From 1c7590c52b040bdc8447a3dc02d8299bacb4c637 Mon Sep 17 00:00:00 2001 From: fly_fzc <2385803914@qq.com> Date: Tue, 22 Jul 2025 14:47:12 +0800 Subject: [PATCH] refix CVE-2025-27613 CVE-2025-46334 CVE-2025-46835 --- ...-27613-CVE-2025-46334-CVE-2025-46835.patch | 128 +++++--- ...remove-obsolete-Cygwin-specific-code.patch | 280 ++++++++++++++++++ ...ui-use-git-hook-honor-core.hooksPath.patch | 67 +++++ git.spec | 12 +- 4 files changed, 443 insertions(+), 44 deletions(-) create mode 100644 backport-git-gui-remove-obsolete-Cygwin-specific-code.patch create mode 100644 backport-git-gui-use-git-hook-honor-core.hooksPath.patch diff --git a/backport-CVE-2025-27613-CVE-2025-46334-CVE-2025-46835.patch b/backport-CVE-2025-27613-CVE-2025-46334-CVE-2025-46835.patch index a2e0203..840496e 100644 --- a/backport-CVE-2025-27613-CVE-2025-46334-CVE-2025-46835.patch +++ b/backport-CVE-2025-27613-CVE-2025-46334-CVE-2025-46835.patch @@ -703,6 +703,28 @@ index 9673e56abda662..aba8ef63dc2b16 100755 } err]} { show_error {} . "[mc "Couldn't get list of unmerged files:"] $err" exit 1 +@@ -463,8 +470,8 @@ proc start_rev_list {view} { + } + + if {[catch { +- set fd [open [concat | git log --no-color -z --pretty=raw $show_notes \ +- --parents --boundary $args "--" $files] r] ++ set fd [safe_open_command [concat git log --no-color -z --pretty=raw $show_notes \ ++ --parents --boundary $args "--" $files]] + } err]} { + error_popup "[mc "Error executing git log:"] $err" + return 0 +@@ -611,8 +618,8 @@ proc updatecommits {} { + set args $vorigargs($view) + } + if {[catch { +- set fd [open [concat | git log --no-color -z --pretty=raw $show_notes \ +- --parents --boundary $args "--" $vfilelimit($view)] r] ++ set fd [safe_open_command [concat git log --no-color -z --pretty=raw $show_notes \ ++ --parents --boundary $args "--" $vfilelimit($view)]] + } err]} { + error_popup "[mc "Error executing git log:"] $err" + return @@ -1700,7 +1707,7 @@ proc do_readcommit {id} { global tclencoding @@ -845,6 +867,15 @@ index 9673e56abda662..aba8ef63dc2b16 100755 set allcupdate [expr {$seeds ne {}}] if {!$allcupdate} { set ids "--all" +@@ -10281,7 +10288,7 @@ proc getallcommits {} { + } + } + if {$ids ne {}} { +- set fd [open [concat $cmd $ids] r] ++ set fd [safe_open_command [concat $cmd $ids]] + fconfigure $fd -blocking 0 + incr allcommits + nowbusy allcommits From 42a64b41a7a3d01a62f0f34f75bee2bbd00be46f Mon Sep 17 00:00:00 2001 From: Johannes Sixt @@ -2631,7 +2662,7 @@ diff --git a/git-gui/git-gui.sh b/git-gui/git-gui.sh index 9ccd88893030f0..217aeb9ce3a7b5 100755 --- a/git-gui/git-gui.sh +++ b/git-gui/git-gui.sh -@@ -77,46 +77,43 @@ proc is_Cygwin {} { +@@ -77,39 +77,43 @@ proc is_Cygwin {} { ###################################################################### ## @@ -2650,14 +2681,7 @@ index 9ccd88893030f0..217aeb9ce3a7b5 100755 +} - if {$_search_path eq {}} { -- if {[is_Cygwin] && [regexp {^(/|\.:)} $env(PATH)]} { -- set _search_path [split [exec cygpath \ -- --windows \ -- --path \ -- --absolute \ -- $env(PATH)] {;}] -- set _search_exe .exe -- } elseif {[is_Windows]} { +- if {[is_Windows]} { - set gitguidir [file dirname [info script]] - regsub -all ";" $gitguidir "\\;" gitguidir - set env(PATH) "$gitguidir;$env(PATH)" @@ -2713,6 +2737,46 @@ index 9ccd88893030f0..217aeb9ce3a7b5 100755 if {[is_Windows] && [lsearch -exact $args -script] >= 0} { set suffix {} +From 074c2b9d7c4b1201f261263f011074c733a85d38 Mon Sep 17 00:00:00 2001 +From: Johannes Sixt +Date: Sat, 3 May 2025 19:21:53 +0200 +Subject: [PATCH 33/41] git-gui: use git_read in githook_read + +0730a5a3a5e6 ("git-gui - use git-hook, honor core.hooksPath", 2023-09-17) +rewrote githook_read to use `git hook` to run a hook script. The code +that was replaced discovered the hook script file manually and invoked +it using function _open_stdout_stderr. After the rewrite, this function +is still invoked, but it calls into `git` instead of the hook scripts. + +Notice though, that we have function git_read that invokes git and +prepares a pipe for the caller to read from. Replace the implementation +of githook_read to be just a wrapper around git_read. This unifies the +way in which the git executable is invoked. git_read ultimately also +calls into _open_stdout_stderr, but it modifies the path to the git +executable before doing so. + +Signed-off-by: Johannes Sixt + +Signed-off-by: Taylor Blau +--- + git-gui/git-gui.sh | 3 +-- + 1 file changed, 1 insertion(+), 2 deletions(-) + +diff --git a/git-gui/git-gui.sh b/git-gui/git-gui.sh +index 28113220af8770..e10bf2a039295e 100755 +--- a/git-gui/git-gui.sh ++++ b/git-gui/git-gui.sh +@@ -669,8 +669,7 @@ proc git_write {args} { + } + + proc githook_read {hook_name args} { +- set cmd [concat git hook run --ignore-missing $hook_name -- $args 2>@1] +- return [_open_stdout_stderr $cmd] ++ git_read hook run --ignore-missing $hook_name -- $args 2>@1 + } + + proc kill_file_process {fd} { + From a1ccd2512072cf52835050f4c97a4fba9f0ec8f9 Mon Sep 17 00:00:00 2001 From: Mark Levedahl Date: Fri, 11 Apr 2025 10:58:20 -0400 @@ -2940,7 +3004,7 @@ index e10bf2a039295e..301c7647ecaec6 100755 fconfigure $fd -translation binary -encoding utf-8 set result [string trimright [read $fd] "\n"] close $fd -@@ -642,58 +642,40 @@ proc _open_stdout_stderr {cmd} { +@@ -642,34 +642,34 @@ proc _open_stdout_stderr {cmd} { return $fd } @@ -2984,38 +3048,8 @@ index e10bf2a039295e..301c7647ecaec6 100755 } proc githook_read {hook_name args} { -- set pchook [gitdir hooks $hook_name] -- lappend args 2>@1 -- -- # On Windows [file executable] might lie so we need to ask -- # the shell if the hook is executable. Yes that's annoying. -- # -- if {[is_Windows]} { -- upvar #0 _sh interp -- if {![info exists interp]} { -- set interp [_which sh] -- } -- if {$interp eq {}} { -- error "hook execution requires sh (not in PATH)" -- } -- -- set scr {if test -x "$1";then exec "$@";fi} -- set sh_c [list $interp -c $scr $interp $pchook] -- return [_open_stdout_stderr [concat $sh_c $args]] -- } -- -- if {[file executable $pchook]} { -- return [_open_stdout_stderr [concat [list $pchook] $args]] -- } -- -- return {} -+ set pchook [gitdir hooks $hook_name] -+ -+ if {[file executable $pchook]} { -+ return [safe_open_command [concat [list $pchook] $args] [list 2>@1]] -+ } -+ -+ return {} +- git_read hook run --ignore-missing $hook_name -- $args 2>@1 ++ git_read [concat [list hook run --ignore-missing $hook_name --] $args 2>@1] } proc kill_file_process {fd} { @@ -3626,6 +3660,15 @@ index 408149b5309f68..bbdbd35d269507 100755 } proc git_read_nice {cmd} { +@@ -669,7 +669,7 @@ proc git_write {cmd} { + } + + proc githook_read {hook_name args} { +- git_read [concat [list hook run --ignore-missing $hook_name --] $args 2>@1] ++ git_read [concat [list hook run --ignore-missing $hook_name --] $args] [list 2>@1] + } + + proc kill_file_process {fd} { diff --git a/git-gui/lib/checkout_op.tcl b/git-gui/lib/checkout_op.tcl index 48fd1a3cacdca7..87ed0b48585e05 100644 --- a/git-gui/lib/checkout_op.tcl @@ -3868,3 +3911,4 @@ index 0355c0c8365047..2c446c27845c16 100755 if {[file executable $_git_bash]} { set _bash_cmdline [list "Git Bash" $_git_bash] } else { + diff --git a/backport-git-gui-remove-obsolete-Cygwin-specific-code.patch b/backport-git-gui-remove-obsolete-Cygwin-specific-code.patch new file mode 100644 index 0000000..40b9d33 --- /dev/null +++ b/backport-git-gui-remove-obsolete-Cygwin-specific-code.patch @@ -0,0 +1,280 @@ +From 7145c654fffecd1f3d4a2b8bf05755ce262903e8 Mon Sep 17 00:00:00 2001 +From: Mark Levedahl +Date: Mon, 26 Jun 2023 12:53:03 -0400 +Subject: [PATCH] git-gui - remove obsolete Cygwin specific code + +In the current git release, git-gui runs on Cygwin without enabling any +of git-gui's Cygwin specific code. This happens as the Cygwin specific +code in git-gui was (mostly) written in 2007-2008 to work with Cygwin's +then supplied Tcl/Tk which was an incompletely ported variant of the +8.4.1 Windows Tcl/Tk code. In March, 2012, that 8.4.1 package was +replaced with a full port based upon the upstream unix/X11 code, +since maintained up to date. The two Tcl/Tk packages are completely +incompatible, and have different signatures. + +When Cygwin's Tcl/Tk signature changed in 2012, git-gui no longer +detected Cygwin, so did not enable Cygwin specific code, and the POSIX +environment provided by Cygwin since 2012 supported git-gui as a generic +unix. Thus, no-one apparently noticed the existence of incompatible +Cygwin specific code. + +However, since commit c5766eae6f in the git-gui source tree +(https://github.com/prati0100/git-gui, master at a5005ded), and not yet +pulled into the git repository, the is_Cygwin function does detect +Cygwin using the unix/X11 Tcl/Tk. The Cygwin specific code is enabled, +causing use of Windows rather than unix pathnames, and enabling +incorrect warnings about environment variables that were relevant only +to the old Tcl/Tk. The end result is that (upstream) git-gui is now +incompatible with Cygwin. + +So, delete Cygwin specific code (code protected by "if is_Cygwin") that +is not needed in any form to work with the unix/X11 Tcl/Tk. + +Cygwin specific code required to enable file browsing and shortcut +creation is not addressed in this patch, does not currently work, and +invocation of those items may leave git-gui in a confused state. + +Signed-off-by: Mark Levedahl +Acked-by: Johannes Schindelin +Signed-off-by: Pratyush Yadav +--- + git-gui/git-gui.sh | 114 ++------------------------------------ + git-gui/lib/choose_repository.tcl | 27 +-------- + 2 files changed, 7 insertions(+), 134 deletions(-) + +diff --git a/git-gui/git-gui.sh b/git-gui/git-gui.sh +index cb92bba1c4..3f7c31e4c4 100755 +--- a/git-gui/git-gui.sh ++++ b/git-gui/git-gui.sh +@@ -84,14 +84,7 @@ proc _which {what args} { + global env _search_exe _search_path + + if {$_search_path eq {}} { +- if {[is_Cygwin] && [regexp {^(/|\.:)} $env(PATH)]} { +- set _search_path [split [exec cygpath \ +- --windows \ +- --path \ +- --absolute \ +- $env(PATH)] {;}] +- set _search_exe .exe +- } elseif {[is_Windows]} { ++ if {[is_Windows]} { + set gitguidir [file dirname [info script]] + regsub -all ";" $gitguidir "\\;" gitguidir + set env(PATH) "$gitguidir;$env(PATH)" +@@ -342,14 +335,7 @@ proc gitexec {args} { + if {[catch {set _gitexec [git --exec-path]} err]} { + error "Git not installed?\n\n$err" + } +- if {[is_Cygwin]} { +- set _gitexec [exec cygpath \ +- --windows \ +- --absolute \ +- $_gitexec] +- } else { +- set _gitexec [file normalize $_gitexec] +- } ++ set _gitexec [file normalize $_gitexec] + } + if {$args eq {}} { + return $_gitexec +@@ -364,14 +350,7 @@ proc githtmldir {args} { + # Git not installed or option not yet supported + return {} + } +- if {[is_Cygwin]} { +- set _githtmldir [exec cygpath \ +- --windows \ +- --absolute \ +- $_githtmldir] +- } else { +- set _githtmldir [file normalize $_githtmldir] +- } ++ set _githtmldir [file normalize $_githtmldir] + } + if {$args eq {}} { + return $_githtmldir +@@ -1318,9 +1297,6 @@ if {$_gitdir eq "."} { + set _gitdir [pwd] + } + +-if {![file isdirectory $_gitdir] && [is_Cygwin]} { +- catch {set _gitdir [exec cygpath --windows $_gitdir]} +-} + if {![file isdirectory $_gitdir]} { + catch {wm withdraw .} + error_popup [strcat [mc "Git directory not found:"] "\n\n$_gitdir"] +@@ -1332,11 +1308,7 @@ apply_config + + # v1.7.0 introduced --show-toplevel to return the canonical work-tree + if {[package vcompare $_git_version 1.7.0] >= 0} { +- if { [is_Cygwin] } { +- catch {set _gitworktree [exec cygpath --windows [git rev-parse --show-toplevel]]} +- } else { +- set _gitworktree [git rev-parse --show-toplevel] +- } ++ set _gitworktree [git rev-parse --show-toplevel] + } else { + # try to set work tree from environment, core.worktree or use + # cdup to obtain a relative path to the top of the worktree. If +@@ -1561,24 +1533,8 @@ proc rescan {after {honor_trustmtime 1}} { + } + } + +-if {[is_Cygwin]} { +- set is_git_info_exclude {} +- proc have_info_exclude {} { +- global is_git_info_exclude +- +- if {$is_git_info_exclude eq {}} { +- if {[catch {exec test -f [gitdir info exclude]}]} { +- set is_git_info_exclude 0 +- } else { +- set is_git_info_exclude 1 +- } +- } +- return $is_git_info_exclude +- } +-} else { +- proc have_info_exclude {} { +- return [file readable [gitdir info exclude]] +- } ++proc have_info_exclude {} { ++ return [file readable [gitdir info exclude]] + } + + proc rescan_stage2 {fd after} { +@@ -3112,10 +3068,6 @@ if {[is_MacOSX]} { + set doc_path [githtmldir] + if {$doc_path ne {}} { + set doc_path [file join $doc_path index.html] +- +- if {[is_Cygwin]} { +- set doc_path [exec cygpath --mixed $doc_path] +- } + } + + if {[file isfile $doc_path]} { +@@ -4087,60 +4039,6 @@ set file_lists($ui_workdir) [list] + wm title . "[appname] ([reponame]) [file normalize $_gitworktree]" + focus -force $ui_comm + +-# -- Warn the user about environmental problems. Cygwin's Tcl +-# does *not* pass its env array onto any processes it spawns. +-# This means that git processes get none of our environment. +-# +-if {[is_Cygwin]} { +- set ignored_env 0 +- set suggest_user {} +- set msg [mc "Possible environment issues exist. +- +-The following environment variables are probably +-going to be ignored by any Git subprocess run +-by %s: +- +-" [appname]] +- foreach name [array names env] { +- switch -regexp -- $name { +- {^GIT_INDEX_FILE$} - +- {^GIT_OBJECT_DIRECTORY$} - +- {^GIT_ALTERNATE_OBJECT_DIRECTORIES$} - +- {^GIT_DIFF_OPTS$} - +- {^GIT_EXTERNAL_DIFF$} - +- {^GIT_PAGER$} - +- {^GIT_TRACE$} - +- {^GIT_CONFIG$} - +- {^GIT_(AUTHOR|COMMITTER)_DATE$} { +- append msg " - $name\n" +- incr ignored_env +- } +- {^GIT_(AUTHOR|COMMITTER)_(NAME|EMAIL)$} { +- append msg " - $name\n" +- incr ignored_env +- set suggest_user $name +- } +- } +- } +- if {$ignored_env > 0} { +- append msg [mc " +-This is due to a known issue with the +-Tcl binary distributed by Cygwin."] +- +- if {$suggest_user ne {}} { +- append msg [mc " +- +-A good replacement for %s +-is placing values for the user.name and +-user.email settings into your personal +-~/.gitconfig file. +-" $suggest_user] +- } +- warn_popup $msg +- } +- unset ignored_env msg suggest_user name +-} +- + # -- Only initialize complex UI if we are going to stay running. + # + if {[is_enabled transport]} { +diff --git a/git-gui/lib/choose_repository.tcl b/git-gui/lib/choose_repository.tcl +index af1fee7c75..d23abedcb3 100644 +--- a/git-gui/lib/choose_repository.tcl ++++ b/git-gui/lib/choose_repository.tcl +@@ -174,9 +174,6 @@ constructor pick {} { + -foreground blue \ + -underline 1 + set home $::env(HOME) +- if {[is_Cygwin]} { +- set home [exec cygpath --windows --absolute $home] +- } + set home "[file normalize $home]/" + set hlen [string length $home] + foreach p $sorted_recent { +@@ -374,18 +371,6 @@ proc _objdir {path} { + return $objdir + } + +- if {[is_Cygwin]} { +- set objdir [file join $path .git objects.lnk] +- if {[file isfile $objdir]} { +- return [win32_read_lnk $objdir] +- } +- +- set objdir [file join $path objects.lnk] +- if {[file isfile $objdir]} { +- return [win32_read_lnk $objdir] +- } +- } +- + return {} + } + +@@ -623,12 +608,6 @@ method _do_clone2 {} { + } + + set giturl $origin_url +- if {[is_Cygwin] && [file isdirectory $giturl]} { +- set giturl [exec cygpath --unix --absolute $giturl] +- if {$clone_type eq {shared}} { +- set objdir [exec cygpath --unix --absolute $objdir] +- } +- } + + if {[file exists $local_path]} { + error_popup [mc "Location %s already exists." $local_path] +@@ -668,11 +647,7 @@ method _do_clone2 {} { + fconfigure $f_cp -translation binary -encoding binary + cd $objdir + while {[gets $f_in line] >= 0} { +- if {[is_Cygwin]} { +- puts $f_cp [exec cygpath --unix --absolute $line] +- } else { +- puts $f_cp [file normalize $line] +- } ++ puts $f_cp [file normalize $line] + } + close $f_in + close $f_cp +-- +2.33.0 + diff --git a/backport-git-gui-use-git-hook-honor-core.hooksPath.patch b/backport-git-gui-use-git-hook-honor-core.hooksPath.patch new file mode 100644 index 0000000..b436660 --- /dev/null +++ b/backport-git-gui-use-git-hook-honor-core.hooksPath.patch @@ -0,0 +1,67 @@ +From 0730a5a3a5e69e4b5fa0fbf6edd7fcbd7a08c992 Mon Sep 17 00:00:00 2001 +From: Mark Levedahl +Date: Sun, 17 Sep 2023 15:24:31 -0400 +Subject: [PATCH] git-gui - use git-hook, honor core.hooksPath + +git-gui currently runs some hooks directly using its own code written +before 2010, long predating git v2.9 that added the core.hooksPath +configuration to override the assumed location at $GIT_DIR/hooks. Thus, +git-gui looks for and runs hooks including prepare-commit-msg, +commit-msg, pre-commit, post-commit, and post-checkout from +$GIT_DIR/hooks, regardless of configuration. Commands (e.g., git-merge) +that git-gui invokes directly do honor core.hooksPath, meaning the +overall behaviour is inconsistent. + +Furthermore, since v2.36 git exposes its hook execution machinery via +`git-hook run`, eliminating the need for others to maintain code +duplicating that functionality. Using git-hook will both fix git-gui's +current issues on hook configuration and (presumably) reduce the +maintenance burden going forward. So, teach git-gui to use git-hook. + +Signed-off-by: Mark Levedahl +Signed-off-by: Junio C Hamano +--- + git-gui/git-gui.sh | 27 ++------------------------- + 1 file changed, 2 insertions(+), 25 deletions(-) + +diff --git a/git-gui/git-gui.sh b/git-gui/git-gui.sh +index 8603437e72..3e5907a460 100755 +--- a/git-gui/git-gui.sh ++++ b/git-gui/git-gui.sh +@@ -661,31 +661,8 @@ proc git_write {args} { + } + + proc githook_read {hook_name args} { +- set pchook [gitdir hooks $hook_name] +- lappend args 2>@1 +- +- # On Windows [file executable] might lie so we need to ask +- # the shell if the hook is executable. Yes that's annoying. +- # +- if {[is_Windows]} { +- upvar #0 _sh interp +- if {![info exists interp]} { +- set interp [_which sh] +- } +- if {$interp eq {}} { +- error "hook execution requires sh (not in PATH)" +- } +- +- set scr {if test -x "$1";then exec "$@";fi} +- set sh_c [list $interp -c $scr $interp $pchook] +- return [_open_stdout_stderr [concat $sh_c $args]] +- } +- +- if {[file executable $pchook]} { +- return [_open_stdout_stderr [concat [list $pchook] $args]] +- } +- +- return {} ++ set cmd [concat git hook run --ignore-missing $hook_name -- $args 2>@1] ++ return [_open_stdout_stderr $cmd] + } + + proc kill_file_process {fd} { +-- +2.33.0 + diff --git a/git.spec b/git.spec index 3041a2e..d93f366 100644 --- a/git.spec +++ b/git.spec @@ -1,7 +1,7 @@ %global gitexecdir %{_libexecdir}/git-core Name: git Version: 2.33.0 -Release: 19 +Release: 20 Summary: A popular and widely used Version Control System License: GPLv2+ or LGPLv2.1 URL: https://git-scm.com/ @@ -77,7 +77,9 @@ Patch61: backport-CVE-2024-52006-credential-disallow-Carriage-Returns-in-the- Patch62: backport-CVE-2024-52005.patch Patch63: backport-CVE-2025-48384-config-quote-values-containing-CR-character.patch Patch64: backport-CVE-2025-48386-wincred-avoid-buffer-overflow-in-wcsncat.patch -Patch65: backport-CVE-2025-27613-CVE-2025-46334-CVE-2025-46835.patch +Patch65: backport-git-gui-remove-obsolete-Cygwin-specific-code.patch +Patch66: backport-git-gui-use-git-hook-honor-core.hooksPath.patch +Patch67: backport-CVE-2025-27613-CVE-2025-46334-CVE-2025-46835.patch BuildRequires: gcc gettext BuildRequires: openssl-devel libcurl-devel expat-devel systemd asciidoc xmlto glib2-devel libsecret-devel pcre2-devel desktop-file-utils @@ -361,6 +363,12 @@ make %{?_smp_mflags} test %{_mandir}/man7/git*.7.* %changelog +* Tue Jul 22 2025 fuanan - 2.33.0-20 +- Type:CVE +- ID:CVE-2025-27613 CVE-2025-46334 CVE-2025-46835 +- SUG:NA +- DESC:refix CVE-2025-27613 CVE-2025-46334 CVE-2025-46835 + * Mon Jul 14 2025 fuanan - 2.33.0-19 - Type:CVE - ID:CVE-2025-27613 CVE-2025-46334 CVE-2025-46835 -- Gitee