Changes since Git for Windows v2.39.0(2) (December 21st 2022)
This is a security release, addressing CVE-2022-41903, CVE-2022-23521 and CVE-2022-41953.
New Features
- Comes with Git v2.39.1.
Bug Fixes
- Addresses CVE-2022-23521, a critical vulnerability in the
.gitattributes
parsing that potentially allows malicious code to be executed while cloning. - Addresses CVE-2022-41953, a vulnerability that makes Git GUI's
Clone
function susceptible to Remote Code Execution attacks. - Addresses CVE-2022-41903, a vulnerability that may allow heap overflows and code to be executed inadvertently during a
git archive
invocation. - A regression introduced in Git for Windows v2.39.0(2) that prevented cloning from Bitbucket was fixed.
Filename | SHA-256 |
---|---|
Git-2.39.1-64-bit.exe | 82d088233144054d14d8cc890870544f1ac6ac73aebade87c4d96c97b55d8508 |
Git-2.39.1-32-bit.exe | b9ac2863b42eb60ee6cbb0663378bb119cb976a52985d4bbe92ad00b073ffed2 |
PortableGit-2.39.1-64-bit.7z.exe | b898306a44084b5fa13b9a52e06408d97234389d07ae41d9409bdf58cad3d227 |
PortableGit-2.39.1-32-bit.7z.exe | 2cb1a83f30f0c2948c97d3dc683c8b058c808f89b51bfb813de67253d17caa15 |
MinGit-2.39.1-64-bit.zip | 000649846ec6e28e8f76d4a0d02f02b3dd1ba19914385f7dead1c5cde25b3bad |
MinGit-2.39.1-32-bit.zip | e36dc71d97359f584d25efbdabb4122fb71514bcba5a99df1b82a83cee9472e3 |
MinGit-2.39.1-busybox-64-bit.zip | c2b54edf2f5b3c7a7bb65640d49f8d7a953145b989125c8749e673d03e2a80f1 |
MinGit-2.39.1-busybox-32-bit.zip | 4a28a9bd4e49d260ae3c35bf9a2cdb91f12d4a4cf081f21b3df278e76f401262 |
Git-2.39.1-64-bit.tar.bz2 | 2a33c6fef5ed9d2794013fe965066b80c24b556168aca28c0252c1e11859f4ad |
Git-2.39.1-32-bit.tar.bz2 | fdbbd5bcbe00f8981df11cdff87f74440b1a64f40898740559f68e4565555a44 |