Sync with 2.13.6

Signed-off-by: Junio C Hamano <gitster@pobox.com>
author: Junio C Hamano <gitster@pobox.com> 2017-09-22 14:50:02 +0900
committer: Junio C Hamano <gitster@pobox.com> 2017-09-22 14:50:02 +0900
commit: cef9271e0181fa22d337dca3a17bf07aa92a03e8 (patch)
tree: ed8dd5e419be8c24d40d8be277944f59a87979ec /Documentation/RelNotes/2.12.5.txt
parent: RelNotes: further fixes for 2.14.2 from the master front (diff)
parent: Git 2.13.6 (diff)
download: git-cef9271e0181fa22d337dca3a17bf07aa92a03e8.tar.gz
git-cef9271e0181fa22d337dca3a17bf07aa92a03e8.zip
1 files changed, 17 insertions, 0 deletions
diff --git a/Documentation/RelNotes/2.12.5.txt b/Documentation/RelNotes/2.12.5.txt
new file mode 100644
index 0000000000..8fa73cfce7
--- /dev/null
+++ b/Documentation/RelNotes/2.12.5.txt
@@ -0,0 +1,17 @@
+Git v2.12.5 Release Notes
+=========================
+
+Fixes since v2.12.4
+-------------------
+
+ * "git cvsserver" no longer is invoked by "git daemon" by default,
+   as it is old and largely unmaintained.
+
+ * Various Perl scripts did not use safe_pipe_capture() instead of
+   backticks, leaving them susceptible to end-user input.  They have
+   been corrected.
+
+Credits go to joernchen <joernchen@phenoelit.de> for finding the
+unsafe constructs in "git cvsserver", and to Jeff King at GitHub for
+finding and fixing instances of the same issue in other scripts.
+
author	Junio C Hamano <gitster@pobox.com>	2017-09-22 14:50:02 +0900
committer	Junio C Hamano <gitster@pobox.com>	2017-09-22 14:50:02 +0900
commit	cef9271e0181fa22d337dca3a17bf07aa92a03e8 (patch)
tree	ed8dd5e419be8c24d40d8be277944f59a87979ec /Documentation/RelNotes/2.12.5.txt
parent	RelNotes: further fixes for 2.14.2 from the master front (diff)
parent	Git 2.13.6 (diff)
download	git-cef9271e0181fa22d337dca3a17bf07aa92a03e8.tar.gz git-cef9271e0181fa22d337dca3a17bf07aa92a03e8.zip