-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Wed, 22 Feb 2023 17:51:09 +0800
Source: git
Architecture: source
Version: 1:2.30.2-1+deb11u2
Distribution: bullseye-security
Urgency: high
Maintainer: Jonathan Nieder <jrnieder@gmail.com>
Changed-By: Aron Xu <aron@debian.org>
Changes:
git (1:2.30.2-1+deb11u2) bullseye-security; urgency=high
.
* Non-maintainer upload by the Security Team.
* CVE-2023-22490: data exfiltration while performing local clone from
malicious repository
* CVE-2023-23946: path traversal vulnerbility in git-apply that a path
outside the working tree can be overwritten as the acting user Checksums-Sha1:
d70cf7b6d7911420705654d67c905be7a625bfbd 2525 git_2.30.2-1+deb11u2.dsc
edacf69b3db1153a083dde7c4f4e58d567a9290b 698392 git_2.30.2-1+deb11u2.debian.tar.xz
4ab4bcb5f3fdd6625b44b1cedc22c091ac01ade7 7429 git_2.30.2-1+deb11u2_source.buildinfo
Checksums-Sha256:
81c919ef1a321ae7c6eb9ecbb29d1c0fc052ffe96d4c8540c04d64cdcc5ed5c6 2525 git_2.30.2-1+deb11u2.dsc
ca456459c18359a34008db6f68cd0f7bf470e3e4eb7093a982b67c51277a0f58 698392 git_2.30.2-1+deb11u2.debian.tar.xz
c118c9d47adbd0d4e58f95696d3d094d2f450730f0b55fd24cebdbad068069ff 7429 git_2.30.2-1+deb11u2_source.buildinfo
Files:
28d001269b7b8b85e55e017dd1d631fe 2525 vcs optional git_2.30.2-1+deb11u2.dsc
311b49f3834c1333bc55c3bc2742200e 698392 vcs optional git_2.30.2-1+deb11u2.debian.tar.xz
aefc9965b634558de2484e07ff46ca65 7429 vcs optional git_2.30.2-1+deb11u2_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQEzBAEBCAAdFiEEhhz+aYQl/Bp4OTA7O1LKKgqv2VQFAmP16E0ACgkQO1LKKgqv 2VRUtQgAsVpJFEMOxjmXhcHX4QYIF9xjUosic4popvuBvbk+3raflcSkGFCYzIeg dNmWltgUgwVcWdcA3HjpQ/2FZzGcJINbKJMJtQsVHRQ3Z7f5LQmdECKC8pCDW/Ro a96ht0qOZF2KpzQMCFFScZv8cc9OqEOMBpkE6ORfa4XZ8qJPc7GOcqDGCecDlh8O pWAOMi4wHtJxOVCv7qx1YMob2rlx9OTEQ1ldUAq9o9lnPeic22Phkb++3j1SbVeJ rJx9Bwh+wUzeeGNwFGje1JJU+itgms/vkSzJ+8BGQMEWqdMRGffiQva5T/RLt1Im EgbLsEwO4bXg71YgiEtiXM0vbhc+cw==
=6MQU
-----END PGP SIGNATURE-----

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)