debian: apply security fixes from 2.20.3
As with 2.20.2, apply these as patches instead of using an upstream
tarball because the upstream tarball has not been created yet.
Thanks to Salvatore Bonaccorso for the description of this
vulnerability in the changelog.
Signed-off-by: Jonathan Nieder <jrnieder@gmail.com>
diff --git a/debian/changelog b/debian/changelog
index fa84381..552c4f8 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,20 @@
+git (1:2.20.1-2+deb10u2) buster-security; urgency=high
+
+ [ Salvatore Bonaccorso ]
+ * new upstream point release (see RelNotes/2.20.3.txt).
+ * Addresses the security issue CVE-2020-5260.
+
+ With a crafted URL that contains a newline, the credential
+ helper machinery can be fooled to supply credential information
+ for the wrong host. The attack has been made impossible by
+ forbidding a newline character in any value passed via the
+ credential protocol.
+
+ Thanks to Felix Wilhelm of Google Project Zero for finding
+ this vulnerability and Jeff King for fixing it.
+
+ -- Jonathan Nieder <jrnieder@gmail.com> Sun, 12 Apr 2020 00:24:43 -0700
+
git (1:2.20.1-2+deb10u1) buster-security; urgency=high
* new upstream point release (see RelNotes/2.20.2.txt).
diff --git a/debian/patches/0039-Git-2.20.2.diff b/debian/patches/0039-Git-2.20.2.diff
index f22599b..522f710 100644
--- a/debian/patches/0039-Git-2.20.2.diff
+++ b/debian/patches/0039-Git-2.20.2.diff
@@ -9,7 +9,7 @@
---
Documentation/RelNotes/2.20.2.txt | 18 ++++++++++++++++++
GIT-VERSION-GEN | 2 +-
- 2 files changed, 19 insertions(+), 1 deletions(-)
+ 2 files changed, 19 insertions(+), 1 deletion(-)
create mode 100644 Documentation/RelNotes/2.20.2.txt
diff --git a/Documentation/RelNotes/2.20.2.txt b/Documentation/RelNotes/2.20.2.txt
@@ -50,5 +50,5 @@
LF='
'
--
-2.24.0.393.g34dc348eaf
+2.26.0.292.g33ef6b2f38
diff --git a/debian/patches/0040-credential-avoid-writing-values-with-newlines.diff b/debian/patches/0040-credential-avoid-writing-values-with-newlines.diff
new file mode 100644
index 0000000..7a66b4b
--- /dev/null
+++ b/debian/patches/0040-credential-avoid-writing-values-with-newlines.diff
@@ -0,0 +1,63 @@
+From a2d973517c7c2558fdbbb75c4fe0f435c7599bb6 Mon Sep 17 00:00:00 2001
+From: Jeff King <peff@peff.net>
+Date: Wed, 11 Mar 2020 17:53:41 -0400
+Subject: credential: avoid writing values with newlines
+
+The credential protocol that we use to speak to helpers can't represent
+values with newlines in them. This was an intentional design choice to
+keep the protocol simple, since none of the values we pass should
+generally have newlines.
+
+However, if we _do_ encounter a newline in a value, we blindly transmit
+it in credential_write(). Such values may break the protocol syntax, or
+worse, inject new valid lines into the protocol stream.
+
+The most likely way for a newline to end up in a credential struct is by
+decoding a URL with a percent-encoded newline. However, since the bug
+occurs at the moment we write the value to the protocol, we'll catch it
+there. That should leave no possibility of accidentally missing a code
+path that can trigger the problem.
+
+At this level of the code we have little choice but to die(). However,
+since we'd not ever expect to see this case outside of a malicious URL,
+that's an acceptable outcome.
+
+Reported-by: Felix Wilhelm <fwilhelm@google.com>
+(cherry picked from commit 9a6bbee8006c24b46a85d29e7b38cfa79e9ab21b)
+Signed-off-by: Jonathan Nieder <jrnieder@gmail.com>
+---
+ credential.c | 2 ++
+ t/t0300-credentials.sh | 6 ++++++
+ 2 files changed, 8 insertions(+)
+
+diff --git a/credential.c b/credential.c
+index 62be651b03..a79aff0c9c 100644
+--- a/credential.c
++++ b/credential.c
+@@ -195,6 +195,8 @@ static void credential_write_item(FILE *fp, const char *key, const char *value)
+ {
+ if (!value)
+ return;
++ if (strchr(value, '\n'))
++ die("credential value for %s contains newline", key);
+ fprintf(fp, "%s=%s\n", key, value);
+ }
+
+diff --git a/t/t0300-credentials.sh b/t/t0300-credentials.sh
+index 82eaaea0f4..26f3c3a972 100755
+--- a/t/t0300-credentials.sh
++++ b/t/t0300-credentials.sh
+@@ -308,4 +308,10 @@ test_expect_success 'empty helper spec resets helper list' '
+ EOF
+ '
+
++test_expect_success 'url parser rejects embedded newlines' '
++ test_must_fail git credential fill <<-\EOF
++ url=https://one.example.com?%0ahost=two.example.com/
++ EOF
++'
++
+ test_done
+--
+2.26.0.292.g33ef6b2f38
+
diff --git a/debian/patches/0041-t-lib-credential-use-test_i18ncmp-to-check-stderr.diff b/debian/patches/0041-t-lib-credential-use-test_i18ncmp-to-check-stderr.diff
new file mode 100644
index 0000000..4db2d1b
--- /dev/null
+++ b/debian/patches/0041-t-lib-credential-use-test_i18ncmp-to-check-stderr.diff
@@ -0,0 +1,34 @@
+From e0a9a60ec2e99d1a15846aaf5feacba4563f18f8 Mon Sep 17 00:00:00 2001
+From: Jeff King <peff@peff.net>
+Date: Wed, 11 Mar 2020 18:11:37 -0400
+Subject: t/lib-credential: use test_i18ncmp to check stderr
+
+The credential tests have a "check" function which feeds some input to
+git-credential and checks the stdout and stderr. We look for exact
+matches in the output. For stdout, this makes sense; the output is
+the credential protocol. But for stderr, we may be showing various
+diagnostic messages, or the prompts fed to the askpass program, which
+could be translated. Let's mark them as such.
+
+(cherry picked from commit 17f1c0b8c7e447aa62f85dc355bb48133d2812f2)
+Signed-off-by: Jonathan Nieder <jrnieder@gmail.com>
+---
+ t/lib-credential.sh | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/t/lib-credential.sh b/t/lib-credential.sh
+index 937b831ea6..bb88cc0108 100755
+--- a/t/lib-credential.sh
++++ b/t/lib-credential.sh
+@@ -19,7 +19,7 @@ check() {
+ false
+ fi &&
+ test_cmp expect-stdout stdout &&
+- test_cmp expect-stderr stderr
++ test_i18ncmp expect-stderr stderr
+ }
+
+ read_chunk() {
+--
+2.26.0.292.g33ef6b2f38
+
diff --git a/debian/patches/0042-credential-detect-unrepresentable-values-when-parsing.diff b/debian/patches/0042-credential-detect-unrepresentable-values-when-parsing.diff
new file mode 100644
index 0000000..b715391
--- /dev/null
+++ b/debian/patches/0042-credential-detect-unrepresentable-values-when-parsing.diff
@@ -0,0 +1,154 @@
+From 4767ee743a3e1a5bd033cffa10a6e6cd82305337 Mon Sep 17 00:00:00 2001
+From: Jeff King <peff@peff.net>
+Date: Thu, 12 Mar 2020 01:31:11 -0400
+Subject: credential: detect unrepresentable values when parsing urls
+
+The credential protocol can't represent newlines in values, but URLs can
+embed percent-encoded newlines in various components. A previous commit
+taught the low-level writing routines to die() when encountering this,
+but we can be a little friendlier to the user by detecting them earlier
+and handling them gracefully.
+
+This patch teaches credential_from_url() to notice such components,
+issue a warning, and blank the credential (which will generally result
+in prompting the user for a username and password). We blank the whole
+credential in this case. Another option would be to blank only the
+invalid component. However, we're probably better off not feeding a
+partially-parsed URL result to a credential helper. We don't know how a
+given helper would handle it, so we're better off to err on the side of
+matching nothing rather than something unexpected.
+
+The die() call in credential_write() is _probably_ impossible to reach
+after this patch. Values should end up in credential structs only by URL
+parsing (which is covered here), or by reading credential protocol input
+(which by definition cannot read a newline into a value). But we should
+definitely keep the low-level check, as it's our final and most accurate
+line of defense against protocol injection attacks. Arguably it could
+become a BUG(), but it probably doesn't matter much either way.
+
+Note that the public interface of credential_from_url() grows a little
+more than we need here. We'll use the extra flexibility in a future
+patch to help fsck catch these cases.
+
+(cherry picked from commit c716fe4bd917e013bf376a678b3a924447777b2d)
+Signed-off-by: Jonathan Nieder <jrnieder@gmail.com>
+---
+ credential.c | 36 ++++++++++++++++++++++++++++++++++--
+ credential.h | 16 ++++++++++++++++
+ t/t0300-credentials.sh | 12 ++++++++++--
+ 3 files changed, 60 insertions(+), 4 deletions(-)
+
+diff --git a/credential.c b/credential.c
+index a79aff0c9c..24823829f6 100644
+--- a/credential.c
++++ b/credential.c
+@@ -324,7 +324,22 @@ void credential_reject(struct credential *c)
+ c->approved = 0;
+ }
+
+-void credential_from_url(struct credential *c, const char *url)
++static int check_url_component(const char *url, int quiet,
++ const char *name, const char *value)
++{
++ if (!value)
++ return 0;
++ if (!strchr(value, '\n'))
++ return 0;
++
++ if (!quiet)
++ warning(_("url contains a newline in its %s component: %s"),
++ name, url);
++ return -1;
++}
++
++int credential_from_url_gently(struct credential *c, const char *url,
++ int quiet)
+ {
+ const char *at, *colon, *cp, *slash, *host, *proto_end;
+
+@@ -338,7 +353,7 @@ void credential_from_url(struct credential *c, const char *url)
+ */
+ proto_end = strstr(url, "://");
+ if (!proto_end)
+- return;
++ return 0;
+ cp = proto_end + 3;
+ at = strchr(cp, '@');
+ colon = strchr(cp, ':');
+@@ -373,4 +388,21 @@ void credential_from_url(struct credential *c, const char *url)
+ while (p > c->path && *p == '/')
+ *p-- = '\0';
+ }
++
++ if (check_url_component(url, quiet, "username", c->username) < 0 ||
++ check_url_component(url, quiet, "password", c->password) < 0 ||
++ check_url_component(url, quiet, "protocol", c->protocol) < 0 ||
++ check_url_component(url, quiet, "host", c->host) < 0 ||
++ check_url_component(url, quiet, "path", c->path) < 0)
++ return -1;
++
++ return 0;
++}
++
++void credential_from_url(struct credential *c, const char *url)
++{
++ if (credential_from_url_gently(c, url, 0) < 0) {
++ warning(_("skipping credential lookup for url: %s"), url);
++ credential_clear(c);
++ }
+ }
+diff --git a/credential.h b/credential.h
+index 6b0cd16be2..122a23cd2f 100644
+--- a/credential.h
++++ b/credential.h
+@@ -28,7 +28,23 @@ void credential_reject(struct credential *);
+
+ int credential_read(struct credential *, FILE *);
+ void credential_write(const struct credential *, FILE *);
++
++/*
++ * Parse a url into a credential struct, replacing any existing contents.
++ *
++ * Ifthe url can't be parsed (e.g., a missing "proto://" component), the
++ * resulting credential will be empty but we'll still return success from the
++ * "gently" form.
++ *
++ * If we encounter a component which cannot be represented as a credential
++ * value (e.g., because it contains a newline), the "gently" form will return
++ * an error but leave the broken state in the credential object for further
++ * examination. The non-gentle form will issue a warning to stderr and return
++ * an empty credential.
++ */
+ void credential_from_url(struct credential *, const char *url);
++int credential_from_url_gently(struct credential *, const char *url, int quiet);
++
+ int credential_match(const struct credential *have,
+ const struct credential *want);
+
+diff --git a/t/t0300-credentials.sh b/t/t0300-credentials.sh
+index 26f3c3a972..b9c0f1f279 100755
+--- a/t/t0300-credentials.sh
++++ b/t/t0300-credentials.sh
+@@ -308,9 +308,17 @@ test_expect_success 'empty helper spec resets helper list' '
+ EOF
+ '
+
+-test_expect_success 'url parser rejects embedded newlines' '
+- test_must_fail git credential fill <<-\EOF
++test_expect_success 'url parser ignores embedded newlines' '
++ check fill <<-EOF
+ url=https://one.example.com?%0ahost=two.example.com/
++ --
++ username=askpass-username
++ password=askpass-password
++ --
++ warning: url contains a newline in its host component: https://one.example.com?%0ahost=two.example.com/
++ warning: skipping credential lookup for url: https://one.example.com?%0ahost=two.example.com/
++ askpass: Username:
++ askpass: Password:
+ EOF
+ '
+
+--
+2.26.0.292.g33ef6b2f38
+
diff --git a/debian/patches/0043-fsck-detect-gitmodules-URLs-with-embedded-newlines.diff b/debian/patches/0043-fsck-detect-gitmodules-URLs-with-embedded-newlines.diff
new file mode 100644
index 0000000..3f155c9
--- /dev/null
+++ b/debian/patches/0043-fsck-detect-gitmodules-URLs-with-embedded-newlines.diff
@@ -0,0 +1,102 @@
+From 7e07103640f281a84bd55a267f79f0a005f3ea97 Mon Sep 17 00:00:00 2001
+From: Jeff King <peff@peff.net>
+Date: Wed, 11 Mar 2020 18:48:24 -0400
+Subject: fsck: detect gitmodules URLs with embedded newlines
+
+The credential protocol can't handle values with newlines. We already
+detect and block any such URLs from being used with credential helpers,
+but let's also add an fsck check to detect and block gitmodules files
+with such URLs. That will let us notice the problem earlier when
+transfer.fsckObjects is turned on. And in particular it will prevent bad
+objects from spreading, which may protect downstream users running older
+versions of Git.
+
+We'll file this under the existing gitmodulesUrl flag, which covers URLs
+with option injection. There's really no need to distinguish the exact
+flaw in the URL in this context. Likewise, I've expanded the description
+of t7416 to cover all types of bogus URLs.
+
+(cherry picked from commit 07259e74ec1237c836874342c65650bdee8a3993)
+Signed-off-by: Jonathan Nieder <jrnieder@gmail.com>
+---
+ fsck.c | 16 +++++++++++++++-
+ t/t7416-submodule-dash-url.sh | 18 +++++++++++++++++-
+ 2 files changed, 32 insertions(+), 2 deletions(-)
+
+diff --git a/fsck.c b/fsck.c
+index 535f806c67..faac610a35 100644
+--- a/fsck.c
++++ b/fsck.c
+@@ -15,6 +15,7 @@
+ #include "packfile.h"
+ #include "submodule-config.h"
+ #include "config.h"
++#include "credential.h"
+ #include "help.h"
+
+ static struct oidset gitmodules_found = OIDSET_INIT;
+@@ -982,6 +983,19 @@ static int fsck_tag(struct tag *tag, const char *data,
+ return fsck_tag_buffer(tag, data, size, options);
+ }
+
++static int check_submodule_url(const char *url)
++{
++ struct credential c = CREDENTIAL_INIT;
++ int ret;
++
++ if (looks_like_command_line_option(url))
++ return -1;
++
++ ret = credential_from_url_gently(&c, url, 1);
++ credential_clear(&c);
++ return ret;
++}
++
+ struct fsck_gitmodules_data {
+ struct object *obj;
+ struct fsck_options *options;
+@@ -1006,7 +1020,7 @@ static int fsck_gitmodules_fn(const char *var, const char *value, void *vdata)
+ "disallowed submodule name: %s",
+ name);
+ if (!strcmp(key, "url") && value &&
+- looks_like_command_line_option(value))
++ check_submodule_url(value) < 0)
+ data->ret |= report(data->options, data->obj,
+ FSCK_MSG_GITMODULES_URL,
+ "disallowed submodule url: %s",
+diff --git a/t/t7416-submodule-dash-url.sh b/t/t7416-submodule-dash-url.sh
+index 5ba041f537..41431b1ac3 100755
+--- a/t/t7416-submodule-dash-url.sh
++++ b/t/t7416-submodule-dash-url.sh
+@@ -1,6 +1,6 @@
+ #!/bin/sh
+
+-test_description='check handling of .gitmodule url with dash'
++test_description='check handling of disallowed .gitmodule urls'
+ . ./test-lib.sh
+
+ test_expect_success 'create submodule with protected dash in url' '
+@@ -60,4 +60,20 @@ test_expect_success 'trailing backslash is handled correctly' '
+ test_i18ngrep ! "unknown option" err
+ '
+
++test_expect_success 'fsck rejects embedded newline in url' '
++ # create an orphan branch to avoid existing .gitmodules objects
++ git checkout --orphan newline &&
++ cat >.gitmodules <<-\EOF &&
++ [submodule "foo"]
++ url = "https://one.example.com?%0ahost=two.example.com/foo.git"
++ EOF
++ git add .gitmodules &&
++ git commit -m "gitmodules with newline" &&
++ test_when_finished "rm -rf dst" &&
++ git init --bare dst &&
++ git -C dst config transfer.fsckObjects true &&
++ test_must_fail git push dst HEAD 2>err &&
++ grep gitmodulesUrl err
++'
++
+ test_done
+--
+2.26.0.292.g33ef6b2f38
+
diff --git a/debian/patches/0044-Git-2.17.4.diff b/debian/patches/0044-Git-2.17.4.diff
new file mode 100644
index 0000000..4acaa70
--- /dev/null
+++ b/debian/patches/0044-Git-2.17.4.diff
@@ -0,0 +1,38 @@
+From 191fa298b66f2145f210573b4322bf61adbc303f Mon Sep 17 00:00:00 2001
+From: Junio C Hamano <gitster@pobox.com>
+Date: Tue, 17 Mar 2020 13:23:48 -0700
+Subject: Git 2.17.4
+
+Signed-off-by: Junio C Hamano <gitster@pobox.com>
+(cherry picked from commit c42c0f12972194564f039dcf580d89ca14ae72d6)
+Signed-off-by: Jonathan Nieder <jrnieder@gmail.com>
+---
+ Documentation/RelNotes/2.17.4.txt | 16 ++++++++++++++++
+ 1 file changed, 16 insertions(+)
+ create mode 100644 Documentation/RelNotes/2.17.4.txt
+
+diff --git a/Documentation/RelNotes/2.17.4.txt b/Documentation/RelNotes/2.17.4.txt
+new file mode 100644
+index 0000000000..7d794ca01a
+--- /dev/null
++++ b/Documentation/RelNotes/2.17.4.txt
+@@ -0,0 +1,16 @@
++Git v2.17.4 Release Notes
++=========================
++
++This release is to address the security issue: CVE-2020-5260
++
++Fixes since v2.17.3
++-------------------
++
++ * With a crafted URL that contains a newline in it, the credential
++ helper machinery can be fooled to give credential information for
++ a wrong host. The attack has been made impossible by forbidding
++ a newline character in any value passed via the credential
++ protocol.
++
++Credit for finding the vulnerability goes to Felix Wilhelm of Google
++Project Zero.
+--
+2.26.0.292.g33ef6b2f38
+
diff --git a/debian/patches/0045-Git-2.18.3.diff b/debian/patches/0045-Git-2.18.3.diff
new file mode 100644
index 0000000..8849138
--- /dev/null
+++ b/debian/patches/0045-Git-2.18.3.diff
@@ -0,0 +1,27 @@
+From d99d986e22c4a87bd55ab0fd50c2ca4e6a093b07 Mon Sep 17 00:00:00 2001
+From: Junio C Hamano <gitster@pobox.com>
+Date: Tue, 17 Mar 2020 13:34:12 -0700
+Subject: Git 2.18.3
+
+Signed-off-by: Junio C Hamano <gitster@pobox.com>
+(cherry picked from commit 21a3e5016bb218dc9b016284c88ba685bc446b70)
+Signed-off-by: Jonathan Nieder <jrnieder@gmail.com>
+---
+ Documentation/RelNotes/2.18.3.txt | 5 +++++
+ 1 file changed, 5 insertions(+)
+ create mode 100644 Documentation/RelNotes/2.18.3.txt
+
+diff --git a/Documentation/RelNotes/2.18.3.txt b/Documentation/RelNotes/2.18.3.txt
+new file mode 100644
+index 0000000000..25143f0cec
+--- /dev/null
++++ b/Documentation/RelNotes/2.18.3.txt
+@@ -0,0 +1,5 @@
++Git v2.18.3 Release Notes
++=========================
++
++This release merges the security fix that appears in v2.17.4; see
++the release notes for that version for details.
+--
+2.26.0.292.g33ef6b2f38
+
diff --git a/debian/patches/0046-Git-2.19.4.diff b/debian/patches/0046-Git-2.19.4.diff
new file mode 100644
index 0000000..48cd3d8
--- /dev/null
+++ b/debian/patches/0046-Git-2.19.4.diff
@@ -0,0 +1,27 @@
+From 0e6e595cbdf95d46762a231bc6b5c9f222abb561 Mon Sep 17 00:00:00 2001
+From: Junio C Hamano <gitster@pobox.com>
+Date: Tue, 17 Mar 2020 13:37:37 -0700
+Subject: Git 2.19.4
+
+Signed-off-by: Junio C Hamano <gitster@pobox.com>
+(cherry picked from commit a5979d7009017c79b0100b7b66e8567b3ad7b022)
+Signed-off-by: Jonathan Nieder <jrnieder@gmail.com>
+---
+ Documentation/RelNotes/2.19.4.txt | 5 +++++
+ 1 file changed, 5 insertions(+)
+ create mode 100644 Documentation/RelNotes/2.19.4.txt
+
+diff --git a/Documentation/RelNotes/2.19.4.txt b/Documentation/RelNotes/2.19.4.txt
+new file mode 100644
+index 0000000000..35d0ae561b
+--- /dev/null
++++ b/Documentation/RelNotes/2.19.4.txt
+@@ -0,0 +1,5 @@
++Git v2.19.4 Release Notes
++=========================
++
++This release merges the security fix that appears in v2.17.4; see
++the release notes for that version for details.
+--
+2.26.0.292.g33ef6b2f38
+
diff --git a/debian/patches/0047-Git-2.20.3.diff b/debian/patches/0047-Git-2.20.3.diff
new file mode 100644
index 0000000..0e65759
--- /dev/null
+++ b/debian/patches/0047-Git-2.20.3.diff
@@ -0,0 +1,41 @@
+From be0a1785e78fc2ce1ebdbb9039ec274a8a7ca53e Mon Sep 17 00:00:00 2001
+From: Junio C Hamano <gitster@pobox.com>
+Date: Tue, 17 Mar 2020 13:42:38 -0700
+Subject: Git 2.20.3
+
+Signed-off-by: Junio C Hamano <gitster@pobox.com>
+(cherry picked from commit d1259ce117d0714f1441956805612fb36d7ce7f8)
+Signed-off-by: Jonathan Nieder <jrnieder@gmail.com>
+---
+ Documentation/RelNotes/2.20.3.txt | 5 +++++
+ GIT-VERSION-GEN | 2 +-
+ 2 files changed, 6 insertions(+), 1 deletion(-)
+ create mode 100644 Documentation/RelNotes/2.20.3.txt
+
+diff --git a/Documentation/RelNotes/2.20.3.txt b/Documentation/RelNotes/2.20.3.txt
+new file mode 100644
+index 0000000000..f6eccd103b
+--- /dev/null
++++ b/Documentation/RelNotes/2.20.3.txt
+@@ -0,0 +1,5 @@
++Git v2.20.3 Release Notes
++=========================
++
++This release merges the security fix that appears in v2.17.4; see
++the release notes for that version for details.
+diff --git a/GIT-VERSION-GEN b/GIT-VERSION-GEN
+index 492f3480f0..1482b4d75f 100755
+--- a/GIT-VERSION-GEN
++++ b/GIT-VERSION-GEN
+@@ -1,7 +1,7 @@
+ #!/bin/sh
+
+ GVF=GIT-VERSION-FILE
+-DEF_VER=v2.20.2
++DEF_VER=v2.20.3
+
+ LF='
+ '
+--
+2.26.0.292.g33ef6b2f38
+
diff --git a/debian/patches/series b/debian/patches/series
index b677e7e..8af0331 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -37,3 +37,11 @@
0037-t7415-adjust-test-for-dubiously-nested-submodule-gitd.diff
0038-submodule-defend-against-submodule.update-command-in-.diff
0039-Git-2.20.2.diff
+0040-credential-avoid-writing-values-with-newlines.diff
+0041-t-lib-credential-use-test_i18ncmp-to-check-stderr.diff
+0042-credential-detect-unrepresentable-values-when-parsing.diff
+0043-fsck-detect-gitmodules-URLs-with-embedded-newlines.diff
+0044-Git-2.17.4.diff
+0045-Git-2.18.3.diff
+0046-Git-2.19.4.diff
+0047-Git-2.20.3.diff
