A security issue fixed upstream in Git has been announced today (April 20): https://www.openwall.com/lists/oss-security/2020/04/20/1 The upstream advisory is here: https://github.com/git/git/security/advisories/GHSA-hjc9-x69f-jqj7 The issue is fixed upstream in 2.21.3 and 2.26.2. Thomas Backlund has already built the updates. Updated packages for Mageia 7: git-2.21.3-1.mga7 git-core-2.21.3-1.mga7 gitk-2.21.3-1.mga7 libgit-devel-2.21.3-1.mga7 git-subtree-2.21.3-1.mga7 git-svn-2.21.3-1.mga7 git-cvs-2.21.3-1.mga7 git-arch-2.21.3-1.mga7 git-email-2.21.3-1.mga7 perl-Git-2.21.3-1.mga7 perl-Git-SVN-2.21.3-1.mga7 git-core-oldies-2.21.3-1.mga7 gitweb-2.21.3-1.mga7 git-prompt-2.21.3-1.mga7 from git-2.21.3-1.mga7.src.rpm
CC: (none) => tmb
MGA7-64 Plasma on Lenovo B50 No installation issues. Deleted -git folder from previous test bug 26483 $ git init Initialized empty Git repository in /home/tester7/.git/ [tester7@mach5 ~]$ git config --global user.name "tester7" [tester7@mach5 ~]$ git config --global user.email "herman.viaene@hotmail.be" [tester7@mach5 ~]$ git add ~/Documents/okra/zwemmen.ods [tester7@mach5 ~]$ git branch [tester7@mach5 ~]$ git show fatal: your current branch 'master' does not have any commits yet [tester7@mach5 ~]$ git commit [master (root-commit) df3b657] new file: Documents/okra/zwemmen.ods 1 file changed, 0 insertions(+), 0 deletions(-) create mode 100644 Documents/okra/zwemmen.ods [tester7@mach5 ~]$ git show commit df3b6578b02040a588ea5aa325f8bd405252804e (HEAD -> master) Author: tester7 <herman.viaene@hotmail.be> Date: Wed Apr 22 14:27:07 2020 +0200 new file: Documents/okra/zwemmen.ods diff --git a/Documents/okra/zwemmen.ods b/Documents/okra/zwemmen.ods new file mode 100644 index 0000000..f7f7b7e Binary files /dev/null and b/Documents/okra/zwemmen.ods differ Remark: the "master" does not appear in the prompt after the init. I don't know whether this is really important, but I guess it should be there.
CC: (none) => herman.viaene
Debian and Ubuntu have issued advisories for this on April 20 and 21: https://www.debian.org/security/2020/dsa-4659 https://usn.ubuntu.com/4334-1/
Severity: normal => major
Whiteboard: (none) => MGA7-64-OKCC: (none) => sysadmin-bugsKeywords: (none) => advisory, validated_update
An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2020-0181.html
Resolution: (none) => FIXEDStatus: NEW => RESOLVED