Junio C Hamano <gitster@xxxxxxxxx> writes:
> Derrick Stolee <derrickstolee@xxxxxxxxxx> writes:
>
>> I tried to do my due diligence here, but I will admit to some amount
>> of haste being applied due to the many distinct sources that have
>> motivated the change.
>
> OK. Thanks for a fast response to a brown-paper-bag bug or two.
Here is a draft release notes to 2.30.4.txt; I may tag this later
tonight (i.e. in 4 hours or so) or perhaps tomorrow morning, together
with the result of merging the fixes into newer maintenance releases.
Thanks, everybody, for working on the issue.
Git v2.30.4 Release Notes (draft)
=================================
This release contains minor fix-ups for the changes that went into
Git 2.30.3, which was made to address CVE-2022-24765.
* The code that was meant to parse the new `safe.directory`
configuration variable was not checking what configuration
variable was being fed to it, which has been corrected.
* '*' can be used as the value for the `safe.directory` variable to
signal that the user considers that any directory is safe.
Derrick Stolee (2):
t0033: add tests for safe.directory
setup: opt-out of check with safe.directory=*
Matheus Valadares (1):
setup: fix safe.directory key not being checked
