Merge branch 'ps/apply-beyond-symlink' into maint-2.30 - user/sven/git.git

diff options

author	Junio C Hamano <gitster@pobox.com>	2023-02-03 14:57:27 -0800
committer	Johannes Schindelin <johannes.schindelin@gmx.de>	2023-02-06 09:12:16 +0100
commit	a3033a68ac3886d44ee378784ae242f25afc9970 (patch)
tree	72737d582c2371a1b440bb630502398005eddb40 /builtin/commit.c
parent	2c9a4c731010685b86559c06637aeef2ac5ea06e (diff)
parent	fade728df1221598f42d391cf377e9e84a32053f (diff)

Merge branch 'ps/apply-beyond-symlink' into maint-2.30

Fix a vulnerability (CVE-2023-23946) that allows crafted input to trick `git apply` into writing files outside of the working tree. * ps/apply-beyond-symlink: dir-iterator: prevent top-level symlinks without FOLLOW_SYMLINKS Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>

Diffstat (limited to 'builtin/commit.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: