[Bug 1713690] Re: Restore /usr/share/doc/contrib/diff-highlight/diff-highlight

[Launchpad Bug Tracker]

This bug was fixed in the package git - 1:2.17.1-1ubuntu0.3

---------------
git (1:2.17.1-1ubuntu0.3) bionic-security; urgency=medium

  * SECURITY UPDATE: arbitrary code execution via submodule URLs and
    paths in .gitsubmodules.
    - 0001-submodule-helper-use-to-signal-end-of-clone-options.patch,
      0002-submodule-config-ban-submodule-urls-that-start-with-.patch,
      0003-submodule-config-ban-submodule-paths-that-start-with.patch:
      disallow urls and files that begin with '--'.
    - 0004-fsck-detect-submodule-urls-starting-with-dash.patch,
      0005-fsck-detect-submodule-paths-starting-with-dash.patch:
      reject gitmodules that contain submdule urls and files that begin
      with '--'.
    - CVE-2018-17456

git (1:2.17.1-1ubuntu0.2) bionic; urgency=medium

  * Build diff-highlight in the contrib dir (closes: #868871, LP:
#1713690)

 -- Steve Beattie <sbeattie at ubuntu.com>  Fri, 05 Oct 2018 16:27:58 -0700

** Changed in: git (Ubuntu Bionic)
       Status: Fix Committed => Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to git in Ubuntu.
https://bugs.launchpad.net/bugs/1713690

Title:
  Restore /usr/share/doc/contrib/diff-highlight/diff-highlight

Status in git package in Ubuntu:
  Fix Committed
Status in git source package in Bionic:
  Fix Released
Status in git package in Debian:
  New

Bug description:
  [ SRU Verification ]
  This is just a papercut, but diff-highlight was shipped built in the past (including in xenial), so dropping it in bionic was a regression.

  [ Regression Potential ]
  None, this is just shipping a built perl script in doc.

  [ Test Case ]
  Check that the file is now shipped and works when specified in the [pager] section as shown in the bug report.

  [ Original Report ]
  This was removed in my most recent upgrade on artful, 1:2.11.0-4 -> 1:2.14.1-1ubuntu3.

  This is particularly frustrating as it caused a bunch of git
  operations to start erroring for me, as I have the following in my
  .gitconfig:

  [pager]
   diff = perl /usr/share/doc/git/contrib/diff-highlight/diff-highlight | less
   log = perl /usr/share/doc/git/contrib/diff-highlight/diff-highlight | less
   show = perl /usr/share/doc/git/contrib/diff-highlight/diff-highlight | less

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/git/+bug/1713690/+subscriptions