7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
5.1 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
HIGH
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:H/Au:N/C:P/I:P/A:P
An update that solves one vulnerability, contains two
features and has two fixes is now available.
Description:
This update for git fixes the following issues:
Update from version 2.26.2 to version 2.31.1 (jsc#SLE-18152)
Security fixes:
Non security changes:
sysusers
file to create git-daemon
user.perl-base
and openssh-server
dependency on git-core
andperl-Git
package. (jsc#SLE-17838)fsmonitor
bug fixesgit bisect
to take an annotated tag as a good/bad endpointgit mv
on case insensitive systemsopenssh-clients
where possible (like Tumbleweed or SUSErsync
requirement, not necessary anymore.pack-redundant
command is discouraged and will trigger arepack -d
.--format=%(trailers)
mechanism gets enhanced to make it easier tofast-forwards
.core.abbrev
can be set to no
to force nogit rev-parse
can be explicitly told to give output as absolute or--path-format=(absolute|relative)
option.git
subcommands.git maintenance
learned to drive scheduled maintenance on platforms@{0}
and @{1}
,@{1}
git bundle
learns --stdin
option to read its refs from the standardgit log
learned a new --diff-merges=<how>
option.git ls-files
can and does show multiple entries when the index is-s/-u
option is in--deduplicate
has been introduced.git worktree list
now annotates worktrees as prunable, shows locked--porcelain mode
, and gained a --verbose
git clone
tries to locally check out the branch pointed at by HEAD of..
for a single token to denote a commit range", namely
<rev>^!and
<rev>^-<n>, but
git range-diff` did notgit range-diff
command learned --(left|right)-only
option togit mergetool
feeds three versions (base, local and remote) of a.mailmap
is documented to be read only from the root level of agit maintenance
tool learned a new pack-refs
maintenance task.git rev-list
command learned --disk-usage
option.git diff
, git log
--{skip,rotate}-to=<path>
allows the user togit difftool
learned --skip-to=<path>
option to restart angit grep
has been tweaked to be limited to the sparse checkout paths.git rebase --[no-]fork-point
gained a configuration variablerebase.forkPoint
so that users do not have to keep specifying agit stash
did not work well in a sparsely checked out working tree.git://
URL are nowUserdiff
updates for PHP, Rust, CSSgit push --force-with-lease[=<ref>]
by introducing --force-if-includes
asciidoctor
for the default ruby version--committer-date-is-author-date
option of rebase
and am
git worktree
gained a repair
subcommand, git init --separate-git-dir
no longer corrupts administrative data related togit maintenance
introduced for repository maintenance tasksfetch.writeCommitGraph
is deemed to be still a bit too risky and is nofeature.experimental
set.diff
family honors the diff.relative
git diff-files
has been taught to say paths that are marked asintent-to-add
are new files, not modified from an empty blob.git gui
now allows opening work trees from the start-up dialog.git bugreport
reports what shell is in use.git fast-import
has an option to pass these timestamps intact to allowgit describe
will always use the long
version when giving its outputgit pull
issues a warning message until the pull.rebase
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or βzypper patchβ.
Alternatively you can run the command listed for your product:
openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2021-2555=1
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
openSUSE Leap | 15.3 | aarch64 | <Β - openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64): | - openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):.aarch64.rpm | |
openSUSE Leap | 15.3 | ppc64le | <Β - openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64): | - openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):.ppc64le.rpm | |
openSUSE Leap | 15.3 | s390x | <Β - openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64): | - openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):.s390x.rpm | |
openSUSE Leap | 15.3 | x86_64 | <Β - openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64): | - openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):.x86_64.rpm | |
openSUSE Leap | 15.3 | noarch | <Β - openSUSE Leap 15.3 (noarch): | - openSUSE Leap 15.3 (noarch):.noarch.rpm |
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
5.1 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
HIGH
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:H/Au:N/C:P/I:P/A:P