From 26ff9be6e765b21388265c1bc8dfca1c5c2fb509 Mon Sep 17 00:00:00 2001 From: Junio C Hamano Date: Wed, 13 Apr 2022 16:42:33 -0700 Subject: [PATCH 1/2] RelNotes: clarify "bisect run unexecutable" tweak We do not have to guess how common the mistake the change targets is when describing it. Such an argument may be good while proposing a change, but does not quite belong in the record of what has already happened, i.e. a release note. Helped-by: Taylor Blau Signed-off-by: Junio C Hamano --- Documentation/RelNotes/2.36.0.txt | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/Documentation/RelNotes/2.36.0.txt b/Documentation/RelNotes/2.36.0.txt index d61ade21e2..9f6dd3d868 100644 --- a/Documentation/RelNotes/2.36.0.txt +++ b/Documentation/RelNotes/2.36.0.txt @@ -46,10 +46,10 @@ UI, Workflows & Features * "git branch" learned the "--recurse-submodules" option. - * A not-so-common mistake is to write a script to feed "git bisect - run" without making it executable, in which case all tests will - exit with 126 or 127 error codes, even on revisions that are marked - as good. Try to recognize this situation and stop iteration early. + * A user can forget to make a script file executable before giving + it to "git bisect run". In such a case, all tests will exit with + 126 or 127 error codes, even on revisions that are marked as good. + Try to recognize this situation and stop iteration early. * When "index-pack" dies due to incoming data exceeding the maximum allowed input size, include the value of the limit in the error From 255ede998001a44be957b7e915e84cb6164e00a0 Mon Sep 17 00:00:00 2001 From: Junio C Hamano Date: Wed, 13 Apr 2022 16:51:41 -0700 Subject: [PATCH 2/2] RelNotes: mention safe.directory Helped-by: Philippe Blain Signed-off-by: Junio C Hamano --- Documentation/RelNotes/2.36.0.txt | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/Documentation/RelNotes/2.36.0.txt b/Documentation/RelNotes/2.36.0.txt index 9f6dd3d868..f4c5e691bb 100644 --- a/Documentation/RelNotes/2.36.0.txt +++ b/Documentation/RelNotes/2.36.0.txt @@ -13,6 +13,15 @@ Backward compatibility warts top-level a partial clone, while submodules are fully cloned. This behaviour is changed to pass the same filter down to the submodules. + * With the fixes for CVE-2022-24765 that are common with versions of + Git 2.30.4, 2.31.3, 2.32.2, 2.33.3, 2.34.3, and 2.35.3, Git has + been taught not to recognise repositories owned by other users, in + order to avoid getting affected by their config files and hooks. + You can list the path to the safe/trusted repositories that may be + owned by others on a multi-valued configuration variable + `safe.directory` to override this behaviour, or use '*' to declare + that you trust anything. + Note to those who build from the source @@ -397,8 +406,6 @@ Fixes since v2.35 entry it moved. (merge b7f9130a06 vd/mv-refresh-stat later to maint). - * Fix for CVE-2022-24765 has been merged up from 2.35.2 and others. - * Other code cleanup, docfix, build fix, etc. (merge cfc5cf428b jc/find-header later to maint). (merge 40e7cfdd46 jh/p4-fix-use-of-process-error-exception later to maint).