From 1603d0ad622aeefb60a111c8083440b26c3a464b Mon Sep 17 00:00:00 2001 From: Mark Waite Date: Tue, 12 Jul 2022 11:45:48 -0600 Subject: [PATCH] Use MinGit 2.37.1 See the announcement at https://groups.google.com/g/git-for-windows/c/M-_QnmeLXuo/m/HXfg1blKAgAJ Changelog: https://github.com/git-for-windows/git/releases/tag/v2.37.1.windows.1 Fixes CVE-2022-31012 and CVE-2022-29187 CVE-2022-31012: https://github.com/git-for-windows/git/security/advisories/GHSA-gjrj-fxvp-hjj2 "Git for Windows' installer can be tricked into executing an untrusted binary" Since we don't use the Windows installer for git, we should not be vulnerable to this issue. CVE-2022-29187: Unpublished --- 11/windows/nanoserver-1809/Dockerfile | 2 +- 11/windows/windowsservercore-ltsc2019/Dockerfile | 2 +- 17/windows/nanoserver-1809/Dockerfile | 2 +- 17/windows/windowsservercore-ltsc2019/Dockerfile | 2 +- 8/windows/nanoserver-1809/Dockerfile | 2 +- 8/windows/windowsservercore-ltsc2019/Dockerfile | 2 +- 6 files changed, 6 insertions(+), 6 deletions(-) diff --git a/11/windows/nanoserver-1809/Dockerfile b/11/windows/nanoserver-1809/Dockerfile index 1fe69508b..39cd5244b 100644 --- a/11/windows/nanoserver-1809/Dockerfile +++ b/11/windows/nanoserver-1809/Dockerfile @@ -40,7 +40,7 @@ COPY --from=core $JAVA_HOME $JAVA_HOME SHELL ["pwsh.exe", "-Command", "$ErrorActionPreference = 'Stop'; $ProgressPreference = 'SilentlyContinue';"] USER ContainerAdministrator -ARG GIT_VERSION=2.37.0 +ARG GIT_VERSION=2.37.1 ARG GIT_PATCH_VERSION=1 RUN [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12 ; ` $url = $('https://github.com/git-for-windows/git/releases/download/v{0}.windows.{1}/MinGit-{0}-64-bit.zip' -f $env:GIT_VERSION, $env:GIT_PATCH_VERSION) ; ` diff --git a/11/windows/windowsservercore-ltsc2019/Dockerfile b/11/windows/windowsservercore-ltsc2019/Dockerfile index 25c260418..f574b9ca9 100644 --- a/11/windows/windowsservercore-ltsc2019/Dockerfile +++ b/11/windows/windowsservercore-ltsc2019/Dockerfile @@ -26,7 +26,7 @@ FROM eclipse-temurin:11.0.15_10-jdk-windowsservercore-1809 SHELL ["powershell", "-Command", "$ErrorActionPreference = 'Stop'; $ProgressPreference = 'SilentlyContinue';"] -ARG GIT_VERSION=2.37.0 +ARG GIT_VERSION=2.37.1 ARG GIT_PATCH_VERSION=1 RUN [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12 ; ` $url = $('https://github.com/git-for-windows/git/releases/download/v{0}.windows.{1}/MinGit-{0}-64-bit.zip' -f $env:GIT_VERSION, $env:GIT_PATCH_VERSION) ; ` diff --git a/17/windows/nanoserver-1809/Dockerfile b/17/windows/nanoserver-1809/Dockerfile index dd6bb3a46..4eef1d15c 100644 --- a/17/windows/nanoserver-1809/Dockerfile +++ b/17/windows/nanoserver-1809/Dockerfile @@ -40,7 +40,7 @@ COPY --from=core $JAVA_HOME $JAVA_HOME SHELL ["pwsh.exe", "-Command", "$ErrorActionPreference = 'Stop'; $ProgressPreference = 'SilentlyContinue';"] USER ContainerAdministrator -ARG GIT_VERSION=2.37.0 +ARG GIT_VERSION=2.37.1 ARG GIT_PATCH_VERSION=1 RUN [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12 ; ` $url = $('https://github.com/git-for-windows/git/releases/download/v{0}.windows.{1}/MinGit-{0}-64-bit.zip' -f $env:GIT_VERSION, $env:GIT_PATCH_VERSION) ; ` diff --git a/17/windows/windowsservercore-ltsc2019/Dockerfile b/17/windows/windowsservercore-ltsc2019/Dockerfile index 058fe0e7f..a1839c182 100644 --- a/17/windows/windowsservercore-ltsc2019/Dockerfile +++ b/17/windows/windowsservercore-ltsc2019/Dockerfile @@ -26,7 +26,7 @@ FROM eclipse-temurin:17.0.3_7-jdk-windowsservercore-1809 SHELL ["powershell", "-Command", "$ErrorActionPreference = 'Stop'; $ProgressPreference = 'SilentlyContinue';"] -ARG GIT_VERSION=2.37.0 +ARG GIT_VERSION=2.37.1 ARG GIT_PATCH_VERSION=1 RUN [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12 ; ` $url = $('https://github.com/git-for-windows/git/releases/download/v{0}.windows.{1}/MinGit-{0}-64-bit.zip' -f $env:GIT_VERSION, $env:GIT_PATCH_VERSION) ; ` diff --git a/8/windows/nanoserver-1809/Dockerfile b/8/windows/nanoserver-1809/Dockerfile index b723a05d3..836f0fb5f 100644 --- a/8/windows/nanoserver-1809/Dockerfile +++ b/8/windows/nanoserver-1809/Dockerfile @@ -40,7 +40,7 @@ COPY --from=core $JAVA_HOME $JAVA_HOME SHELL ["pwsh.exe", "-Command", "$ErrorActionPreference = 'Stop'; $ProgressPreference = 'SilentlyContinue';"] USER ContainerAdministrator -ARG GIT_VERSION=2.37.0 +ARG GIT_VERSION=2.37.1 ARG GIT_PATCH_VERSION=1 RUN [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12 ; ` $url = $('https://github.com/git-for-windows/git/releases/download/v{0}.windows.{1}/MinGit-{0}-64-bit.zip' -f $env:GIT_VERSION, $env:GIT_PATCH_VERSION) ; ` diff --git a/8/windows/windowsservercore-ltsc2019/Dockerfile b/8/windows/windowsservercore-ltsc2019/Dockerfile index 51ee1de8d..76855730c 100644 --- a/8/windows/windowsservercore-ltsc2019/Dockerfile +++ b/8/windows/windowsservercore-ltsc2019/Dockerfile @@ -26,7 +26,7 @@ FROM eclipse-temurin:8u332-b09-jdk-windowsservercore-1809 SHELL ["powershell", "-Command", "$ErrorActionPreference = 'Stop'; $ProgressPreference = 'SilentlyContinue';"] -ARG GIT_VERSION=2.37.0 +ARG GIT_VERSION=2.37.1 ARG GIT_PATCH_VERSION=1 RUN [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12 ; ` $url = $('https://github.com/git-for-windows/git/releases/download/v{0}.windows.{1}/MinGit-{0}-64-bit.zip' -f $env:GIT_VERSION, $env:GIT_PATCH_VERSION) ; `