Fedora has issued an advisory on November 28: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/SIQD4R3AXAVLC7I56GWWF23JHSCDSW2J/ The issue is fixed upstream in 2.19.2.
There is no activity on this bug despite it's marked security + critical. What's missing?
Maintainer time... SRPM: git-2.13.7-1.3.mga6.src.rpm i586: git-2.13.7-1.3.mga6.i586.rpm git-arch-2.13.7-1.3.mga6.i586.rpm git-core-2.13.7-1.3.mga6.i586.rpm git-core-oldies-2.13.7-1.3.mga6.i586.rpm git-cvs-2.13.7-1.3.mga6.i586.rpm git-email-2.13.7-1.3.mga6.i586.rpm gitk-2.13.7-1.3.mga6.i586.rpm git-prompt-2.13.7-1.3.mga6.i586.rpm git-svn-2.13.7-1.3.mga6.i586.rpm gitweb-2.13.7-1.3.mga6.i586.rpm libgit-devel-2.13.7-1.3.mga6.i586.rpm perl-Git-2.13.7-1.3.mga6.i586.rpm perl-Git-SVN-2.13.7-1.3.mga6.i586.rpm x86_64: git-2.13.7-1.3.mga6.x86_64.rpm git-arch-2.13.7-1.3.mga6.x86_64.rpm git-core-2.13.7-1.3.mga6.x86_64.rpm git-core-oldies-2.13.7-1.3.mga6.x86_64.rpm git-cvs-2.13.7-1.3.mga6.x86_64.rpm git-email-2.13.7-1.3.mga6.x86_64.rpm gitk-2.13.7-1.3.mga6.x86_64.rpm git-prompt-2.13.7-1.3.mga6.x86_64.rpm git-svn-2.13.7-1.3.mga6.x86_64.rpm gitweb-2.13.7-1.3.mga6.x86_64.rpm lib64git-devel-2.13.7-1.3.mga6.x86_64.rpm perl-Git-2.13.7-1.3.mga6.x86_64.rpm perl-Git-SVN-2.13.7-1.3.mga6.x86_64.rpm
Assignee: tmb => qa-bugs
Installed and tested without issues. Tests included local and remote (HTTPS, SSH) repositories and usual operation (e.g. init, clone, status, diff, add, commit, push, pull, stash). System: Mageia 6, x86_64, Intel CPU. $ uname -a Linux marte 4.14.119-desktop-1.mga6 #1 SMP Tue May 14 19:26:16 UTC 2019 x86_64 x86_64 x86_64 GNU/Linux $ rpm -qa | grep -i git | grep -v .git | sort git-2.13.7-1.3.mga6 git-arch-2.13.7-1.3.mga6 git-core-2.13.7-1.3.mga6 git-core-oldies-2.13.7-1.3.mga6 git-cvs-2.13.7-1.3.mga6 git-email-2.13.7-1.3.mga6 gitk-2.13.7-1.3.mga6 git-prompt-2.13.7-1.3.mga6 git-svn-2.13.7-1.3.mga6 perl-Git-2.13.7-1.3.mga6 perl-Git-SVN-2.13.7-1.3.mga6
Whiteboard: (none) => MGA6-64-OKCC: (none) => mageia
Have been using this update for about two weeks without issues. I would be good to have more people testing but I think its time to push this forward. I can write an advisory if no one objects.
Validating. I have no objection to PC LX writing a suggested advisory.
Keywords: (none) => validated_updateCC: (none) => andrewsfarm, sysadmin-bugs
Keywords: (none) => advisoryCC: (none) => tmb
An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2019-0199.html
Status: NEW => RESOLVEDResolution: (none) => FIXED