Merge branch 'ps/apply-beyond-symlink' into maint-2.30 - git - Mirror of https://git.kernel.org/pub/scm/git/git.git/

diff options

author	Junio C Hamano <gitster@pobox.com>	2023-02-03 14:57:27 -0800
committer	Johannes Schindelin <johannes.schindelin@gmx.de>	2023-02-06 09:12:16 +0100
commit	a3033a68ac3886d44ee378784ae242f25afc9970 (patch)
tree	72737d582c2371a1b440bb630502398005eddb40 /t/t5604-clone-reference.sh
parent	Merge branch 'tb/clone-local-symlinks' into maint-2.30 (diff)
parent	apply: fix writing behind newly created symbolic links (diff)
download	git-a3033a68ac3886d44ee378784ae242f25afc9970.tar.gz git-a3033a68ac3886d44ee378784ae242f25afc9970.zip

Merge branch 'ps/apply-beyond-symlink' into maint-2.30

Fix a vulnerability (CVE-2023-23946) that allows crafted input to trick `git apply` into writing files outside of the working tree. * ps/apply-beyond-symlink: dir-iterator: prevent top-level symlinks without FOLLOW_SYMLINKS Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>

Diffstat (limited to 't/t5604-clone-reference.sh')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: