Index index by Group index by Distribution index by Vendor index by creation date index by Name Mirrors Help Search

git-arch-2.26.2-lp152.2.6.1 RPM for i586

From OpenSuSE Leap 15.2 updates for i586

Name: git-arch Distribution: openSUSE Leap 15.2
Version: 2.26.2 Vendor: openSUSE
Release: lp152.2.6.1 Build date: Sat Mar 13 17:08:05 2021
Group: Development/Tools/Version Control Build host: build78
Size: 39275 Source RPM: git-2.26.2-lp152.2.6.1.src.rpm
Summary: Git tools for importing Arch repositories
Tools for importing GNU Arch repositories to the GIT version control






* Thu Mar 04 2021 Markéta Machová <>
  - On case-insensitive filesystems, with support for symbolic links,
    if Git is configured globally to apply delay-capable clean/smudge
    filters (such as Git LFS), Git could be fooled into running
    remote code during a clone. (bsc#1183026, CVE-2021-21300)
    * checkout-dont-follow-symlinks.patch
* Tue Apr 28 2020 Michal Suchanek <>
  - Protocol v2 in_vain fixes (bsc#1170741, bsc#1170939).
    Dropped: Revert-fetch-default-to-protocol-version-2.patch
    Added:   0001-fetch-pack-return-enum-from-process_acks.patch
* Mon Apr 27 2020 Michal Suchanek <>
  - Add back SuSEfirewall2 support needed for SLE12 (bsc#1170302).
* Tue Apr 21 2020 Michal Suchanek <>
  - With recent switch to protocol v2 people are reporting fetches transferring
    unreasonable amount of data. Upstream proposes switching the protocol back
    until the issue is properly diagnosed. The regression is problematic for
    people with lower network connection speed (bsc#1170741).
    Added: Revert-fetch-default-to-protocol-version-2.patch
* Mon Apr 20 2020 Andreas Stieger <>
  - git 2.26.2:
    * CVE-2020-11008: Specially crafted URLs may have tricked the
      credentials helper to providing credential information that
      is not appropriate for the protocol in use and host being
      contacted (boo#1169936)
* Mon Apr 20 2020 Marketa Calabkova <>
  - Submit to SLE15 / resubmit to Factory (bsc#1169786, jsc#SLE-12396, bsc#1149792)
* Fri Apr 17 2020 Michal Suchanek <>
  - Fix git-daemon not starting after conversion from sysvinit to systemd service
* Tue Apr 14 2020 Andreas Stieger <>
  - git 2.26.1:
    * CVE-2020-5260: Specially crafted URLs with newline characters
      could have been used to make the Git client to send credential
      information for a wrong host to the attacker's site boo#1168930
* Mon Mar 23 2020 Andreas Stieger <>
  - git 2.26.0 (bsc#1167890, jsc#SLE-11608):
    * "git rebase" now uses a different backend that is based on the
      'merge' machinery by default. The 'rebase.backend' configuration
      variable reverts to old behaviour when set to  'apply'
    * Improved handling of sparse checkouts
    * Improvements to many commands and internal features
* Thu Mar 19 2020 Andreas Stieger <>
  - git 2.25.2:
    * bug fixes to various subcommands in specific operations
* Mon Feb 17 2020 Andreas Stieger <>
  - git 2.25.1:
    * "git commit" now honors advise.statusHints
    * various updates, bug fixes and documentation updates
* Tue Jan 14 2020 Marketa Calabkova <>
  - git 2.25.0
    * The branch description ("git branch --edit-description") has been
      used to fill the body of the cover letters by the format-patch
      command; this has been enhanced so that the subject can also be
    * A few commands learned to take the pathspec from the standard input
      or a named file, instead of taking it as the command line
      arguments, with the "--pathspec-from-file" option.
    * Test updates to prepare for SHA-2 transition continues.
    * Redo "git name-rev" to avoid recursive calls.
    * When all files from some subdirectory were renamed to the root
      directory, the directory rename heuristics would fail to detect that
      as a rename/merge of the subdirectory to the root directory, which has
      been corrected.
    * HTTP transport had possible allocator/deallocator mismatch, which
      has been corrected.
    - dropped patch git-skip-test-s390x-aarch64-fail.patch (bsc#1156651)
    * upstream maintainers have skipped the test themselves
* Wed Dec 11 2019 Andreas Stieger <>
  - git 2.24.1:
    * CVE-2019-1348: The --export-marks option of fast-import is
      exposed also via the in-stream command feature export-marks=...
      and it allows overwriting arbitrary paths (boo#1158785)
    * CVE-2019-1349: on Windows, when submodules are cloned
      recursively, under certain circumstances Git could be fooled
      into using the same Git directory twice (boo#1158787)
    * CVE-2019-1350: Incorrect quoting of command-line arguments
      allowed remote code execution during a recursive clone in
      conjunction with SSH URLs (boo#1158788)
    * CVE-2019-1351: on Windows mistakes drive letters outside of
      the US-English alphabet as relative paths (boo#1158789)
    * CVE-2019-1352: on Windows was unaware of NTFS Alternate Data
      Streams (boo#1158790)
    * CVE-2019-1353: when run in the Windows Subsystem for Linux
      while accessing a working directory on a regular Windows
      drive, none of the NTFS protections were active (boo#1158791)
    * CVE-2019-1354: on Windows refuses to write tracked files with
      filenames that contain backslashes (boo#1158792)
    * CVE-2019-1387: Recursive clones vulnerability that is caused
      by too-lax validation of submodule names, allowing very
      targeted attacks via remote code execution in recursive
      clones (boo#1158793)
    * CVE-2019-19604: a recursive clone followed by a submodule
      update could execute code contained within the repository
      without the user explicitly having asked for that (boo#1158795)
* Fri Nov 29 2019 Stefan Brüns <>
  - Guard xmlto/sgml-skel BuildRequires by docs bcond.
  - Fix building with asciidoctor and without DocBook4 stylesheets:
    * Add 0002-Also-use-DocBook-5-stylesheet-when-generating-HTML-o.patch
    * Refresh 0001-DOC-Move-to-DocBook-5-when-using-asciidoctor.patch
  - Spec file cleanup, remove conditionals for obsolete/EOLed distros.
  - Drop curl (executable) BuildRequires, only required by some skipped
    tests (skipped as these have an apache2 prerequisite).
* Fri Nov 29 2019 Marketa Calabkova <>
  - added patch git-skip-test-s390x-aarch64-fail.patch
    * workaround for bsc#1156651
* Mon Nov 04 2019 Andreas Schwab <>
  - 0001-DOC-Move-to-DocBook-5-when-using-asciidoctor.patch: Don't remove
    "-x manpage.xsl" option
  - BuildRequire docbook5-xsl-stylesheets
* Mon Nov 04 2019 Marketa Calabkova <>
  - git 2.24.0
    * The command line parser learned "--end-of-options" notation.
    * A mechanism to affect the default setting for a (related) group of
      configuration variables is introduced.
    * "git fetch" learned "--set-upstream" option to help those who first
      clone from their private fork they intend to push to, add the true
      upstream via "git remote add" and then "git fetch" from it.
    * fixes and improvements to UI, workflow and features, bash completion fixes
  - modified patch 0001-DOC-Move-to-DocBook-5-when-using-asciidoctor.patch
    * part of it merged upstream
    * the Makefile attempted to download some documentation, banned
* Mon Oct 07 2019 Marketa Calabkova <>
  - Complete (but maybe a bit too generous) fix of bsc#1112230
* Thu Oct 03 2019 Marketa Calabkova <>
  - These patches have been merged upstream a long time ago, no longer needed:
    * 0001-submodule-helper-use-to-signal-end-of-clone-options.patch
    * 0002-submodule-config-ban-submodule-urls-that-start-with-.patch
    * 0003-submodule-config-ban-submodule-paths-that-start-with.patch
    * git-mark-path-lookup-errors.patch
* Sun Aug 18 2019 Andreas Stieger <>
  - git 2.23.0:
    * The "--base" option of "format-patch" computed the patch-ids for
      prerequisite patches in an unstable way, which has been updated
      to compute in a way that is compatible with "git patch-id
    - -stable".
    * The "git log" command by default behaves as if the --mailmap
      option was given.
    * fixes and improvements to UI, workflow and features
* Wed Aug 14 2019 Marketa Calabkova <>
  - git 2.22.1
    * A relative pathname given to "git init --template=<path> <repo>"
    ought to be relative to the directory "git init" gets invoked in,
    but it instead was made relative to the repository, which has been
    * "git worktree add" used to fail when another worktree connected to
    the same repository was corrupt, which has been corrected.
    * "git am -i --resolved" segfaulted after trying to see a commit as
    if it were a tree, which has been corrected.
    * "git merge --squash" is designed to update the working tree and the
    index without creating the commit, and this cannot be countermanded
    by adding the "--commit" option; the command now refuses to work
    when both options are given.
    * Update to Unicode 12.1 width table.
    * "git request-pull" learned to warn when the ref we ask them to pull
    from in the local repository and in the published repository are
    * "git fetch" into a lazy clone forgot to fetch base objects that are
    necessary to complete delta in a thin packfile, which has been
    * The URL decoding code has been updated to avoid going past the end
    of the string while parsing %-<hex>-<hex> sequence.
    * "git clean" silently skipped a path when it cannot lstat() it; now
    it gives a warning.
    * "git rm" to resolve a conflicted path leaked an internal message
    "needs merge" before actually removing the path, which was
    confusing. This has been corrected.
    * Many more bugfixes and code cleanups.
* Wed Jul 24 2019
  - removal of SuSEfirewall2 service, since SuSEfirewall2 has been replaced by
    firewalld, see [1].
* Mon Jul 15 2019 Marketa Calabkova <>
  - partial fix for bsc#1112230 (git instaweb gives 500 error)
* Mon Jun 10 2019 Marketa Calabkova <>
  - git 2.22.0
    * The filter specification "--filter=sparse:path=<path>" used to
    create a lazy/partial clone has been removed. Using a blob that is
    part of the project as sparse specification is still supported with
    the "--filter=sparse:oid=<blob>" option
    * "git checkout --no-overlay" can be used to trigger a new mode of
    checking out paths out of the tree-ish, that allows paths that
    match the pathspec that are in the current index and working tree
    and are not in the tree-ish.
    * Four new configuration variables {author,committer}.{name,email}
    have been introduced to override user.{name,email} in more specific
    * "git branch" learned a new subcommand "--show-current".
    * The command line completion (in contrib/) has been taught to
    complete more subcommand parameters.
    * The completion helper code now pays attention to repository-local
    configuration (when available), which allows --list-cmds to honour
    a repository specific setting of completion.commands, for example.
    * The list of conflicted paths shown in the editor while concluding a
    conflicted merge was shown above the scissors line when the
    clean-up mode is set to "scissors", even though it was commented
    out just like the list of updated paths and other information to
    help the user explain the merge better.
    * "git rebase" that was reimplemented in C did not set ORIG_HEAD
    correctly, which has been corrected.
    * "git worktree add" used to do a "find an available name with stat
    and then mkdir", which is race-prone. This has been fixed by using
    mkdir and reacting to EEXIST in a loop.
  - Removed upstreamed patch worktree-fix-worktree-add-race.patch
    * previous item
* Wed May 08 2019 Dominique Leuenberger <>
  - Add 0001-DOC-Move-to-DocBook-5-when-using-asciidoctor.patch: Move
    to DocBook 5.x. Asciidoctor 2.x no longer supports the legacy
    DocBook 4.5 format.
* Sun Apr 14 2019 Christian Boltz <>
  - update git-web AppArmor profile for bash and tar usrMerge (boo#1132350)
* Mon Feb 25 2019 Marketa Calabkova <>
  - git 2.21.0
    * Historically, the "-m" (mainline) option can only be used for "git
      cherry-pick" and "git revert" when working with a merge commit.
      This version of Git no longer warns or errors out when working with
      a single-parent commit, as long as the argument to the "-m" option
      is 1 (i.e. it has only one parent, and the request is to pick or
      revert relative to that first parent). Scripts that relied on the
      behaviour may get broken with this change.
    * Small fixes and features for fast-export and fast-import.
    * The "http.version" configuration variable can be used with recent
      enough versions of cURL library to force the version of HTTP used
      to talk when fetching and pushing.
    * "git push $there $src:$dst" rejects when $dst is not a fully
      qualified refname and it is not clear what the end user meant.
    * Update "git multimail" from the upstream.
    * A new date format "--date=human" that morphs its output depending
      on how far the time is from the current time has been introduced.
      "--date=auto:human" can be used to use this new format (or any
      existing format) when the output is going to the pager or to the
      terminal, and otherwise the default format.
* Wed Feb 13 2019 Michal Suchanek <>
  - Fix worktree creation race (bsc#1114225).
* Tue Jan 22 2019 Marketa Calabkova <>
  - the proper way how to add shadow dependency, only the -daemon
    subpackage uses the shadow package
* Sun Jan 20 2019 Hans-Peter Jansen <>
  - add shadow build dependency: pre/postinstall script checks fail
    for 42.3 otherwise
* Fri Jan 11 2019 Dominique Leuenberger <>
  - Do not BuildRequire apache2:
    + it is only in the build chain for the directory ownership.
      Let's just own the directories ourselves.
    + This actually also fixes the issue that installing, then
      uninstalling git-web, without apache2 being present on the
      machine, leaves those directories stale on the disk.
* Sun Dec 16 2018
  - git 2.20.1:
    * portability fixes
    * "git help -a" did not work well when an overly long alias was
    * no longer squelched an error message when the run_command API
      failed to run a missing command
* Mon Dec 10 2018 Marketa Calabkova <>
  - git 2.20.0
    * "git help -a" now gives verbose output (same as "git help -av").
    Those who want the old output may say "git help --no-verbose -a"..
    * "git send-email" learned to grab address-looking string on any
    trailer whose name ends with "-by".
    * "git format-patch" learned new "--interdiff" and "--range-diff"
    options to explain the difference between this version and the
    previous attempt in the cover letter (or after the three-dashes as
    a comment).
    * Developer builds now use -Wunused-function compilation option.
    * Fix a bug in which the same path could be registered under multiple
    worktree entries if the path was missing (for instance, was removed
    manually).  Also, as a convenience, expand the number of cases in
    which --force is applicable.
    * The overly large Documentation/config.txt file have been split into
    million little pieces.  This potentially allows each individual piece
    to be included into the manual page of the command it affects more easily.
    * Malformed or crafted data in packstream can make our code attempt
    to read or write past the allocated buffer and abort, instead of
    reporting an error, which has been fixed.
    * Fix for a long-standing bug that leaves the index file corrupt when
    it shrinks during a partial commit.
    * "git merge" and "git pull" that merges into an unborn branch used
    to completely ignore "--verify-signatures", which has been
    * ...and much more features and fixes
* Wed Dec 05 2018 Hans-Peter Jansen <>
  - group(nogroup) is provided with Leap 15 onwards only
* Tue Dec 04 2018 Jan Engelhardt <>
  - Use Requires(pre).
  - Do not ignore error returns from useradd.
  - Package descriptions need not be wrapped in %if..%endif.
* Fri Nov 30 2018 Marketa Calabkova <>
  - Avoid boo#1082023 - git send-email fails to authenticate with
    SMTP server
* Mon Nov 26 2018 Marketa Calabkova <>
  - fix CVE-2018-19486 (bsc#1117257)
    * git-mark-path-lookup-errors.patch
* Wed Nov 21 2018
  - git 2.19.2:
    * various bug fixes for multiple subcommands and operations
* Mon Oct 08 2018
  - Fix VUL-0: arbitrary code execution via .gitmodules
    (CVE-2018-17456, bsc#1110949):
* Fri Oct 05 2018
  - git 2.19.1:
    * CVE-2018-17456: Specially crafted .gitmodules files may have
      allowed arbitrary code execution when the repository is cloned
      with --recurse-submodules (bsc#1110949)
* Tue Sep 11 2018 Petr Vorel <>
  - git 2.19.0:
    * "git diff" compares the index and the working tree.  For paths
    added with intent-to-add bit, the command shows the full contents
    of them as added, but the paths themselves were not marked as new
    files.  They are now shown as new by default.
    * "git apply" learned the "--intent-to-add" option so that an
    otherwise working-tree-only application of a patch will add new
    paths to the index marked with the "intent-to-add" bit.
    * "git grep" learned the "--column" option that gives not just the
    line number but the column number of the hit.
    * The "-l" option in "git branch -l" is an unfortunate short-hand for
    "--create-reflog", but many users, both old and new, somehow expect
    it to be something else, perhaps "--list".  This step warns when "-l"
    is used as a short-hand for "--create-reflog" and warns about the
    future repurposing of the it when it is used.
    * The userdiff pattern for .php has been updated.
    * The content-transfer-encoding of the message "git send-email" sends
    out by default was 8bit, which can cause trouble when there is an
    overlong line to bust RFC 5322/2822 limit.  A new option 'auto' to
    automatically switch to quoted-printable when there is such a line
    in the payload has been introduced and is made the default.
    * "git checkout" and "git worktree add" learned to honor
    checkout.defaultRemote when auto-vivifying a local branch out of a
    remote tracking branch in a repository with multiple remotes that
    have tracking branches that share the same names.
    (merge 8d7b558bae ab/checkout-default-remote later to maint).
    * "git grep" learned the "--only-matching" option.
    * "git rebase --rebase-merges" mode now handles octopus merges as
    * Add a server-side knob to skip commits in exponential/fibbonacci
    stride in an attempt to cover wider swath of history with a smaller
    number of iterations, potentially accepting a larger packfile
    transfer, instead of going back one commit a time during common
    ancestor discovery during the "git fetch" transaction.
    (merge 42cc7485a2 jt/fetch-negotiator-skipping later to maint).
    * A new configuration variable core.usereplacerefs has been added,
    primarily to help server installations that want to ignore the
    replace mechanism altogether.
    * Teach "git tag -s" etc. a few configuration variables (gpg.format
    that can be set to "openpgp" or "x509", and gpg.<format>.program
    that is used to specify what program to use to deal with the format)
    to allow x.509 certs with CMS via "gpgsm" to be used instead of
    openpgp via "gnupg".
    * Many more strings are prepared for l10n.
    * "git p4 submit" learns to ask its own pre-submit hook if it should
    continue with submitting.
    * The test performed at the receiving end of "git push" to prevent
    bad objects from entering repository can be customized via
    receive.fsck.* configuration variables; we now have gained a
    counterpart to do the same on the "git fetch" side, with
    fetch.fsck.* configuration variables.
    * "git pull --rebase=interactive" learned "i" as a short-hand for
    * "git instaweb" has been adjusted to run better with newer Apache on
    RedHat based distros.
    * "git range-diff" is a reimplementation of "git tbdiff" that lets us
    compare individual patches in two iterations of a topic.
    * The sideband code learned to optionally paint selected keywords at
    the beginning of incoming lines on the receiving end.
    * "git branch --list" learned to take the default sort order from the
    'branch.sort' configuration variable, just like "git tag --list"
    pays attention to 'tag.sort'.
    * "git worktree" command learned "--quiet" option to make it less
* Mon Aug 27 2018
  - State zlib-devel in deps, previously magically pulled in by
* Mon Jun 25 2018
  - git 2.18.0:
    * improvements to rename detection logic
    * When built with more recent cURL, GIT_SSL_VERSION can now
      specify "tlsv1.3" as its value.
    * "git mergetools" learned talking to guiffy.
    * various other workflow improvements and fixes
    * performance improvements and other developer visible fixes
  - drop git-bash-completion-egrep-color-fix.diff no longer required
* Wed May 30 2018
  - Update to git 2.16.4: security fix release
    * path sanity-checks on NTFS can read arbitrary memory
      (CVE-2018-11233, bsc#1095218)
    * arbitrary code execution when recursively cloning a malicious
      repository (CVE-2018-11235, bsc#1095219)
* Tue May 29 2018
  - git 2.17.1
    * Submodule "names" come from the untrusted .gitmodules file, but
    we blindly append them to $GIT_DIR/modules to create our on-disk
    repo paths. This means you can do bad things by putting "../"
    into the name. We now enforce some rules for submodule names
    which will cause Git to ignore these malicious names
    (CVE-2018-11235, bsc#1095219)
    * It was possible to trick the code that sanity-checks paths on
    NTFS into reading random piece of memory
    (CVE-2018-11233, bsc#1095218)
    * Support on the server side to reject pushes to repositories
    that attempt to create such problematic .gitmodules file etc.
    as tracked contents, to help hosting sites protect their
    customers by preventing malicious contents from spreading.
* Thu May 24 2018
  - Fix docless build to not fail on find/chmod not having any files
  - Require just python3-base not full python for build
* Sat May 19 2018
  - git 2.17.0:
    * "diff" family of commands learned "--find-object=<object-id>" option
      to limit the findings to changes that involve the named object.
    * "git format-patch" learned to give 72-cols to diffstat, which is
      consistent with other line length limits the subcommand uses for
      its output meant for e-mails.
    * The log from "git daemon" can be redirected with a new option; one
      relevant use case is to send the log to standard error (instead of
      syslog) when running it from inetd.
    * "git rebase" learned to take "--allow-empty-message" option.
    * "git am" has learned the "--quit" option, in addition to the
      existing "--abort" option; having the pair mirrors a few other
      commands like "rebase" and "cherry-pick".
    * "git worktree add" learned to run the post-checkout hook, just like
      "git clone" runs it upon the initial checkout.
    * "git tag" learned an explicit "--edit" option that allows the
      message given via "-m" and "-F" to be further edited.
    * "git fetch --prune-tags" may be used as a handy short-hand for
      getting rid of stale tags that are locally held.
    * The new "--show-current-patch" option gives an end-user facing way
      to get the diff being applied when "git rebase" (and "git am")
      stops with a conflict.
    * "git add -p" used to offer "/" (look for a matching hunk) as a
      choice, even there was only one hunk, which has been corrected.
      Also the single-key help is now given only for keys that are
      enabled (e.g. help for '/' won't be shown when there is only one
    * Since Git 1.7.9, "git merge" defaulted to --no-ff (i.e. even when
      the side branch being merged is a descendant of the current commit,
      create a merge commit instead of fast-forwarding) when merging a
      tag object.  This was appropriate default for integrators who pull
      signed tags from their downstream contributors, but caused an
      unnecessary merges when used by downstream contributors who
      habitually "catch up" their topic branches with tagged releases
      from the upstream.  Update "git merge" to default to --no-ff only
      when merging a tag object that does *not* sit at its usual place in
      refs/tags/ hierarchy, and allow fast-forwarding otherwise, to
      mitigate the problem.
    * "git status" can spend a lot of cycles to compute the relation
      between the current branch and its upstream, which can now be
      disabled with "--no-ahead-behind" option.
    * "git diff" and friends learned funcname patterns for Go language
      source files.
    * "git send-email" learned "--reply-to=<address>" option.
    * Funcname pattern used for C# now recognizes "async" keyword.
    * In a way similar to how "git tag" learned to honor the pager
      setting only in the list mode, "git config" learned to ignore the
      pager setting when it is used for setting values (i.e. when the
      purpose of the operation is not to "show").
* Tue Mar 27 2018
  - Use %license instead of %doc [bsc#1082318]
* Fri Mar 23 2018
  - git 2.16.3:
    * "git status" after moving a path in the working tree (hence
      making it appear "removed") and then adding with the -N option
      (hence making that appear "added") detected it as a rename, but
      did not report the  old and new pathnames correctly.
    * "git commit --fixup" did not allow "-m<message>" option to be
      used at the same time; allow it to annotate resulting commit
      with more text.
    * When resetting the working tree files recursively, the working
      tree of submodules are now also reset to match.
    * Fix for a commented-out code to adjust it to a rather old API
      change around object ID.
    * When there are too many changed paths, "git diff" showed a
      warning message but in the middle of a line.
    * The http tracing code, often used to debug connection issues,
      learned to redact potentially sensitive information from its
      output so that it can be more safely sharable.
    * Crash fix for a corner case where an error codepath tried to
      unlock what it did not acquire lock on.
    * The split-index mode had a few corner case bugs fixed.
    * Assorted fixes to "git daemon".
    * Completion of "git merge -s<strategy>" (in contrib/) did not
      work well in non-C locale.
    * Workaround for segfault with more recent versions of SVN.
    * Recently introduced leaks in fsck have been plugged.
    * Travis CI integration now builds the executable in 'script'
      phase to follow the established practice, rather than during
      'before_script' phase.  This allows the CI categorize the
      failures better ('failed' is project's fault, 'errored' is
      build environment's).
* Thu Mar 08 2018
  - Drop superfluous xinetd snippet, no longer used (bsc#1084460)
* Tue Mar 06 2018
  - Build with asciidoctor for the recent distros (bsc#1075764)
* Mon Feb 26 2018
  - Move %{?systemd_requires} to daemon subpackage
* Wed Feb 21 2018
  - Create subpackage for libsecret credential helper.
* Sun Feb 18 2018
  - git 2.16.2:
    * An old regression in "git describe --all $annotated_tag^0" has
    been fixed.
    * "git svn dcommit" did not take into account the fact that a
    svn+ssh:// URL with a username@ (typically used for pushing)
    refers to the same SVN repository without the username@ and
    failed when svn.pushmergeinfo option is set.
    * "git merge -Xours/-Xtheirs" learned to use our/their version
    when resolving a conflicting updates to a symbolic link.
    * "git clone $there $here" is allowed even when here directory
    exists as long as it is an empty directory, but the command
    incorrectly removed it upon a failure of the operation.
    * "git stash -- <pathspec>" incorrectly blew away untracked files
    in the directory that matched the pathspec, which has been
    * "git add -p" was taught to ignore local changes to submodules
    as they do not interfere with the partial addition of regular
    changes anyway.
* Tue Jan 23 2018
  - git 2.16.1:
    * "git clone" segfaulted when cloning a project that happens to
      track two paths that differ only in case on a case insensitive
* Fri Jan 19 2018
  - git 2.16.0 (CVE-2017-15298, bsc#1063412):
    * See
  - partial cleanup with spec-cleaner
  - drop git-gui-tclIndex.patch
    * merged upstream in da10ea373b80cc8bf8efca5acb1d11ecf410fb0c
* Fri Dec 01 2017
  - git 2.15.1:
    * fix "auto" column output
    * fixes to moved lines diffing
    * documentation updates
    * fix use of repositories immediately under the root directory
    * improve usage of libsecret
    * fixes to various error conditions in git commands
* Tue Nov 28 2017
  - Rewrite from sysv init to systemd unit file for git-daemon
* Thu Nov 23 2017
  - Replace references to /var/adm/fillup-templates with new
    %_fillupdir macro (boo#1069468)
* Thu Nov 09 2017
  - split off p4 to a subpackage (bsc#1067502)
  - do not buildrequire asciidoc (dependent on Python 2) when
    not building docs
  - switch to Python 3 for tests
* Mon Nov 06 2017
  - Build with the external libsha1detectcoll (bsc#1042644)
* Wed Nov 01 2017
  - git 2.15.0:
    * Use of an empty string as a pathspec element that is used for
    'everything matches' is still warned and Git asks users to use a
      more explicit '.' for that instead. Removal scheduled for 2.16
    * Git now avoids blindly falling back to ".git" when the setup
      sequence said we are _not_ in Git repository (another corner
      case removed)
    * "branch --set-upstream" was retired, deprecated since 1.8
    * many other improvements and updates
* Mon Oct 23 2017
  - git 2.14.3:
    * git send-email understands more cc: formats
    * fixes so gitk --bisect
    * git commit-tree fixed to handle -F file alike
    * Prevent segfault in "git cat-file --textconv"
    * Fix function header parsing for HTML
    * Various small fixes to user commands and and internal functions
* Tue Sep 26 2017
  - git 2.14.2:
    * fixes to color output
    * http.{sslkey,sslCert} now interpret "~[username]/" prefix
    * fixes to walking of reflogs via "log -g" and friends
    * various fixes to output correctness
    * "git push --recurse-submodules $there HEAD:$target" is now
      propagated down to the submodules
    * "git clone --recurse-submodules --quiet" c$how propagates quiet
      option down to submodules.
    * "git svn --localtime" correctness fixes
    * "git grep -L" and "git grep --quiet -L" now report same exit code
    * fixes to "git apply" when converting line endings
    * Various Perl scripts did not use safe_pipe_capture() instead
      of backticks, leaving them susceptible to end-user input.
      CVE-2017-14867 bsc#1061041
    * "git cvsserver" no longer is invoked by "git daemon" by
* Thu Aug 10 2017
  - git 2.14.1 (bsc#1052481):
    * Security fix for CVE-2017-1000117: A malicious third-party can
      give a crafted "ssh://..." URL to an unsuspecting victim, and
      an attempt to visit the URL can result in any program that
      exists on the victim's machine being executed. Such a URL could
      be placed in the .gitmodules file of a malicious project, and
      an unsuspecting victim could be tricked into running
      "git clone --recurse-submodules" to trigger the vulnerability.
    * A "ssh://..." URL can result in a "ssh" command line with a
      hostname that begins with a dash "-", which would cause the
      "ssh" command to instead (mis)treat it as an option. This is
      now prevented by forbidding such a hostname (which should not
      impact any real-world usage).
    * Similarly, when GIT_PROXY_COMMAND is configured, the command
      is run with host and port that are parsed out from "ssh://..."
      URL; a poorly written GIT_PROXY_COMMAND could be tricked into
      treating a string that begins with a dash "-" as an option.
      This is now prevented by forbidding such a hostname and port
      number (again, which should not impact any real-world usage).
    * In the same spirit, a repository name that begins with a dash
      "-" is also forbidden now.
* Sat Aug 05 2017
  - git 2.14.0:
    * Use of an empty string as a pathspec element that is used for
      'everything matches' is deprecated, use '.'
    * Avoid blindly falling back to ".git" when the setup sequence
      indicates operation not on a Git repository
    * "indent heuristics" are now the default.
    * Builds with pcre2
    * Many bug fixes, improvements and updates
* Wed Aug 02 2017
  - git 2.13.4:
    * Update the character width tables.
    * Fix an alias that contained an uppercase letter
    * Progress meter fixes
    * git gc concurrency fixes
* Thu Jul 13 2017
  - git 2.13.3:
    * various internal bug fixes
    * Fix a  regression to "git rebase -i"
    * Correct unaligned 32-bit access in pack-bitmap code
    * Tighten error checks for invalid "git apply" input
    * The split index code did not honor core.sharedrepository setting
    * Fix "git branch --list" handling of color.branch.local
* Sun Jun 25 2017
  - git 2.13.2:
    * "collision detecting" SHA-1 update for platform fixes
    * "git checkout --recurse-submodules" did not quite work with a
      submodule that itself has submodules.
    * The "run-command" API implementation has been made more robust
      against dead-locking in a threaded environment.
    * "git clean -d" now only cleans ignored files with "-x"
    * "git status --ignored"  did not list ignored and untracked files
      without "-uall"
    * "git pull --rebase --autostash" didn't auto-stash when the local
      history fast-forwards to the upstream.
    * "git describe --contains" gives as much weight to lightweight
      tags as annotated tags
    * Fix "git stash push <pathspec>" from a subdirectory
* Mon Jun 05 2017
  - git 2.13.1:
    * Setting "log.decorate=false" in the configuration file did not
      take effect in v2.13, which has been corrected.
    * corrections to documentation and command help output
    * garbage collection fixes
    * memory leaks fixed
    * receive-pack now makes sure that the push certificate records
      the same set of push options used for pushing
    * shell completion corrections for git stash
    * fix "git clone --config var=val" with empty strings
    * internal efficiency improvements
    * Update sha1 collision detection code for big-endian platforms
      and platforms not supporting unaligned fetches
* Sat May 27 2017
  - Fix packaging of documentation
* Wed May 10 2017
  - git 2.13.0:
    * empty string as a pathspec element for 'everything matches'
      is still warned, for future removal.
    * deprecated argument order "git merge <msg> HEAD <commit>..."
      was removed
    * default location "~/.git-credential-cache/socket" for the
      socket used to communicate with the credential-cache daemon
      moved to "~/.cache/git/credential/socket".
    * now avoid blindly falling back to ".git" when the setup
      sequence indicated otherwise
    * many workflow features, improvements and bug fixes
    * add a hardened implementation of SHA1 in response to practical
      collision attacks (CVE-2005-4900, bsc#1042640)
* Wed May 10 2017
  - git 2.12.3:
    * CVE-2017-8386: On a server running git-shell as login shell to
      restrict user to git commands, remote users may have been able
      to have git service programs spawn an interactive pager
      and thus escape the shell restrictions. (bsc#1038395)
* Sat Mar 25 2017
  - git 2.12.2:
    * CLI output fixes
    * "Dump http" transport fixes
    * various fixes for internal code paths
    * Trailer "Cc:" RFC fix
* Tue Mar 21 2017
  - git 2.12.1:
    * Reduce authentication round-trip over HTTP when the server
      supports just a single authentication method.
    * "git add -i" patch subcommand fixed to have a path selection
    * various path verification fixes
    * fix "git log -L..." buffer overrun
* Tue Mar 07 2017
  - Submit version 2.12.0 to SLE-12 (fate#322294, bsc#977477)
* Fri Feb 24 2017
  - git 2.12.0:
    * Use of an empty string that is used for 'everything matches' is
      still warned and Git asks users to use a more explicit '.' for that
      instead.  The hope is that existing users will not mind this
      change, and eventually the warning can be turned into a hard error,
      upgrading the deprecation into removal of this (mis)feature.  That
      is not scheduled to happen in the upcoming release (yet).
    * The historical argument order "git merge <msg> HEAD <commit>..."
      has been deprecated for quite some time, and will be removed in a
      future release.
    * An ancient script "git relink" has been removed.
* Thu Feb 09 2017
  - Explicitly package %{_docdir}/%{name} to fix build with RPM 4.13.
* Fri Feb 03 2017
  - git 2.11.1:
    * The default Travis-CI configuration specifies newer P4 and GitLFS.
    * The character width table has been updated to match Unicode 9.0
    * various fixes affecting multiple subcommands for correctness,
      bugs, and unexpected behavior.
    * documentation updates
    * git-svn updates
* Wed Feb 01 2017
  - Refresh all patches to update line numbers
  - Add old bug reference to allow submission to SLE-12
* Fri Dec 09 2016
  - git-gui: Sort entries in optimized tclIndex
* Wed Nov 30 2016
  - git 2.11.0:
    * backward compatibility:
      + empty string (matching everything) used as pathspec now
      triggers a warning
      + historical argument order "git merge <msg> HEAD <commit>..."
      is deprecated
      +  default abbreviation length of 7 now scales by repo size
    * updates
      + new version of git-gui
      + many new command line and configuration options
      + many workflow and output improvements
    * dropped upstreamed patches:
      + git-setup-i18n-fix.patch
      + git-tclIndex.patch
* Sat Oct 29 2016
  - git 2.10.2:
    * minor bug fixes
    * internal code improvements
    * documentation updates
* Tue Oct 04 2016
  - git 2.10.1:
    * documentation and command output updates
    * Prevents loops on submodules with broken metadata
    * Forbid removal of the symbolic reference HEAD
    * Update Japanese translation for "git-gui".
    * Fix "git commit-tree" reading commit.gpgsign configuration
    * Ignore merges when matching with "git log --cherry-pick"
    * Fix "git format-patch --base=..." usage of signature separator
    * "git add --chmod=+x <pathspec>" added recently only toggled the
    executable bit for paths that are either new or modified. This has
    been corrected to flip the executable bit for all paths that match
    the given pathspec.
* Wed Sep 07 2016
  - fix shell lib include path in git-sh-setup (boo#1011169)
    adding git-setup-i18n-fix.patch
* Sat Sep 03 2016
  - git 2.10.0, feature and bugfix update:
    * various workflow output improvements
    * various improvements and extensions of command line options
    * A handful of "git svn" updates.
    * internal performance improvements
* Wed Aug 31 2016
  - Reduce build-compare noise
* Sat Aug 13 2016
  - git 2.9.3:
    * many compatible fixes and improvements to various git commands
      and functions
* Sat Jul 16 2016
  - git 2.9.2:
    * fix test suite failues with 64 bit timestamps
* Tue Jul 12 2016
  - git 2.9.1:
    * socket-level KEEPALIVE for git daemon
    * Various compatible workflow and UI fixes
    * Various optimisations and documentation updates
    * Fix regression in v2.9 affecting "clone --depth"
* Mon Jun 13 2016
  - git 2.9.0:
    * commands in the "git diff" and "git log" family by default
      enable the rename detection; use "diff.renames" configuration
      variable to disable this.
    * merging two branches that have no common ancestor with "git
      merge" is by default forbidden now to prevent creating such an
      unusual merge by mistake.
    * output formats of "git log" that indents the commit log message
      by 4 spaces now expands HT in the log message by default.
      The "--no-expand-tabs" option disables this.
    * "git commit-tree" plumbing command required the user to always
      sign its result when the user sets the commit.gpgsign
      configuration variable, this is no longer the case. Scrips
      using commit-tree which may rely on this mistake no needs to
      read commit.gpgsign and pass the -S option as necessary.
    * Many more bug fixes and minor updates.
* Tue Jun 07 2016
  - git 2.8.4:
    * Documentation updates
    * "git fsck" learned to catch NUL byte in a commit object as
      potential error and warn.
    * "git describe --contains" improvements
    * Treat "http.cookieFile" config as a path
    * Suggest "submodule deinit --all" for deinitializing all submodules
    * A couple of bugs around core.autocrlf have been fixed.
    * "git difftool" learned to handle unmerged paths correctly in
      dir-diff mode.
* Thu May 19 2016
  - git 2.8.3:
    * "git send-email" now uses a more readable timestamps when
    formulating a message ID.
    * When "git worktree" feature is in use, "git branch -d" allowed
    deletion of a branch that is checked out in another worktree
    * When "git worktree" feature is in use, "git branch -m" renamed a
    branch that is checked out in another worktree without adjusting
    the HEAD symbolic ref for the worktree.
    * "git format-patch --help" showed `-s` and `--no-patch` as if these
    are valid options to the command.  We already hide `--patch` option
    from the documentation, because format-patch is about showing the
    diff, and the documentation now hides these options as well.
    * A change back in version 2.7 to "git branch" broke display of a
    symbolic ref in a non-standard place in the refs/ hierarchy (we
    expect symbolic refs to appear in refs/remotes/*/HEAD to point at
    the primary branch the remote has, and as .git/HEAD to point at the
    branch we locally checked out).
    * A partial rewrite of "git submodule" in the 2.7 timeframe changed
    the way the gitdir: pointer in the submodules point at the real
    repository location to use absolute paths by accident.  This has
    been corrected.
    * "git commit" misbehaved in a few minor ways when an empty message
    is given via -m '', all of which has been corrected.
    * Support for CRAM-MD5 authentication method in "git imap-send" did
    not work well.
    * The socks5:// proxy support added back in 2.6.4 days was not aware
    that socks5h:// proxies behave differently.
    * "git config" had a codepath that tried to pass a NULL to
    printf("%s"), which nobody seems to have noticed.
    * "git replace -e" did not honour "core.editor" configuration.
    * "git submodule" reports the paths of submodules the command
    recurses into, but this was incorrect when the command was not run
    from the root level of the superproject.
    * The "user.useConfigOnly" configuration variable makes it an error
    if users do not explicitly set and  However,
    its check was not done early enough and allowed another error to
    trigger, reporting that the default value we guessed from the
    system setting was unusable.  This was a suboptimal end-user
    experience as we want the users to set without
    relying on the auto-detection at all.
    * "git mv old new" did not adjust the path for a submodule that lives
    as a subdirectory inside old/ directory correctly.
    * "git push" from a corrupt repository that attempts to push a large
    number of refs deadlocked; the thread to relay rejection notices
    for these ref updates blocked on writing them to the main thread,
    after the main thread at the receiving end notices that the push
    failed and decides not to read these notices and return a failure.
    * A question by "git send-email" to ask the identity of the sender
    has been updated.
    * Recent update to Git LFS broke "git p4" by changing the output from
    its "lfs pointer" subcommand.
    * Some multi-byte encoding can have a backslash byte as a later part
    of one letter, which would confuse "highlight" filter used in
* Sat Apr 30 2016
  - git 2.8.2:
    * "index-pack --keep=<msg>" was broken since v2.1.0 timeframe.
    * "git config --get-urlmatch", unlike other variants of the "git
    config --get" family, did not signal error with its exit status
    when there was no matching configuration.
    * The "--local-env-vars" and "--resolve-git-dir" options of "git
    rev-parse" failed to work outside a repository when the command's
    option parsing was rewritten in 1.8.5 era.
    * Fetching of history by naming a commit object name directly didn't
    work across remote-curl transport.
    * A small memory leak in an error codepath has been plugged in xdiff
    * "git mergetool" did not work well with conflicts that both sides
    * "git send-email" had trouble parsing alias file in mailrc format
    when lines in it had trailing whitespaces on them.
    * When "git merge --squash" stopped due to conflict, the concluding
    "git commit" failed to read in the SQUASH_MSG that shows the log
    messages from all the squashed commits.
    * "git merge FETCH_HEAD" dereferenced NULL pointer when merging
    nothing into an unborn history (which is arguably unusual usage,
    which perhaps was the reason why nobody noticed it).
    * "git diff -M" used to work better when two originally identical
    files A and B got renamed to X/A and X/B by pairing A to X/A and B
    to X/B, but this was broken in the 2.0 timeframe.
    * "git send-pack --all <there>" was broken when its command line
    option parsing was written in the 2.6 timeframe.
    * When running "git blame $path" with unnormalized data in the index
    for the path, the data in the working tree was blamed, even though
    "git add" would not have changed what is already in the index, due
    to "safe crlf" that disables the line-end conversion.  It has been
* Mon Apr 18 2016
  - add desktop entry for the git gui
* Sun Apr 03 2016
  - git 2.8.1:
    * make rpmbuild target was broken, unused in openSUSE package
* Fri Apr 01 2016
  - git 2.8.0
    * Backward compatibility:
      + The rsync:// transport has been removed.
    * various subcommands improvements
    * various output improvements
    * improved handling of notes
    * improved handling of end of line styles
    * http.proxyAuthMethod configures proxy authentication method
    * new "<branch>^{/!-<pattern>}" notation
    * "user.useConfigOnly" configuration variable forces individual
      project configuration
    * "git fetch" and friends that make network connections can now be
      told to only use ipv4 (or ipv6).
    * http.[<url>.]pinnedpubkey to specify the pinned public key
    * bug fixes and performance improvements
* Thu Mar 17 2016
  - git 2.7.4:
    Fix remote code execution via buffer overflow (CVE-2016-2315,
    CVE-2016-2324, bsc#971328)
    * plug heap corruption holes
    * catch integer overflow in the computation of pathname lengths
    * get rid of the name_path API. Both of
    These would have resulted in writing over an under-allocated
    buffer when formulating pathnames while tree traversal.
* Fri Mar 11 2016
  - git 2.7.3:
    * "git show 'HEAD:Foo[BAR]Baz'" did not interpret the argument as a
    rev, i.e. the object named by the the pathname with wildcard
    characters in a tree object.
    * "git rev-parse --git-common-dir" used in the worktree feature
    misbehaved when run from a subdirectory.
    * The "v(iew)" subcommand of the interactive "git am -i" command was
    broken in 2.6.0 timeframe when the command was rewritten in C.
    * "git merge-tree" used to mishandle "both sides added" conflict with
    its own "create a fake ancestor file that has the common parts of
    what both sides have added and do a 3-way merge" logic; this has
    been updated to use the usual "3-way merge with an empty blob as
    the fake common ancestor file" approach used in the rest of the
    * The documentation did not clearly state that the 'simple' mode is
    now the default for "git push" when push.default configuration is
    not set.
    * Test adjustments for GNU grep, obsoleting
    * "git config section.var value" to set a value in per-repository
    configuration file failed when it was run outside any repository,
    but didn't say the reason correctly.
* Tue Feb 23 2016
  - git 2.7.2:
    * improvements placing conflict markers with different line
    * "git worktree" fixes for manually moved paths
    * "git push --force-with-lease" has been taught to report if the
      push needed to force (or fast-forwarded).
    * vimdiff backend improvements for "git mergetool": buffer order
    * improvements for handling paths added to index with "add -N"
      which are not in the index yet
* Mon Feb 15 2016
  - fix test failures with grep 2.23
    add git-2.7.1-fix-tests-grep-2.23.patch
* Sat Feb 06 2016
  - git 2.7.1:
    * fix hooks and aliases fixes with GIT_WORK_TREE
    * fix "git send-email" reading escaped quotes in mutt alias files
    * fix some crashes and regressions
* Tue Jan 26 2016
  - use %perl_requires to allow for easier git+perl updates (boo#961112)
* Mon Jan 11 2016
  - package git-new-workdir [boo#961292]
* Tue Jan 05 2016
  - git 2.7.0:
    * UI, Workflows & Features updates
    * new subcommands, parameters and configuration options
    * performance improvements and code clean-ups
    * remove upstreamed patches:
* Tue Jan 05 2016
  - git 2.6.5:
    * Update "git subtree" (in contrib/) so that it can take
      whitespaces in the pathnames, not only in the in-tree pathname
      but the name of the directory that the repository is in.
    * "git p4" used to import Perforce CLs that touch only paths
      outside the client spec as empty commits. It has been
      corrected to ignorethem instead, with a new configuration
      git-p4.keepEmptyCommits as a backward compatibility knob.
    * Improve error reporting when SMTP TLS fails.
    * "git symbolic-ref" forgot to report a failure with its exit
    * History traversal with "git log --source" that starts with an
      annotated tag failed to report the tag as "source", due to an
      old regression in the command line parser back in v2.2 days.
* Wed Dec 09 2015
  - git 2.6.4:
    * Add support for talking http/https over socks proxy.
    * Allow all hooks to ignore their standard input,
      rather than having git complain of SIGPIPE.
    * Allow tilde-expansion in some http config variables.
    * Make git-p4 work on a detached head.
    * Add "git rebase --no-autostash"
    * Allow "git interpret-trailers" to run outside of a Git
* Sat Nov 07 2015
  - git 2.6.3:
    * UI output fixes
    * Bug fixes on case insensitive filesystems
    * git p4 fixes
    * Prepare for Git on-disk repository representation to undergo
      backward incompatible changes by introducing a new repository
      format version "1", with an extension mechanism.
  - include gpg2 for tests
* Thu Oct 22 2015
  - Fix crash of gitk with --all option in non-English locales
* Mon Oct 19 2015
  - git 2.6.2:
    * git fsck return status fixes
    * Fix for case insensitive filesystems
    * Fix "git am" ignoring user.signingkey
    * For ssh transport, explicitly clear GIT_* environment variables
    * Other compatible minor bug fixes and improvements
  - drop pager-don-t-use-unsafe-functions-in-signal-handle.patch
* Tue Oct 06 2015
  - git 2.6.1, with a security fix:
    * Make xdiff code handle extremely large files, cap around 1GB.
    * Some protocols (like git-remote-ext) can execute arbitrary code
    found in the URL.  The URLs that submodules use may come from
    arbitrary sources (e.g., .gitmodules files in a remote
    repository), and can hurt those who blindly enable recursive
    fetch.  Restrict the allowed protocols to well known and safe
    ones. [boo#948969]
* Tue Sep 29 2015
  - git 2.6.0:
    * many UI and workflow updates, added parameters and options
    * some performance optimisations and resource use reduction
  - refresh pager-don-t-use-unsafe-functions-in-signal-handle.patch
* Fri Sep 25 2015
  - Fix deadlock in signal handler in pager (boo#942297):
* Sun Sep 20 2015
  - git 2.5.3:
    * The experimental untracked-cache feature were buggy when paths
    with a few levels of subdirectories are involved.
    * Fix performance regression in "git am --skip"
* Sat Sep 19 2015
  - Suggest instead of recommend git-web: git-web is the web-server
    browsing part. Users that install git-core and appache will still
    get it auto-recommended based on the supplements.
* Fri Sep 11 2015
  - git 2.5.2:
    * usability bug fixes
    * performance bug fixes
    * fix "git archive" usage of zip64 for >64k entries
* Sun Aug 30 2015
  - git 2.5.1:
    * Performance optimisation for some casee
    * Minor bug fixes
    * Fix a regression for clone repository name guessing
    * Fix a regressoin in "git pull" related to --upload-pack
* Tue Aug 25 2015
  - In SLE 11 perl-Term-ReadKey is called perl-TermReadKey
* Tue Jul 28 2015
  - git 2.5.0:
    * Improvements working with perforce (git p4)
    * A new short-hand <branch>@{push}
    * Introduce http.<url>.SSLCipherList configuration variable to
      tweak the list of cipher suite to be used with libcURL when
      talking with https:// sites.
    * "git cat-file --batch(-check)" new option "--follow-symlinks"
    * "git send-email" learned the alias file format used by the
      sendmail program
    * For 3-way merge drivers, add %P (final path)
    * "git blame" learned blame.showEmail configuration variable.
    * Add the "--allow-unknown-type" option to "cat-file"
    * Many long-running operations now show progress eye-candy
* Tue Jul 28 2015
  - git 2.4.7:
    * Fix "git fsck" regression related to body-less tag object
    * Ask libCURL to use the most secure proxy authentication method
    * Fix shell handling issues in git log
    * Fix git config on read-only fs
    * Make "git rebase" exit with failure when format-patch fails
* Wed Jul 22 2015
  - put git-credential-cache--daemon into git-core -- it is needed
    for git-credential-cache (bnc#939065)
* Fri Jul 17 2015
  - git 2.4.6:
    * "git fetch --depth=<depth>" and "git clone --depth=<depth>"
    issued a shallow transfer request even to an upload-pack that
    does not support the capability.
    * "git fsck" used to ignore missing or invalid objects recorded in
    * The tcsh completion writes a bash scriptlet but that would have
    failed for users with noclobber set.
    * "git format-patch --ignore-if-upstream A..B" did not like to be
    fed tags as boundary commits.
  - git-tcsh-completion-fixes.diff adjusted for context changes
* Fri Jun 26 2015
  - git 2.4.5:
    * internal code and stability improvements
    * ""git rebase -i" fired post-rewrite hook when it shouldn't
      (namely, when it was told to stop sequencing with 'exec' insn).
* Wed Jun 17 2015
  - git 2.4.4:
    * l10n updates for German.
    * An earlier leakfix to bitmap testing code was incomplete.
    * "git clean pathspec..." tried to lstat(2) and complain even for
    paths outside the given pathspec.
    * Communication between the HTTP server and http_backend process can
    lead to a dead-lock when relaying a large ref negotiation request.
    Diagnose the situation better, and mitigate it by reading such a
    request first into core (to a reasonable limit).
    * The clean/smudge interface did not work well when filtering an
    empty contents (failed and then passed the empty input through).
    It can be argued that a filter that produces anything but empty for
    an empty input is nonsense, but if the user wants to do strange
    things, then why not?
    * Make "git stash something --help" error out, so that users can
    safely say "git stash drop --help".
    * Clarify that "log --raw" and "log --format=raw" are unrelated
    * Catch a programmer mistake to feed a pointer not an array to
    ARRAY_SIZE() macro, by using a couple of GCC extensions.
* Sun Jun 07 2015
  - git 2.4.3:
    * Ui message corrections and improvements
    * "git pull --log" and "git pull --no-log" worked as expected,
      but "git pull --log=20" did not.
    * Fix pull.ff configuration overriding merge.ff
    * fix memory leaks and resource exhaustion errors
    * documentation fixes
    * Fix core.excludesfile priorities
* Wed May 27 2015
  - git 2.4.2:
    * "git rev-list --objects $old --not --all" to see if everything that
    is reachable from $old is already connected to the existing refs
    was very inefficient.
    * "hash-object --literally" introduced in v2.2 was not prepared to
    take a really long object type name.
    * "git rebase --quiet" was not quite quiet when there is nothing to
    * The completion for "log --decorate=" parameter value was incorrect.
    * "filter-branch" corrupted commit log message that ends with an
    incomplete line on platforms with some "sed" implementations that
    munge such a line.  Work it around by avoiding to use "sed".
    * "git daemon" fails to build from the source under NO_IPV6
    configuration (regression in 2.4).
    * "git stash pop/apply" forgot to make sure that not just the working
    tree is clean but also the index is clean. The latter is important
    as a stash application can conflict and the index will be used for
    conflict resolution.
    * No longer prepend $GIT_EXEC_PATH and install path to path of
    executed subprograms and hooks.
* Thu May 14 2015
  - git 2.4.1:
    * git diff bugfixes and improvements
    * Fix spelling in .gitconfig created upon "git config --global"
    * "git commit --date=now" or anything that relies on approxidate
    lost the daylight-saving-time offset.
    * "git cat-file bl $blob" failed to barf even though there is no
    object type that is "bl".
    * Improvements for repositories on NFS
* Mon May 04 2015
  - Update to new upstream release 2.4.0
    * "git push" has been taught an "--atomic" option that makes a push
    that updates more than one ref an "all-or-none" affair.
    * Output from "git log --decorate" now distinguishes between a
    detached HEAD vs. a HEAD that points at a branch.
    * The phrasing `git branch` uses to describe a detached HEAD has
    been updated to agree with the phrasing used by `git status`.
    * A new "push.followTags" configuration turns the "--follow-tags"
    option on by default for the `git push` command.
  - Retrieve tarball signature
* Tue Apr 28 2015
  - git 2.3.7:
    * An earlier update to the parser that disects a URL broke an
    address, followed by a colon, followed by an empty string (instead
    of the port number), e.g. ssh://
    * The completion script (in contrib/) contaminated global namespace
    and clobbered on a shell variable $x.
    * The "git push --signed" protocol extension did not limit what the
    "nonce" that is a server-chosen string can contain or how long it
    can be, which was unnecessarily lax.  Limit both the length and the
    alphabet to a reasonably small space that can still have enough
* Sun Apr 26 2015
  - git 2.3.6:
    * "diff-highlight" (in contrib/) multibyte character support
* Thu Apr 02 2015
  - git 2.3.5:
    * The prompt script (in contrib/) did not show the untracked sign
    when working in a subdirectory without any untracked files.
    * Even though "git grep --quiet" is run merely to ask for the exit
    status, we spawned the pager regardless.  Stop doing that.
    * Recommend format-patch and send-email for those who want to
    submit patches to this project.
    * An failure early in the "git clone" that started creating the
    working tree and repository could have resulted in some
    directories and files left without getting cleaned up.
    * "git fetch" that fetches a commit using the allow-tip-sha1-in-want
    extension could have failed to fetch all the requested refs.
    * The split-index mode introduced at v2.3.0-rc0~41 was broken in
    the codepath to protect us against a broken reimplementation of
    Git  that writes an invalid index with duplicated index entries,
    * "git prune" used to largely ignore broken refs when deciding
    which objects are still being used, which could spread an
    existing small damage and make it a larger one.
    * "git tag -h" used to show the "--column" and "--sort" options
    that are about listing in a wrong section.
    * The transfer.hiderefs support did not quite work for smart-http
    * The code that reads from the ctags file in the completion script
    (in contrib/) did not spell ${param/pattern/string} substitution
    correctly, which happened to work with bash but not with zsh.
    * The explanation on "rebase --preserve-merges", "pull
    - -rebase=preserve", and "push --force-with-lease" in the
    documentation was unclear.
* Tue Mar 24 2015
  - git 2.3.4:
    * The 'color.status.unmerged' configuration was not described.
    * "git log --decorate" did not reset colors correctly around the
    branch names.
    * "git -C '' subcmd" refused to work in the current directory, unlike
    "cd ''" which silently behaves as a no-op.
    * "git imap-send" learned to optionally talk with an IMAP server via
    libcURL; because there is no other option when Git is built with
    NO_OPENSSL option, use that codepath by default under such
    * A workaround for certain build of GPG that triggered false breakage
    in a test has been added.
    * "git rebase -i" recently started to include the number of
    commits in the insn sheet to be processed, but on a platform
    that prepends leading whitespaces to "wc -l" output, the numbers
    are shown with extra whitespaces that aren't necessary.
    * We did not parse username followed by literal IPv6 address in SSH
    transport URLs, e.g. ssh://user@[2001:db8::1]:22/repo.git
* Sat Mar 14 2015
  - git 2.3.3:
    * A corrupt input to "git diff -M" used cause us to segfault.
    * The borrowed code in kwset API did not follow our usual convention
    to use "unsigned char" to store values that range from 0-255.
    * Description given by "grep -h" for its --exclude-standard option
    was phrased poorly.
    * Documentaton for "git remote add" mentioned "--tags" and
    "--no-tags" and it was not clear that fetch from the remote in
    the future will use the default behaviour when neither is given
    to override it.
    * "git diff --shortstat --dirstat=changes" showed a dirstat based on
    lines that was never asked by the end user in addition to the
    dirstat that the user asked for.
    * The interaction between "git submodule update" and the
    submodule.*.update configuration was not clearly documented.
    * "git apply" was not very careful about reading from, removing,
    updating and creating paths outside the working tree (under
    - -index/--cached) or the current directory (when used as a
    replacement for GNU patch).
    * "git daemon" looked up the hostname even when "%CH" and "%IP"
    interpolations are not requested, which was unnecessary.
    * The "interpolated-path" option of "git daemon" inserted any string
    client declared on the "host=" capability request without checking.
    Sanitize and limit %H and %CH to a saner and a valid DNS name.
* Thu Mar 12 2015
  - Fix missing /usr/share/tcsh/git.complete (bnc#919105):
    git-tcsh-completion-fixes.diff was refreshed for generating the
    script correctly
* Sat Mar 07 2015
  - git 2.3.2:
    * "update-index --refresh" used to leak when an entry cannot be
    refreshed for whatever reason.
    * "git fast-import" used to crash when it could not close and
    conclude the resulting packfile cleanly.
    * "git blame" died, trying to free an uninitialized piece of memory.
    * "git merge-file" did not work correctly in a subdirectory.
    * "git submodule add" failed to squash "path/to/././submodule" to
    * In v2.2.0, we broke "git prune" that runs in a repository that
    borrows from an alternate object store.
    * Certain older vintages of cURL give irregular output from
    "curl-config --vernum", which confused our build system.
    * Longstanding configuration variable naming rules has been added to
    the documentation.
    * Older GnuPG implementations may not correctly import the keyring
    material we prepare for the tests to use.
    * Clarify in the documentation that "remote.<nick>.pushURL" and
    "remote.<nick>.URL" are there to name the same repository accessed
    via different transports, not two separate repositories.
    * The pack bitmap support did not build with older versions of GCC.
    * Reading configuration from a blob object, when it ends with a lone
    CR, use to confuse the configuration parser.
    * We didn't format an integer that wouldn't fit in "int" but in
    "uintmax_t" correctly.
    * "git push --signed" gave an incorrectly worded error message when
    the other side did not support the capability.
    * "git fetch" over a remote-helper that cannot respond to "list"
    command could not fetch from a symbolic reference e.g. HEAD.
    * The insn sheet "git rebase -i" creates did not fully honor
    core.abbrev settings.
    * The tests that wanted to see that file becomes unreadable after
    running "chmod a-r file", and the tests that wanted to make sure it
    is not run as root, we used "can we write into the / directory?" as
    a cheap substitute, but on some platforms that is not a good
    heuristics.  The tests and their prerequisites have been updated to
    check what they really require.
    * The configuration variable 'mailinfo.scissors' was hard to
    discover in the documentation.
    * Correct a breakage to git-svn around v2.2 era that triggers
    premature closing of FileHandle.
    * Even though we officially haven't dropped Perl 5.8 support, the
    Getopt::Long package that came with it does not support "--no-"
    prefix to negate a boolean option; manually add support to help
    people with older Getopt::Long package.
* Wed Mar 04 2015
  - Don't install dummy hg and bzr remote helpers
* Thu Feb 26 2015
  - git 2.3.1:
    * The interactive "show a list and let the user choose from it"
    interface "add -i" used showed and prompted to the user even when
    the candidate list was empty, against which the only "choice" the
    user could have made was to choose nothing.
    * "git apply --whitespace=fix" used to under-allocate the memory
    when the fix resulted in a longer text than the original patch.
    * "git log --help" used to show rev-list options that are irrelevant
    to the "log" command.
    * The error message from "git commit", when a non-existing author
    name was given as value to the "--author=" parameter, has been
    reworded to avoid misunderstanding.
    * A broken pack .idx file in the receiving repository prevented the
    dumb http transport from fetching a good copy of it from the other
    * The documentation incorrectly said that C(opy) and R(ename) are the
    only ones that can be followed by the score number in the output in
    the --raw format.
    * Fix a misspelled conditional that is always true.
    * Code to read branch name from various files in .git/ directory
    would have misbehaved if the code to write them left an empty file.
    * The "git push" documentation made the "--repo=<there>" option
    easily misunderstood.
    * After attempting and failing a password-less authentication
    (e.g. kerberos), libcURL refuses to fall back to password based
    Basic authentication without a bit of help/encouragement.
    * Setting diff.submodule to 'log' made "git format-patch" produce
    broken patches.
    * "git rerere" (invoked internally from many mergy operations) did
    not correctly signal errors when told to update the working tree
    files and failed to do so for whatever reason.
    * "git blame HEAD -- missing" failed to correctly say "HEAD" when it
    tried to say "No such path 'missing' in HEAD".
* Fri Feb 06 2015
  - git 2.3.0:
    Many small corrections and improvements.
  - UI, Workflows and Features:
    * New GIT_SSH_COMMAND environment variable
    * Can now store empty notes
    * "git interpret-trailers" learned to properly handle the
      "Conflicts:" block at the end.
    * "git am" learned "--message-id" option
    * "git clone --reference=<over there>" learned the "--dissociate"
    * "git send-email" learned the "--transfer-encoding" option
    * "git send-email" learned the "--no-xmailer" option
    * "git branch -d" (delete) and "git branch -m" (move) learned to
      honor "-f" (force) flag
    * "git imap-send" learned to take "-v" (verbose) and "-q" (quiet)
      command line options.
* Tue Jan 13 2015
  - git 2.2.2:
    + "git checkout $treeish $path", when $path in the index and the
      working tree already matched what is in $treeish at the $path,
      still overwrote the $path unnecessarily.
    + "git config --get-color" did not parse its command line arguments
    + A few code paths used abs() when they should have used labs() on
      long integers.
    + "gitweb" used to depend on a behaviour recent deprecated.
    + "git init" (hence "git clone") initialized the per-repository
      configuration file .git/config with x-bit by mistake.
    + Git 2.0 was supposed to make the "simple" mode for the default of
      "git push", but it didn't.
    + "Everyday" document had a broken link.
    + The build procedure did not bother fixing perl and python scripts
      when NO_PERL and NO_PYTHON build-time configuration changed.
    + The code that reads the reflog from the newer to the older entries
      did not handle an entry that crosses a boundary of block it uses to
      read them correctly.
    + "git apply" was described in the documentation to take --ignore-date
      option, which it does not.
    + Traditionally we tried to avoid interpreting date strings given by
      the user as future dates, e.g. GIT_COMMITTER_DATE=2014-12-10 when
      used early November 2014 was taken as "October 12, 2014" because it
      is likely that a date in the future, December 10, is a mistake.
      This heuristics has been loosened to allow people to express future
      dates (most notably, --until=<date> may want to be far in the
      future) and we no longer tiebreak by future-ness of the date when
      (1) ISO-like format is used, and
      (2) the string can make sense interpreted as both y-m-d and y-d-m.
      Git may still have to use the heuristics to tiebreak between dd/mm/yy
      and mm/dd/yy, though.
    + The code to abbreviate an object name to its short unique prefix
      has been optimized when no abbreviation was requested.
    + "git add --ignore-errors ..." did not ignore an error to
      give a file that did not exist.
    + Git did not correctly read an overlong refname from a packed refs
* Fri Dec 19 2014
  - git 2.2.1
    Fixes arbitrary command execution vulnerability on case-
    insensitive file systems. [boo#910756] [CVE-2014-9390]
    This is not a usual case on GNU/Linux, but this update prevents
    such commits to propagate to third parties (Windows, OS X) that
    may be vulnerable.
* Thu Nov 27 2014
  - git 2.2.0:
    + improvements and updates to UI, Workflows, Features and options
    + better temporary file handling
    + API updates
    + bug fixes
  - package new git-subtree.html
* Tue Nov 18 2014
  - Add git-credential-gnome-keyring subpackage for GNOME keyring
    credential storage support
* Mon Nov 17 2014
  - Allow snapshot generation in apparmor profile (bnc#905707)
* Wed Oct 29 2014
  - git 2.1.3:
    * Some MUAs mangled a line in a message that begins with "From "
      to ">From " when writing to a mailbox file and feeding such an
      input to "git am" used to lose such a line.
    * "git daemon" (with NO_IPV6 build configuration) used to
      incorrectly use the hostname even when gethostbyname()
      reported that the given hostname is not found.
    * Newer versions of 'meld' breaks the auto-detection we use to
      see if they are new enough to support the `--output` option.
    * "git pack-objects" forgot to disable the codepath to generate
      object recheability bitmap when it needs to split the resulting
    * "gitweb" used deprecated CGI::startfrom, which was removed from as of 4.04; use CGI::start_from instead.
    * "git log" documentation had an example section marked up not
      quite correctly, which passed AsciiDoc but failed with
    * Also contains some documentation updates.



Generated by rpm2html 1.8.1

Fabrice Bellet, Tue Jul 9 11:42:48 2024