summaryrefslogtreecommitdiff
path: root/Documentation/RelNotes
diff options
context:
space:
mode:
authorJunio C Hamano <gitster@pobox.com>2017-09-22 14:45:30 +0900
committerJunio C Hamano <gitster@pobox.com>2017-09-22 14:45:30 +0900
commit65c9d4bd7bcb3f087b56b659423c82a034ecacbd (patch)
tree53520d0d729f8bf79736e5b970f1012416f3197a /Documentation/RelNotes
parent3d9c5b5c4461957fbbc0479e037990db04ebb740 (diff)
parent39aaab109972d6bbc1d0ffe5d4de47bbd4b8bb07 (diff)
downloadgit-65c9d4bd7bcb3f087b56b659423c82a034ecacbd.tar.gz
Sync with 2.11.4
Signed-off-by: Junio C Hamano <gitster@pobox.com>
Diffstat (limited to 'Documentation/RelNotes')
-rw-r--r--Documentation/RelNotes/2.10.5.txt17
-rw-r--r--Documentation/RelNotes/2.11.4.txt17
2 files changed, 34 insertions, 0 deletions
diff --git a/Documentation/RelNotes/2.10.5.txt b/Documentation/RelNotes/2.10.5.txt
new file mode 100644
index 0000000000..a498fd6fdc
--- /dev/null
+++ b/Documentation/RelNotes/2.10.5.txt
@@ -0,0 +1,17 @@
+Git v2.10.5 Release Notes
+=========================
+
+Fixes since v2.10.4
+-------------------
+
+ * "git cvsserver" no longer is invoked by "git daemon" by default,
+ as it is old and largely unmaintained.
+
+ * Various Perl scripts did not use safe_pipe_capture() instead of
+ backticks, leaving them susceptible to end-user input. They have
+ been corrected.
+
+Credits go to joernchen <joernchen@phenoelit.de> for finding the
+unsafe constructs in "git cvsserver", and to Jeff King at GitHub for
+finding and fixing instances of the same issue in other scripts.
+
diff --git a/Documentation/RelNotes/2.11.4.txt b/Documentation/RelNotes/2.11.4.txt
new file mode 100644
index 0000000000..ad4da8eb09
--- /dev/null
+++ b/Documentation/RelNotes/2.11.4.txt
@@ -0,0 +1,17 @@
+Git v2.11.4 Release Notes
+=========================
+
+Fixes since v2.11.3
+-------------------
+
+ * "git cvsserver" no longer is invoked by "git daemon" by default,
+ as it is old and largely unmaintained.
+
+ * Various Perl scripts did not use safe_pipe_capture() instead of
+ backticks, leaving them susceptible to end-user input. They have
+ been corrected.
+
+Credits go to joernchen <joernchen@phenoelit.de> for finding the
+unsafe constructs in "git cvsserver", and to Jeff King at GitHub for
+finding and fixing instances of the same issue in other scripts.
+