Re: [ANNOUNCE] Git v2.7.4 (and updates to older maintenance tracks)

From: Torsten BÃgershausen
Date: Fri Mar 18 2016 - 04:34:14 EST


> Git v2.7.4 Release Notes
> ========================
>
> Fixes since v2.7.3
> ------------------
>
> * Bugfix patches were backported from the 'master' front to plug heap
> corruption holes, to catch integer overflow in the computation of
> pathname lengths, and to get rid of the name_path API. Both of
> these would have resulted in writing over an under-allocated buffer
> when formulating pathnames while tree traversal.
>
> ----------------------------------------------------------------
>
> Changes since v2.7.3 are as follows:
>
> Jeff King (7):
> add helpers for detecting size_t overflow
> tree-diff: catch integer overflow in combine_diff_path allocation
> http-push: stop using name_path
> show_object_with_name: simplify by using path_name()
> list-objects: convert name_path to a strbuf
> list-objects: drop name_path entirely
> list-objects: pass full pathname to callbacks
>
If there is a new 2.7.x release, does it make sense to cherry-pick this one:

commit 7b6daf8d2fee1a9866b1d4eddbfaa5dbc42c5dbb
Author: Torsten Bögershausen <tboegi@xxxxxx>
Date: Sun Feb 28 21:09:44 2016 +0100

config.mak.uname: use clang for Mac OS X 10.6