e57b30af1b97282d414f6 1044920 git-cvs_2.39.5-0+deb12u2_all.deb 4a78927518bc306f5b3b4b514974895d14822d0a 982692 git-daemon-run_2.39.5-0+deb12u2_all.deb e05d4b1cccc27b479cf908af2860b98d87f02b90 983912 git-daemon-sysvinit_2.39.5-0+deb12u2_all.deb 0c5cb73bc7e7e136d61d4b798b1b9861309cd0e7 2153508 git-doc_2.39.5-0+deb12u2_all.deb 5904c9f19d4b924a93858201a1f40cbc72261356 1008792 git-email_2.39.5-0+deb12u2_all.deb a6e5f9119a7bdb06785b3e39ddb5b5e60ec70e37 1199776 git-gui_2.39.5-0+deb12u2_all.deb a45159da5cfaf97170d10eef605d5d7ac9f21846 2053284 git-man_2.39.5-0+deb12u2_all.deb f2d0dc748517b826870bbf0744658d1d91fae9de 997340 git-mediawiki_2.39.5-0+deb12u2_all.deb cce9eea1db7f249ffdb617338cebc898b2030351 1056836 git-svn_2.39.5-0+deb12u2_all.deb 859ed3690ff588dc38ee0f5bc49996d40d059c9b 11745 git_2.39.5-0+deb12u2_all-buildd.buildinfo cb00e0c1bc29ad82b17b74c9ac2d5c4e2dfbb721 1117300 gitk_2.39.5-0+deb12u2_all.deb 17e858ee9e8371c65544efef9c180134facc7a5f 984688 gitweb_2.39.5-0+deb12u2_all.deb Checksums-Sha256: 58776b72b34e6b2d2cb4a6ec0c34e8ceb42b97958c2a43b8c894760189e607fc 981124 git-all_2.39.5-0+deb12u2_all.deb 566816f91e00a8dbab26ebbfa64e5263d0e34b0f820def2313d4f8aeaa67bea0 1044920 git-cvs_2.39.5-0+deb12u2_all.deb 56f4fac6315b6fe0b59c69b8f27af6b94410f18131f1fcbb42ef7873587bc793 982692 git-daemon-run_2.39.5-0+deb12u2_all.deb 26eaa6195697054338f2d5ede27d3944c43cc4aa615e79bc26414fcfa654144c 983912 git-daemon-sysvinit_2.39.5-0+deb12u2_all.deb 0d2f73d674b55178cca1974ae3cd6de06a618017b916451bc71d30e4aeeded3a 2153508 git-doc_2.39.5-0+deb12u2_all.deb 67518ecc82174a02675eb6890469bed86b94e3eaf98ab5f554a4def7698c75d6 1008792 git-email_2.39.5-0+deb12u2_all.deb 91843160f03ce16e269a7b7442dbbb6cb84d34bdec826af1417d9aa9ad5e3742 1199776 git-gui_2.39.5-0+deb12u2_all.deb e0355241d0207d3f1b056c1084375e87e804f24067d59b92f45b5e34782b9a43 2053284 git-man_2.39.5-0+deb12u2_all.deb 8e2f805bd230416120039a08e28ffc768fc59c25fc316528df5718c6519cc003 997340 git-mediawiki_2.39.5-0+deb12u2_all.deb b8fc8b5ccd2958caaf23e54d8d063891e7449bcb2bd69ed55e71fd21ef19d356 1056836 git-svn_2.39.5-0+deb12u2_all.deb 32fec221f6177b2f268b0825f1e53789ea5b95966ff8344b0ae369d836747599 11745 git_2.39.5-0+deb12u2_all-buildd.buildinfo 7f31ab3148f56e8053d68ba39cca5a9cf025d2228d23717e9c4212553f6778ec 1117300 gitk_2.39.5-0+deb12u2_all.deb c07115dc6e8514848e99ade02c55a1a51f87e21d1392f1094a64b42373f1a582 984688 gitweb_2.39.5-0+deb12u2_all.deb Files: 21ee940525042a4c78338565abe711bd 981124 vcs optional git-all_2.39.5-0+deb12u2_all.deb fb96193fe2bef2e1cc28de3656fc31ab 1044920 vcs optional git-cvs_2.39.5-0+deb12u2_all.deb 5acf79bf968aecb54f2056a4db6c17bd 982692 vcs optional git-daemon-run_2.39.5-0+deb12u2_all.deb 394c17474c34837459e1235ad27156c0 983912 vcs optional git-daemon-sysvinit_2.39.5-0+deb12u2_all.deb 309e8239458cee4e2113162cd1d72918 2153508 doc optional git-doc_2.39.5-0+deb12u2_all.deb 0da0707440d630dcc95e6339ed7a50c8 1008792 vcs optional git-email_2.39.5-0+deb12u2_all.deb 79c14e9d2e4bfb27bd36201d3761a2df 1199776 vcs optional git-gui_2.39.5-0+deb12u2_all.deb 1a00ed9250b6fefa628555eca9847d51 2053284 doc optional git-man_2.39.5-0+deb12u2_all.deb 0a1902050ce8dce84011495c5c688dac 997340 vcs optional git-mediawiki_2.39.5-0+deb12u2_all.deb 4afa69ae52fc6924a0b7b0c1cb26ad15 1056836 vcs optional git-svn_2.39.5-0+deb12u2_all.deb 6d6ebc8c8b2e2fa351bcff06d6b36b34 11745 vcs optional git_2.39.5-0+deb12u2_all-buildd.buildinfo c115e1f3c6740e6843b3f1381fd7e89a 1117300 vcs optional gitk_2.39.5-0+deb12u2_all.deb c387807756d05b6542731d84c463165a 984688 vcs optional gitweb_2.39.5-0+deb12u2_all.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEQsM0t1ygJv2xcx3e4cagXJhOTXsFAmeEI5UACgkQ4cagXJhO TXsimg/9HNoSeAw3MLlqaT/+1LyoUFZ+Ueeo3X1ruKTBLQjh3JZmyzqD1eaCVFWV u/+vE9AnMLXGBWJjI28OiY94joZVTrUD47qbj/bIimz0EVljpxYoiChd9iOUbOKd 2ehu7QcqFERssTI7iSn8q+eNPBfqn7e86klKUgqPvCoGxneorwBhEumj/pMnzo2J Dq1xWxtMmQPq8TUTyZnB3K1mTAXor6vzECakW/cALsR4lCFg6D4F3kzYWsLPzp2W X4A8Ofl0YMwUqsXWUjJC30FPTd7OapvNFg+lEkdLTQBDCWViwgHDdGyr7KhCieT8 Msgu+TM6T4uk+XVZWdR2RWkbnw+d2hGkS3aD+LHzNJ06mM/RBKy9FlupuL5nhZmZ 60kO9DdR56/gN6O6etiX5SilD1tmDWnmOuKlxKGE6KR8a+QIPUESx1kYKmAEo/3I qS3VlpNoiDoCggVxw+tfkt3qlWNulL4m3OTdiIay/p9uAX25VB3wkTJvbNc69qCd SrqpwhtVpulR5w+KVV3WO8MNxPmwq0Y0F7HKLkxWhRLxTFiR0XssHHSbO4ELTBb4 +JXR0UWz/GYRQBaeWeupug/g/ra3nY+q8+hxFqdLWNBalgKNvaWtgcIjb4iJ0LEh 8+lm9Z4A+D7UxKDEKpjYXk25yEh+jXzcBrkFnCxgu39Geq41nyw= =PbwD -----END PGP SIGNATURE-----