severity 958929 important tags 958929 + upstream forwarded 958929 https://lore.kernel.org/git/20200428052510.ga201...@google.com/ quit
Stefan Tauner wrote: > the vulnerability in CVE-2020-11008 is related to the handling > of credential helpers in git. In Buster this has been fixed in > 1:2.20.1-2+deb10u3. This broke my existing configuration where > repositories have credential.helper=store set. This is > documented in /usr/share/man/man1/git-credential-store.1.gz > and other files from git, git-doc etc. > I am unsure how to proceed... is this helper now unsupported? > Is this a simple regression that should be fixed? The latter --- it's a simple regression. Let's take this upstream. Thanks, Jonathan