[ANNOUNCE] Git for Windows 2.50.1
12 views
Skip to first unread message
Johannes Schindelin
Jul 8, 2025, 2:10:10 PMJul 8
to g...@vger.kernel.org, git-pa...@googlegroups.com
Dear Git users,
I hereby announce that Git for Windows 2.50.1 is available from:
https://gitforwindows.org/
Changes since Git for Windows v2.50.0(2) (July 1st 2025):
This is a security fix release, addressing CVE-2024-50349,
CVE-2024-52006, CVE-2025-27613, CVE-2025-27614, CVE-2025-46334,
CVE-2025-46835, CVE-2025-48384, CVE-2025-48385, and CVE-2025-48386.
New Features
* Comes with Git v2.50.1.
Bug Fixes
* CVE-2025-27613, Gitk: When a user clones an untrusted repository
and runs Gitk without additional command arguments, any writable
file can be created and truncated. The option "Support per-file
encoding" must have been enabled. The operation "Show origin of
this line" is affected as well, regardless of the option being
enabled or not.
* CVE-2025-27614, Gitk: A Git repository can be crafted in such a way
that a user who has cloned the repository can be tricked into
running any script supplied by the attacker by invoking gitk
filename, where filename has a particular structure.
* CVE-2025-46334, Git GUI (Windows only): A malicious repository can
ship versions of sh.exe or typical textconv filter programs such as
astextplain. On Windows, path lookup can find such executables in
the worktree. These programs are invoked when the user selects "Git
Bash" or "Browse Files" from the menu.
* CVE-2025-46835, Git GUI: When a user clones an untrusted repository
and is tricked into editing a file located in a maliciously named
directory in the repository, then Git GUI can create and overwrite
any writable file.
* CVE-2025-48384, Git: When reading a config value, Git strips any
trailing carriage return and line feed (CRLF). When writing a
config entry, values with a trailing CR are not quoted, causing the
CR to be lost when the config is later read. When initializing a
submodule, if the submodule path contains a trailing CR, the
altered path is read resulting in the submodule being checked out
to an incorrect location. If a symlink exists that points the
altered path to the submodule hooks directory, and the submodule
contains an executable post-checkout hook, the script may be
unintentionally executed after checkout.
* CVE-2025-48385, Git: When cloning a repository Git knows to
optionally fetch a bundle advertised by the remote server, which
allows the server-side to offload parts of the clone to a CDN. The
Git client does not perform sufficient validation of the advertised
bundles, which allows the remote side to perform protocol
injection. This protocol injection can cause the client to write
the fetched bundle to a location controlled by the adversary. The
fetched content is fully controlled by the server, which can in the
worst case lead to arbitrary code execution.
* CVE-2025-48386, Git: The wincred credential helper uses a static
buffer (target) as a unique key for storing and comparing against
internal storage. This credential helper does not properly bounds
check the available space remaining in the buffer before appending
to it with wcsncat(), leading to potential buffer overflows.
Note: As a courtesy, this release includes a last, unplanned, "after
warranty" 32-bit installer.
Git-2.50.1-64-bit.exe | 47fe1d46dbb7111f6693b04a8bd95fc869ce2062df7b4822b52849548fb457e4
Git-2.50.1-arm64.exe | 26e71db68bf5dd2ad47e13a07fb050fa0e8ab7e9802401b32bb55f2626f15f55
Git-2.50.1-32-bit.exe | 5191529725d9f0c1ffe6feb23f3d72b7abe585be84e09cb2e6b353adb280d35b
PortableGit-2.50.1-64-bit.7z.exe | c45a7dfa2bde34059f6dbd85f49a95d73d5aea29305f51b79595e56e4f323a3d
PortableGit-2.50.1-arm64.7z.exe | fa1c1df0d8bc9ccd36105964cfd2e088b50f3db974906c926dd1a4d271e1f90b
PortableGit-2.50.1-32-bit.7z.exe | 7692d9af16b08150e28dae6c63106a46995fb44e5f4c85182ac7eb1b840543c5
MinGit-2.50.1-64-bit.zip | 6f672aebe9e488a246efd6875f9197dbc0d9a40100e218acc3877cba2b206c45
MinGit-2.50.1-arm64.zip | 25d45da2f84c5faae01e55129498b8466ad26966f775964be761f14f24d11d75
MinGit-2.50.1-32-bit.zip | d312bd9d9ff19bc85dd6dc46d3d1c10f63ab65f29a3d595b6376074025dc0809
MinGit-2.50.1-busybox-64-bit.zip | 6d586bf5093baf312cd8141bb59d150416ee89a8e58240d8c1e9ae31a4be7758
MinGit-2.50.1-busybox-32-bit.zip | 7d138de6edf6f001f131de55b02d97ca9e240c51a2ec61f631b0fe5e9f2b266b
Git-2.50.1-64-bit.tar.bz2 | 9131f40e26985205432a1aa8583b3a90b5a64f3c6cc9324b2b63f05cb3448222
Git-2.50.1-arm64.tar.bz2 | 1edc852521562483eebcf9fcb016ffe5936a93099088de52fcd9b082d289396c
Git-2.50.1-32-bit.tar.bz2 | 796d8f4fdd19c668e348d04390a3528df61cfc9864d1f276d9dc585a8a0ac82c
Ciao,
Johannes
I hereby announce that Git for Windows 2.50.1 is available from:
https://gitforwindows.org/
Changes since Git for Windows v2.50.0(2) (July 1st 2025):
This is a security fix release, addressing CVE-2024-50349,
CVE-2024-52006, CVE-2025-27613, CVE-2025-27614, CVE-2025-46334,
CVE-2025-46835, CVE-2025-48384, CVE-2025-48385, and CVE-2025-48386.
New Features
* Comes with Git v2.50.1.
Bug Fixes
* CVE-2025-27613, Gitk: When a user clones an untrusted repository
and runs Gitk without additional command arguments, any writable
file can be created and truncated. The option "Support per-file
encoding" must have been enabled. The operation "Show origin of
this line" is affected as well, regardless of the option being
enabled or not.
* CVE-2025-27614, Gitk: A Git repository can be crafted in such a way
that a user who has cloned the repository can be tricked into
running any script supplied by the attacker by invoking gitk
filename, where filename has a particular structure.
* CVE-2025-46334, Git GUI (Windows only): A malicious repository can
ship versions of sh.exe or typical textconv filter programs such as
astextplain. On Windows, path lookup can find such executables in
the worktree. These programs are invoked when the user selects "Git
Bash" or "Browse Files" from the menu.
* CVE-2025-46835, Git GUI: When a user clones an untrusted repository
and is tricked into editing a file located in a maliciously named
directory in the repository, then Git GUI can create and overwrite
any writable file.
* CVE-2025-48384, Git: When reading a config value, Git strips any
trailing carriage return and line feed (CRLF). When writing a
config entry, values with a trailing CR are not quoted, causing the
CR to be lost when the config is later read. When initializing a
submodule, if the submodule path contains a trailing CR, the
altered path is read resulting in the submodule being checked out
to an incorrect location. If a symlink exists that points the
altered path to the submodule hooks directory, and the submodule
contains an executable post-checkout hook, the script may be
unintentionally executed after checkout.
* CVE-2025-48385, Git: When cloning a repository Git knows to
optionally fetch a bundle advertised by the remote server, which
allows the server-side to offload parts of the clone to a CDN. The
Git client does not perform sufficient validation of the advertised
bundles, which allows the remote side to perform protocol
injection. This protocol injection can cause the client to write
the fetched bundle to a location controlled by the adversary. The
fetched content is fully controlled by the server, which can in the
worst case lead to arbitrary code execution.
* CVE-2025-48386, Git: The wincred credential helper uses a static
buffer (target) as a unique key for storing and comparing against
internal storage. This credential helper does not properly bounds
check the available space remaining in the buffer before appending
to it with wcsncat(), leading to potential buffer overflows.
Note: As a courtesy, this release includes a last, unplanned, "after
warranty" 32-bit installer.
Git-2.50.1-64-bit.exe | 47fe1d46dbb7111f6693b04a8bd95fc869ce2062df7b4822b52849548fb457e4
Git-2.50.1-arm64.exe | 26e71db68bf5dd2ad47e13a07fb050fa0e8ab7e9802401b32bb55f2626f15f55
Git-2.50.1-32-bit.exe | 5191529725d9f0c1ffe6feb23f3d72b7abe585be84e09cb2e6b353adb280d35b
PortableGit-2.50.1-64-bit.7z.exe | c45a7dfa2bde34059f6dbd85f49a95d73d5aea29305f51b79595e56e4f323a3d
PortableGit-2.50.1-arm64.7z.exe | fa1c1df0d8bc9ccd36105964cfd2e088b50f3db974906c926dd1a4d271e1f90b
PortableGit-2.50.1-32-bit.7z.exe | 7692d9af16b08150e28dae6c63106a46995fb44e5f4c85182ac7eb1b840543c5
MinGit-2.50.1-64-bit.zip | 6f672aebe9e488a246efd6875f9197dbc0d9a40100e218acc3877cba2b206c45
MinGit-2.50.1-arm64.zip | 25d45da2f84c5faae01e55129498b8466ad26966f775964be761f14f24d11d75
MinGit-2.50.1-32-bit.zip | d312bd9d9ff19bc85dd6dc46d3d1c10f63ab65f29a3d595b6376074025dc0809
MinGit-2.50.1-busybox-64-bit.zip | 6d586bf5093baf312cd8141bb59d150416ee89a8e58240d8c1e9ae31a4be7758
MinGit-2.50.1-busybox-32-bit.zip | 7d138de6edf6f001f131de55b02d97ca9e240c51a2ec61f631b0fe5e9f2b266b
Git-2.50.1-64-bit.tar.bz2 | 9131f40e26985205432a1aa8583b3a90b5a64f3c6cc9324b2b63f05cb3448222
Git-2.50.1-arm64.tar.bz2 | 1edc852521562483eebcf9fcb016ffe5936a93099088de52fcd9b082d289396c
Git-2.50.1-32-bit.tar.bz2 | 796d8f4fdd19c668e348d04390a3528df61cfc9864d1f276d9dc585a8a0ac82c
Ciao,
Johannes
Reply all
Reply to author
Forward
0 new messages