From 9a42c03cb71eaa9d41ba67275de38c997a791c32 Mon Sep 17 00:00:00 2001 From: Jeff King Date: Mon, 11 Sep 2017 11:27:51 -0400 Subject: shell: drop git-cvsserver support by default The git-cvsserver script is old and largely unmaintained these days. But git-shell allows untrusted users to run it out of the box, significantly increasing its attack surface. Let's drop it from git-shell's list of internal handlers so that it cannot be run by default. This is not backwards compatible. But given the age and development activity on CVS-related parts of Git, this is likely to impact very few users, while helping many more (i.e., anybody who runs git-shell and had no intention of supporting CVS). There's no configuration mechanism in git-shell for us to add a boolean and flip it to "off". But there is a mechanism for adding custom commands, and adding CVS support here is fairly trivial. Let's document it to give guidance to anybody who really is still running cvsserver. Signed-off-by: Jeff King Signed-off-by: Junio C Hamano --- Documentation/git-shell.txt | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) (limited to 'Documentation') diff --git a/Documentation/git-shell.txt b/Documentation/git-shell.txt index 2e30a3e42d..54cf2560be 100644 --- a/Documentation/git-shell.txt +++ b/Documentation/git-shell.txt @@ -79,6 +79,22 @@ EOF $ chmod +x $HOME/git-shell-commands/no-interactive-login ---------------- +To enable git-cvsserver access (which should generally have the +`no-interactive-login` example above as a prerequisite, as creating +the git-shell-commands directory allows interactive logins): + +---------------- +$ cat >$HOME/git-shell-commands/cvs <<\EOF +if ! test $# = 1 && test "$1" = "server" +then + echo >&2 "git-cvsserver only handles \"server\"" + exit 1 +fi +exec git cvsserver server +EOF +$ chmod +x $HOME/git-shell-commands/cvs +---------------- + SEE ALSO -------- ssh(1), -- cgit v1.2.3 From 27dea4683b608c5c0487dee74cbda13b62803b73 Mon Sep 17 00:00:00 2001 From: Junio C Hamano Date: Fri, 22 Sep 2017 14:42:22 +0900 Subject: Git 2.10.5 Signed-off-by: Junio C Hamano --- Documentation/RelNotes/2.10.5.txt | 17 +++++++++++++++++ GIT-VERSION-GEN | 2 +- RelNotes | 2 +- 3 files changed, 19 insertions(+), 2 deletions(-) create mode 100644 Documentation/RelNotes/2.10.5.txt (limited to 'Documentation') diff --git a/Documentation/RelNotes/2.10.5.txt b/Documentation/RelNotes/2.10.5.txt new file mode 100644 index 0000000000..a498fd6fdc --- /dev/null +++ b/Documentation/RelNotes/2.10.5.txt @@ -0,0 +1,17 @@ +Git v2.10.5 Release Notes +========================= + +Fixes since v2.10.4 +------------------- + + * "git cvsserver" no longer is invoked by "git daemon" by default, + as it is old and largely unmaintained. + + * Various Perl scripts did not use safe_pipe_capture() instead of + backticks, leaving them susceptible to end-user input. They have + been corrected. + +Credits go to joernchen for finding the +unsafe constructs in "git cvsserver", and to Jeff King at GitHub for +finding and fixing instances of the same issue in other scripts. + diff --git a/GIT-VERSION-GEN b/GIT-VERSION-GEN index f0b293d4ff..5f322689df 100755 --- a/GIT-VERSION-GEN +++ b/GIT-VERSION-GEN @@ -1,7 +1,7 @@ #!/bin/sh GVF=GIT-VERSION-FILE -DEF_VER=v2.10.4 +DEF_VER=v2.10.5 LF=' ' diff --git a/RelNotes b/RelNotes index 6b165ea13f..0afb154492 120000 --- a/RelNotes +++ b/RelNotes @@ -1 +1 @@ -Documentation/RelNotes/2.10.4.txt \ No newline at end of file +Documentation/RelNotes/2.10.5.txt \ No newline at end of file -- cgit v1.2.3 From 39aaab109972d6bbc1d0ffe5d4de47bbd4b8bb07 Mon Sep 17 00:00:00 2001 From: Junio C Hamano Date: Fri, 22 Sep 2017 14:44:45 +0900 Subject: Git 2.11.4 Signed-off-by: Junio C Hamano --- Documentation/RelNotes/2.11.4.txt | 17 +++++++++++++++++ GIT-VERSION-GEN | 2 +- RelNotes | 2 +- 3 files changed, 19 insertions(+), 2 deletions(-) create mode 100644 Documentation/RelNotes/2.11.4.txt (limited to 'Documentation') diff --git a/Documentation/RelNotes/2.11.4.txt b/Documentation/RelNotes/2.11.4.txt new file mode 100644 index 0000000000..ad4da8eb09 --- /dev/null +++ b/Documentation/RelNotes/2.11.4.txt @@ -0,0 +1,17 @@ +Git v2.11.4 Release Notes +========================= + +Fixes since v2.11.3 +------------------- + + * "git cvsserver" no longer is invoked by "git daemon" by default, + as it is old and largely unmaintained. + + * Various Perl scripts did not use safe_pipe_capture() instead of + backticks, leaving them susceptible to end-user input. They have + been corrected. + +Credits go to joernchen for finding the +unsafe constructs in "git cvsserver", and to Jeff King at GitHub for +finding and fixing instances of the same issue in other scripts. + diff --git a/GIT-VERSION-GEN b/GIT-VERSION-GEN index 01d3c71340..845d2141d8 100755 --- a/GIT-VERSION-GEN +++ b/GIT-VERSION-GEN @@ -1,7 +1,7 @@ #!/bin/sh GVF=GIT-VERSION-FILE -DEF_VER=v2.11.3 +DEF_VER=v2.11.4 LF=' ' diff --git a/RelNotes b/RelNotes index ff91cb22f9..1f96450bd0 120000 --- a/RelNotes +++ b/RelNotes @@ -1 +1 @@ -Documentation/RelNotes/2.11.3.txt \ No newline at end of file +Documentation/RelNotes/2.11.4.txt \ No newline at end of file -- cgit v1.2.3 From 9752ad0bb79f680bca48db7adc45338b298304b0 Mon Sep 17 00:00:00 2001 From: Junio C Hamano Date: Fri, 22 Sep 2017 14:47:41 +0900 Subject: Git 2.12.5 Signed-off-by: Junio C Hamano --- Documentation/RelNotes/2.12.5.txt | 17 +++++++++++++++++ GIT-VERSION-GEN | 2 +- RelNotes | 2 +- 3 files changed, 19 insertions(+), 2 deletions(-) create mode 100644 Documentation/RelNotes/2.12.5.txt (limited to 'Documentation') diff --git a/Documentation/RelNotes/2.12.5.txt b/Documentation/RelNotes/2.12.5.txt new file mode 100644 index 0000000000..8fa73cfce7 --- /dev/null +++ b/Documentation/RelNotes/2.12.5.txt @@ -0,0 +1,17 @@ +Git v2.12.5 Release Notes +========================= + +Fixes since v2.12.4 +------------------- + + * "git cvsserver" no longer is invoked by "git daemon" by default, + as it is old and largely unmaintained. + + * Various Perl scripts did not use safe_pipe_capture() instead of + backticks, leaving them susceptible to end-user input. They have + been corrected. + +Credits go to joernchen for finding the +unsafe constructs in "git cvsserver", and to Jeff King at GitHub for +finding and fixing instances of the same issue in other scripts. + diff --git a/GIT-VERSION-GEN b/GIT-VERSION-GEN index b0e458e5fe..5a6193ad97 100755 --- a/GIT-VERSION-GEN +++ b/GIT-VERSION-GEN @@ -1,7 +1,7 @@ #!/bin/sh GVF=GIT-VERSION-FILE -DEF_VER=v2.12.4 +DEF_VER=v2.12.5 LF=' ' diff --git a/RelNotes b/RelNotes index 478bd29b26..6b0160b6f7 120000 --- a/RelNotes +++ b/RelNotes @@ -1 +1 @@ -Documentation/RelNotes/2.12.4.txt \ No newline at end of file +Documentation/RelNotes/2.12.5.txt \ No newline at end of file -- cgit v1.2.3 From 42e6fde5c28150206956ea4be490d886c4ecbd68 Mon Sep 17 00:00:00 2001 From: Junio C Hamano Date: Fri, 22 Sep 2017 14:49:24 +0900 Subject: Git 2.13.6 Signed-off-by: Junio C Hamano --- Documentation/RelNotes/2.13.6.txt | 17 +++++++++++++++++ GIT-VERSION-GEN | 2 +- RelNotes | 2 +- 3 files changed, 19 insertions(+), 2 deletions(-) create mode 100644 Documentation/RelNotes/2.13.6.txt (limited to 'Documentation') diff --git a/Documentation/RelNotes/2.13.6.txt b/Documentation/RelNotes/2.13.6.txt new file mode 100644 index 0000000000..afcae9c808 --- /dev/null +++ b/Documentation/RelNotes/2.13.6.txt @@ -0,0 +1,17 @@ +Git v2.13.6 Release Notes +========================= + +Fixes since v2.13.5 +------------------- + + * "git cvsserver" no longer is invoked by "git daemon" by default, + as it is old and largely unmaintained. + + * Various Perl scripts did not use safe_pipe_capture() instead of + backticks, leaving them susceptible to end-user input. They have + been corrected. + +Credits go to joernchen for finding the +unsafe constructs in "git cvsserver", and to Jeff King at GitHub for +finding and fixing instances of the same issue in other scripts. + diff --git a/GIT-VERSION-GEN b/GIT-VERSION-GEN index f3d4649a90..3db6830bed 100755 --- a/GIT-VERSION-GEN +++ b/GIT-VERSION-GEN @@ -1,7 +1,7 @@ #!/bin/sh GVF=GIT-VERSION-FILE -DEF_VER=v2.13.5 +DEF_VER=v2.13.6 LF=' ' diff --git a/RelNotes b/RelNotes index 7d44fd5bf4..c2dd9dd6ad 120000 --- a/RelNotes +++ b/RelNotes @@ -1 +1 @@ -Documentation/RelNotes/2.13.5.txt \ No newline at end of file +Documentation/RelNotes/2.13.6.txt \ No newline at end of file -- cgit v1.2.3 From 4010f1d1b782eb7585e0e0abcefa794bd5ff29a0 Mon Sep 17 00:00:00 2001 From: Junio C Hamano Date: Fri, 22 Sep 2017 14:51:37 +0900 Subject: Git 2.14.2 Signed-off-by: Junio C Hamano --- Documentation/RelNotes/2.14.2.txt | 11 +++++++++++ 1 file changed, 11 insertions(+) (limited to 'Documentation') diff --git a/Documentation/RelNotes/2.14.2.txt b/Documentation/RelNotes/2.14.2.txt index bcfe78f59d..bec9186ade 100644 --- a/Documentation/RelNotes/2.14.2.txt +++ b/Documentation/RelNotes/2.14.2.txt @@ -91,4 +91,15 @@ Fixes since v2.14.1 * "git archive" did not work well with pathspecs and the export-ignore attribute. + * "git cvsserver" no longer is invoked by "git daemon" by default, + as it is old and largely unmaintained. + + * Various Perl scripts did not use safe_pipe_capture() instead of + backticks, leaving them susceptible to end-user input. They have + been corrected. + Also contains various documentation updates and code clean-ups. + +Credits go to joernchen for finding the +unsafe constructs in "git cvsserver", and to Jeff King at GitHub for +finding and fixing instances of the same issue in other scripts. -- cgit v1.2.3