<div class="container">
<h1>Security update for git</h1>
<table class="table table-striped table-bordered">
<tbody>
<tr>
<th>Announcement ID:</th>
<td>SUSE-SU-2025:20721-1</td>
</tr>
<tr>
<th>Release Date:</th>
<td>2025-09-22T08:52:53Z</td>
</tr>
<tr>
<th>Rating:</th>
<td>critical</td>
</tr>
<tr>
<th>References:</th>
<td>
<ul>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1212476">bsc#1212476</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1219660">bsc#1219660</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1235600">bsc#1235600</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1235601">bsc#1235601</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1239989">bsc#1239989</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1245938">bsc#1245938</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1245939">bsc#1245939</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1245942">bsc#1245942</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1245943">bsc#1245943</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1245946">bsc#1245946</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1245947">bsc#1245947</a>
</li>
</ul>
</td>
</tr>
<tr>
<th>
Cross-References:
</th>
<td>
<ul>
<li style="display: inline;">
<a href="https://www.suse.com/security/cve/CVE-2024-24577.html">CVE-2024-24577</a>
</li>
<li style="display: inline;">
<a href="https://www.suse.com/security/cve/CVE-2024-50349.html">CVE-2024-50349</a>
</li>
<li style="display: inline;">
<a href="https://www.suse.com/security/cve/CVE-2024-52006.html">CVE-2024-52006</a>
</li>
<li style="display: inline;">
<a href="https://www.suse.com/security/cve/CVE-2025-27613.html">CVE-2025-27613</a>
</li>
<li style="display: inline;">
<a href="https://www.suse.com/security/cve/CVE-2025-27614.html">CVE-2025-27614</a>
</li>
<li style="display: inline;">
<a href="https://www.suse.com/security/cve/CVE-2025-46334.html">CVE-2025-46334</a>
</li>
<li style="display: inline;">
<a href="https://www.suse.com/security/cve/CVE-2025-46835.html">CVE-2025-46835</a>
</li>
<li style="display: inline;">
<a href="https://www.suse.com/security/cve/CVE-2025-48384.html">CVE-2025-48384</a>
</li>
<li style="display: inline;">
<a href="https://www.suse.com/security/cve/CVE-2025-48385.html">CVE-2025-48385</a>
</li>
<li style="display: inline;">
<a href="https://www.suse.com/security/cve/CVE-2025-48386.html">CVE-2025-48386</a>
</li>
</ul>
</td>
</tr>
<tr>
<th>CVSS scores:</th>
<td>
<ul class="list-group">
<li class="list-group-item">
<span class="cvss-reference">CVE-2024-24577</span>
<span class="cvss-source">
(
SUSE
):
</span>
<span class="cvss-score">8.6</span>
<span class="cvss-vector">CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L</span>
</li>
<li class="list-group-item">
<span class="cvss-reference">CVE-2024-24577</span>
<span class="cvss-source">
(
NVD
):
</span>
<span class="cvss-score">9.8</span>
<span class="cvss-vector">CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H</span>
</li>
<li class="list-group-item">
<span class="cvss-reference">CVE-2024-50349</span>
<span class="cvss-source">
(
SUSE
):
</span>
<span class="cvss-score">3.1</span>
<span class="cvss-vector">CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N</span>
</li>
<li class="list-group-item">
<span class="cvss-reference">CVE-2024-50349</span>
<span class="cvss-source">
(
NVD
):
</span>
<span class="cvss-score">2.1</span>
<span class="cvss-vector">CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:A/VC:N/VI:L/VA:N/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X</span>
</li>
<li class="list-group-item">
<span class="cvss-reference">CVE-2024-52006</span>
<span class="cvss-source">
(
SUSE
):
</span>
<span class="cvss-score">4.3</span>
<span class="cvss-vector">CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N</span>
</li>
<li class="list-group-item">
<span class="cvss-reference">CVE-2024-52006</span>
<span class="cvss-source">
(
NVD
):
</span>
<span class="cvss-score">2.1</span>
<span class="cvss-vector">CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X</span>
</li>
<li class="list-group-item">
<span class="cvss-reference">CVE-2025-27613</span>
<span class="cvss-source">
(
SUSE
):
</span>
<span class="cvss-score">5.7</span>
<span class="cvss-vector">CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:P/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N</span>
</li>
<li class="list-group-item">
<span class="cvss-reference">CVE-2025-27613</span>
<span class="cvss-source">
(
SUSE
):
</span>
<span class="cvss-score">5.5</span>
<span class="cvss-vector">CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N</span>
</li>
<li class="list-group-item">
<span class="cvss-reference">CVE-2025-27613</span>
<span class="cvss-source">
(
NVD
):
</span>
<span class="cvss-score">3.6</span>
<span class="cvss-vector">CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N</span>
</li>
<li class="list-group-item">
<span class="cvss-reference">CVE-2025-27614</span>
<span class="cvss-source">
(
SUSE
):
</span>
<span class="cvss-score">7.1</span>
<span class="cvss-vector">CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N</span>
</li>
<li class="list-group-item">
<span class="cvss-reference">CVE-2025-27614</span>
<span class="cvss-source">
(
SUSE
):
</span>
<span class="cvss-score">7.8</span>
<span class="cvss-vector">CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H</span>
</li>
<li class="list-group-item">
<span class="cvss-reference">CVE-2025-27614</span>
<span class="cvss-source">
(
NVD
):
</span>
<span class="cvss-score">8.6</span>
<span class="cvss-vector">CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H</span>
</li>
<li class="list-group-item">
<span class="cvss-reference">CVE-2025-46334</span>
<span class="cvss-source">
(
NVD
):
</span>
<span class="cvss-score">8.6</span>
<span class="cvss-vector">CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H</span>
</li>
<li class="list-group-item">
<span class="cvss-reference">CVE-2025-46835</span>
<span class="cvss-source">
(
SUSE
):
</span>
<span class="cvss-score">6.7</span>
<span class="cvss-vector">CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N</span>
</li>
<li class="list-group-item">
<span class="cvss-reference">CVE-2025-46835</span>
<span class="cvss-source">
(
SUSE
):
</span>
<span class="cvss-score">5.5</span>
<span class="cvss-vector">CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N</span>
</li>
<li class="list-group-item">
<span class="cvss-reference">CVE-2025-46835</span>
<span class="cvss-source">
(
NVD
):
</span>
<span class="cvss-score">8.5</span>
<span class="cvss-vector">CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:L</span>
</li>
<li class="list-group-item">
<span class="cvss-reference">CVE-2025-48384</span>
<span class="cvss-source">
(
SUSE
):
</span>
<span class="cvss-score">7.3</span>
<span class="cvss-vector">CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N</span>
</li>
<li class="list-group-item">
<span class="cvss-reference">CVE-2025-48384</span>
<span class="cvss-source">
(
SUSE
):
</span>
<span class="cvss-score">7.8</span>
<span class="cvss-vector">CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H</span>
</li>
<li class="list-group-item">
<span class="cvss-reference">CVE-2025-48384</span>
<span class="cvss-source">
(
NVD
):
</span>
<span class="cvss-score">8.0</span>
<span class="cvss-vector">CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H</span>
</li>
<li class="list-group-item">
<span class="cvss-reference">CVE-2025-48385</span>
<span class="cvss-source">
(
SUSE
):
</span>
<span class="cvss-score">8.5</span>
<span class="cvss-vector">CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N</span>
</li>
<li class="list-group-item">
<span class="cvss-reference">CVE-2025-48385</span>
<span class="cvss-source">
(
SUSE
):
</span>
<span class="cvss-score">7.8</span>
<span class="cvss-vector">CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H</span>
</li>
<li class="list-group-item">
<span class="cvss-reference">CVE-2025-48385</span>
<span class="cvss-source">
(
NVD
):
</span>
<span class="cvss-score">8.6</span>
<span class="cvss-vector">CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X</span>
</li>
<li class="list-group-item">
<span class="cvss-reference">CVE-2025-48386</span>
<span class="cvss-source">
(
SUSE
):
</span>
<span class="cvss-score">6.8</span>
<span class="cvss-vector">CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N</span>
</li>
<li class="list-group-item">
<span class="cvss-reference">CVE-2025-48386</span>
<span class="cvss-source">
(
SUSE
):
</span>
<span class="cvss-score">5.5</span>
<span class="cvss-vector">CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N</span>
</li>
<li class="list-group-item">
<span class="cvss-reference">CVE-2025-48386</span>
<span class="cvss-source">
(
NVD
):
</span>
<span class="cvss-score">6.3</span>
<span class="cvss-vector">CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N</span>
</li>
</ul>
</td>
</tr>
<tr>
<th>Affected Products:</th>
<td>
<ul class="list-group">
<li class="list-group-item">SUSE Linux Micro 6.0</li>
</ul>
</td>
</tr>
</tbody>
</table>
<p>An update that solves 10 vulnerabilities and has one fix can now be installed.</p>
<h2>Description:</h2>
<p>This update for git fixes the following issues:</p>
<ul>
<li>
<p>Update to 2.51.0</p>
</li>
<li>
<p>UI, Workflows & Features</p>
<ul>
<li>Userdiff patterns for the R language have been added.</li>
<li>Documentation for "git send-email" has been updated with a
bit more credential helper and OAuth information.</li>
<li>"git cat-file --batch" learns to understand %(objectmode)
atom to allow the caller to tell missing objects (due to
repository corruption) and submodules (whose commit objects
are OK to be missing) apart.</li>
<li>"git diff --no-index dirA dirB" can limit the comparison with
pathspec at the end of the command line, just like normal
"git diff".</li>
<li>"git subtree" (in contrib/) learned to grok GPG signing its
commits.</li>
<li>"git whatchanged" that is longer to type than "git log --raw"
which is its modern rough equivalent has outlived its
usefulness more than 10 years ago. Plan to deprecate and
remove it.</li>
<li>An interchange format for stash entries is defined, and
subcommand of "git stash" to import/export has been added.</li>
<li>"git merge/pull" has been taught the "--compact-summary"
option to use the compact-summary format, intead of diffstat,
when showing the summary of the incoming changes.</li>
<li>"git imap-send" has been broken for a long time, which has
been resurrected and then taught to talk OAuth2.0 etc.</li>
<li>Some error messages from "git imap-send" has been updated.</li>
<li>When "git daemon" sees a signal while attempting to accept()
a new client, instead of retrying, it skipped it by mistake,
which has been corrected.</li>
<li>The reftable ref backend has matured enough; Git 3.0 will
make it the default format in a newly created repositories by
default.</li>
<li>"netrc" credential helper has been improved to understand
textual service names (like smtp) in addition to the numeric
port numbers (like 25).</li>
<li>Lift the limitation to use changed-path filter in "git log"
so that it can be used for a pathspec with multiple literal
paths.</li>
<li>Clean up the way how signature on commit objects are exported
to and imported from fast-import stream.</li>
<li>Remove unsupported, unused, and unsupportable old option from
"git log".</li>
<li>Document recently added "git imap-send --list" with an
example.</li>
<li>"git pull" learned to pay attention to pull.autostash
configuration variable, which overrides
rebase/merge.autostash.</li>
<li>"git for-each-ref" learns "--start-after" option to help
applications that want to page its output.</li>
<li>"git switch" and "git restore" are declared to be no longer
experimental.</li>
<li>"git -c alias.foo=bar foo -h baz" reported "'foo' is aliased
to 'bar'" and then went on to run "git foo -h baz", which was
unexpected. Tighten the rule so that alias expansion is
reported only when "-h" is the sole option.</li>
</ul>
</li>
<li>
<p>Performance, Internal Implementation, Development Support etc.</p>
<ul>
<li>"git pack-objects" learned to find delta bases from blobs at
the same path, using the --path-walk API.</li>
<li>CodingGuidelines update.</li>
<li>Add settings for Solaris 10 & 11.</li>
<li>Meson-based build/test framework now understands TAP output
generated by our tests.</li>
<li>"Do not explicitly initialize to zero" rule has been
clarified in the CodingGuidelines document.</li>
<li>A test helper "test_seq" function learned the "-f <fmt>"
option, which allowed us to simplify a lot of test scripts.</li>
<li>A lot of stale stuff has been removed from the contrib/
hierarchy.</li>
<li>"git push" and "git fetch" are taught to update refs in
batches to gain performance.</li>
<li>Some code paths in "git prune" used to ignore the passed-in
repository object and used the <code>the_repository</code> singleton
instance instead, which has been corrected.</li>
<li>Update ".clang-format" and ".editorconfig" to match our style
guide a bit better.</li>
<li>"make coccicheck" succeeds even when spatch made suggestions,
which has been updated to fail in such a case.</li>
<li>Code clean-up around object access API.</li>
<li>Define .precision to more canned parse-options type to avoid
bugs coming from using a variable with a wrong type to
capture the parsed values.</li>
<li>Flipping the default hash function to SHA-256 at Git 3.0
boundary is planned.</li>
<li>Declare weather-balloon we raised for "bool" type 18 months
ago a success and officially allow using the type in our
codebase.</li>
<li>GIT_TEST_INSTALLED was not honored in the recent topic
related to SHA256 hashes, which has been corrected.</li>
<li>The pop_most_recent_commit() function can have quite
expensive worst case performance characteristics, which has
been optimized by using prio-queue data structure.</li>
<li>Move structure definition from unrelated header file to where
it belongs.</li>
<li>To help our developers, document what C99 language features
are being considered for adoption, in addition to what past
experiments have already decided.</li>
<li>The reftable unit tests are now ported to the "clar" unit
testing framework.</li>
<li>Redefine where the multi-pack-index sits in the object
subsystem, which recently was restructured to allow multiple
backends that support a single object source that belongs to
one repository. A MIDX does span multiple "object sources".</li>
<li>Reduce implicit assumption and dependence on the_repository
in the object-file subsystem.</li>
</ul>
</li>
<li>
<p>Fixes since v2.50 Unless otherwise noted, all the changes in
2.50.X maintenance track, including security updates, are
included in this release.</p>
<ul>
<li>A memory-leak in an error code path has been plugged.</li>
<li>Some leftover references to documentation source files that
no longer exist, due to recent ".txt" -> ".adoc" renaming,
have been corrected.</li>
<li>"git stash -p <pathspec>" improvements. </li>
<li>"git send-email" incremented its internal message counter
when a message was edited, which made logic that treats the
first message specially misbehave, which has been corrected.</li>
<li>"git stash" recorded a wrong branch name when submodules are
present in the current checkout, which has been corrected.</li>
<li>When asking to apply mailmap to both author and committer
field while showing a commit object, the field that appears
later was not correctly parsed and replaced, which has been
corrected.</li>
<li>"git maintenance" lacked the care "git gc" had to avoid
holding onto the repository lock for too long during packing
refs, which has been remedied.</li>
<li>Avoid regexp_constraint and instead use comparison_constraint
when listing functions to exclude from application of
coccinelle rules, as spatch can be built with different
regexp engine X-<.</li>
<li>Updating submodules from the upstream did not work well when
submodule's HEAD is detached, which has been improved. </li>
<li>Remove unnecessary check from "git daemon" code. (merge
0c856224d2 cb/daemon-fd-check-fix later to maint).</li>
<li>Use of sysctl() system call to learn the total RAM size used
on BSDs has been corrected.</li>
<li>Drop FreeBSD 4 support and declare that we support only
FreeBSD 12 or later, which has memmem() supported.</li>
<li>A diff-filter with negative-only specification like "git log
--diff-filter=d" did not trigger correctly, which has been
fixed.</li>
<li>A failure to open the index file for writing due to
conflicting access did not state what went wrong, which has
been corrected.</li>
<li>Tempfile removal fix in the codepath to sign commits with SSH
keys.</li>
<li>Code and test clean-up around string-list API.</li>
<li>"git apply -N" should start from the current index and
register only new files, but it instead started from an empty
index, which has been corrected.</li>
<li>Leakfix with a new and a bit invasive test on pack-bitmap
files.</li>
<li>"git fetch --prune" used to be O(n^2) expensive when there
are many refs, which has been corrected.</li>
<li>When a ref creation at refs/heads/foo/bar fails, the files
backend now removes refs/heads/foo/ if the directory is
otherwise not used.</li>
<li>"pack-objects" has been taught to avoid pointing into objects
in cruft packs from midx.</li>
<li>"git remote" now detects remote names that overlap with each
other (e.g., remote nickname "outer" and "outer/inner" are
used at the same time), as it will lead to overlapping
remote-tracking branches.</li>
<li>The gpg.program configuration variable, which names a
pathname to the (custom) GPG compatible program, can now be
spelled with ~tilde expansion.</li>
<li>Our <sane-ctype.h> header file relied on that the
system-supplied <ctype.h> header is not later included, which
would override our macro definitions, but "amazon linux"
broke this assumption. Fix this by preemptively including
<ctype.h> near the beginning of <sane-ctype.h> ourselves.
(merge 9d3b33125f ps/sane-ctype-workaround later to maint).</li>
<li>Clean-up compat/bswap.h mess. (merge f4ac32c03a
ss/compat-bswap-revamp later to maint).</li>
<li>Meson-based build did not handle libexecdir setting
correctly, which has been corrected. (merge 056dbe8612
rj/meson-libexecdir-fix later to maint).</li>
<li>Document that we do not require "real" name when signing your
patches off. (merge 1f0fed312a
bc/contribution-under-non-real-names later to maint).</li>
<li>"git commit" that concludes a conflicted merge failed to
notice and remove existing comment added automatically (like
"# Conflicts:") when the core.commentstring is set to 'auto'.
(merge 92b7c7c9f5 ac/auto-comment-char-fix later to maint).</li>
<li>"git rebase -i" with bogus rebase.instructionFormat
configuration failed to produce the todo file after recording
the state files, leading to confused "git status"; this has
been corrected. (merge ade14bffd7
ow/rebase-verify-insn-fmt-before-initializing-state later to
maint).</li>
<li>A few file descriptors left unclosed upon program completion
in a few test helper programs are now closed. (merge
0f1b33815b hl/test-helper-fd-close later to maint).</li>
<li>Interactive prompt code did not correctly strip CRLF from the
end of line on Windows. (merge 711a20827b js/prompt-crlf-fix
later to maint).</li>
<li>The config API had a set of convenience wrapper functions
that implicitly use the_repository instance; they have been
removed and inlined at the calling sites.</li>
<li>"git add/etc -p" now honor the diff.context configuration
variable, and also they learn to honor the -U<n> command-line
option. (merge 2b3ae04011 lm/add-p-context later to maint).</li>
<li>The case where a new submodule takes a path where there used
to be a completely different subproject is now dealt with a
bit better than before. (merge 5ed8c5b465
kj/renamed-submodule later to maint).</li>
<li>The deflate codepath in "git archive --format=zip" had a
longstanding bug coming from misuse of zlib API, which has
been corrected.</li>
</ul>
</li>
<li>
<p>Update to 2.50.1:</p>
</li>
<li>
<p>CVE-2025-27613: Fixed arbitrary writable file creation and
truncation in Gitk (bsc#1245938)</p>
</li>
<li>CVE-2025-27614: Fixed arbitrary script execution via repo
clonation in gitk (bsc#1245939)</li>
<li>CVE-2025-46835: Fixed untrusted repository cloning leading
to arbitrary writable file creation in Git GUI (bsc#1245942)</li>
<li>CVE-2025-48384: Fixed CRLF transforming (bsc#1245943)</li>
<li>CVE-2025-48385: Fixed arbitrary code execution due to protocol
injection (bsc#1245946)</li>
<li>
<p>CVE-2025-48386: Fixed buffer overflow in static buffer (bsc#1245947)</p>
</li>
<li>
<p>Update to 2.48.1:</p>
</li>
<li>
<p>CVE-2024-50349: Fixed password leak (bsc#1235600)</p>
</li>
<li>
<p>CVE-2024-52006: Fixed Carriage Returns via the credential
protocol to credential helpers (bsc#1235601)</p>
</li>
<li>
<p>Update to 2.48.0:</p>
</li>
<li>
<p>Reference consistency checks: git refs verify</p>
</li>
<li>Reflogs can now be migrated with git refs migrate</li>
<li>git is free of memory leaks as covered by the test suite</li>
<li>
<p>Performance improvements</p>
</li>
<li>
<p>Update to 2.47.1:</p>
</li>
<li>
<p>Use after free and double freeing at the end in
"git log -L... -p" had been identified and fixed.</p>
</li>
<li>"git maintenance start" crashed due to an uninitialized
variable reference, which has been corrected.</li>
<li>Fail gracefully instead of crashing when attempting to write
the contents of a corrupt in-core index as a tree object.</li>
<li>A "git fetch" from the superproject going down to a submodule
used a wrong remote when the default remote names are set
differently between them.</li>
<li>
<p>The "gitk" project tree has been synchronized again</p>
</li>
<li>
<p>Update to 2.47.0:</p>
</li>
<li>
<p>A few descriptions in "git show-ref -h" have been clarified.</p>
</li>
<li>A 'P' command to "git add -p" that passes the patch hunk to the
pager has been added.</li>
<li>"git grep -W" omits blank lines that follow the found function at
the end of the file, just like it omits blank lines before the next
function.</li>
<li>The value of http.proxy can have "path" at the end for a socks
proxy that listens to a unix-domain socket, but we started to
discard it when we taught proxy auth code path to use the
credential helpers, which has been corrected.</li>
<li>The code paths to compact multiple reftable files have been updated
to correctly deal with multiple compaction triggering at the same
time.</li>
<li>Support to specify ref backend for submodules has been enhanced.</li>
<li>"git svn" has been taught about svn:global-ignores property
recent versions of Subversion has.</li>
<li>The default object hash and ref backend format used to be settable
only with explicit command line option to "git init" and
environment variables, but now they can be configured in the user's
global and system wide configuration.</li>
<li>"git send-email" learned "--translate-aliases" option that reads
addresses from the standard input and emits the result of applying
aliases on them to the standard output.</li>
<li>'git for-each-ref' learned a new "--format" atom to find the branch
that the history leading to a given commit "%(is-base:<commit>)" is
likely based on.</li>
<li>The command line prompt support used to be littered with bash-isms,
which has been corrected to work with more shells.</li>
<li>Support for the RUNTIME_PREFIX feature has been added to z/OS port.</li>
<li>"git send-email" learned "--mailmap" option to allow rewriting the
recipient addresses.</li>
<li>"git mergetool" learned to use VSCode as a merge backend.</li>
<li>"git pack-redundant" has been marked for removal in Git 3.0.</li>
<li>One-line messages to "die" and other helper functions will get LF
added by these helper functions, but many existing messages had an
unnecessary LF at the end, which have been corrected.</li>
<li>The "scalar clone" command learned the "--no-tags" option.</li>
<li>The environment GIT_ADVICE has been intentionally kept undocumented
to discourage its use by interactive users. Add documentation to
help tool writers.</li>
<li>
<p>"git apply --3way" learned to take "--ours" and other options.</p>
</li>
<li>
<p>Update to version 2.46.2:</p>
</li>
<li>
<p>Revert the "git patch-id" change that went into 2.46.1,
as it seems to have got a regression reported (I haven't verified,
but it is better to keep a known breakage than adding an unintended
regression).</p>
</li>
<li>In a few corner cases "git diff --exit-code" failed to report
"changes" (e.g., renamed without any content change), which has
been corrected.</li>
<li>
<p>The interpret-trailers command failed to recognise the end of the
message when the commit log ends in an incomplete line.</p>
</li>
<li>
<p>Update to version 2.46.1;</p>
</li>
<li>
<p>"git checkout --ours" (no other arguments) complained that the
option is incompatible with branch switching, which is technically
correct, but found confusing by some users. It now says that the
user needs to give pathspec to specify what paths to checkout.</p>
</li>
<li>It has been documented that we avoid "VAR=VAL shell_func" and why.</li>
<li>"git add -p" by users with diff.suppressBlankEmpty set to true
failed to parse the patch that represents an unmodified empty line
with an empty line (not a line with a single space on it), which
has been corrected.</li>
<li>"git rebase --help" referred to "offset" (the difference between
the location a change was taken from and the change gets replaced)
incorrectly and called it "fuzz", which has been corrected.</li>
<li>"git notes add -m '' --allow-empty" and friends that take prepared
data to create notes should not invoke an editor, but it started
doing so since Git 2.42, which has been corrected.</li>
<li>An expensive operation to prepare tracing was done in re-encoding
code path even when the tracing was not requested, which has been
corrected.</li>
<li>Perforce tests have been updated.</li>
<li>The credential helper to talk to OSX keychain sometimes sent
garbage bytes after the username, which has been corrected.</li>
<li>A recent update broke "git ls-remote" used outside a repository,
which has been corrected.</li>
<li>"git config --value=foo --fixed-value section.key newvalue" barfed
when the existing value in the configuration file used the
valueless true syntax, which has been corrected.</li>
<li>"git reflog expire" failed to honor annotated tags when computing
reachable commits.</li>
<li>A flakey test and incorrect calls to strtoX() functions have been
fixed.</li>
<li>Follow-up on 2.45.1 regression fix.</li>
<li>"git rev-list ... | git diff-tree -p --remerge-diff --stdin" should
behave more or less like "git log -p --remerge-diff" but instead it
crashed, forgetting to prepare a temporary object store needed.</li>
<li>The patch parser in "git patch-id" has been tightened to avoid
getting confused by lines that look like a patch header in the log
message.</li>
<li>"git bundle unbundle" outside a repository triggered a BUG()
unnecessarily, which has been corrected.</li>
<li>The code forgot to discard unnecessary in-core commit buffer data
for commits that "git log --skip=<number>" traversed but omitted
from the output, which has been corrected.</li>
<li>"git verify-pack" and "git index-pack" started dying outside a
repository, which has been corrected.</li>
<li>
<p>A corner case bug in "git stash" was fixed.</p>
</li>
<li>
<p>Change less requirement to path to allow for use with BusyBox</p>
</li>
<li>
<p>Update to 2.46.0</p>
</li>
</ul>
<p>UI, Workflows & Features
* The "--rfc" option of "git format-patch" learned to take an
optional string value to be used in place of "RFC" to tweak the
"[PATCH]" on the subject header.
* The credential helper protocol, together with the HTTP layer, have
been enhanced to support authentication schemes different from
username & password pair, like Bearer and NTLM.
* Command line completion script (in contrib/) learned to complete
"git symbolic-ref" a bit better (you need to enable plumbing
commands to be completed with GIT_COMPLETION_SHOW_ALL_COMMANDS).
* When the user responds to a prompt given by "git add -p" with an
unsupported command, list of available commands were given, which
was too much if the user knew what they wanted to type but merely
made a typo. Now the user gets a much shorter error message.
* The color parsing code learned to handle 12-bit RGB colors, spelled
as "#RGB" (in addition to "#RRGGBB" that is already supported).
* The operation mode options (like "--get") the "git config" command
uses have been deprecated and replaced with subcommands (like "git
config get").
* "git tag" learned the "--trailer" option to futz with the trailers
in the same way as "git commit" does.
* A new global "--no-advice" option can be used to disable all advice
messages, which is meant to be used only in scripts.
* Updates to symbolic refs can now be made as a part of ref
transaction.
* The trailer API has been reshuffled a bit.
* Terminology to call various ref-like things are getting
straightened out.
* The command line completion script (in contrib/) has been adjusted
to the recent update to "git config" that adopted subcommand based
UI.
* The knobs to tweak how reftable files are written have been made
available as configuration variables.
* When "git push" notices that the commit at the tip of the ref on
the other side it is about to overwrite does not exist locally, it
used to first try fetching it if the local repository is a partial
clone. The command has been taught not to do so and immediately
fail instead.
* The promisor.quiet configuration knob can be set to true to make
lazy fetching from promisor remotes silent.
* The inter/range-diff output has been moved to the end of the patch
when format-patch adds it to a single patch, instead of writing it
before the patch text, to be consistent with what is done for a
cover letter for a multi-patch series.
* A new command has been added to migrate a repository that uses the
files backend for its ref storage to use the reftable backend, with
limitations.
* "git diff --exit-code --ext-diff" learned to take the exit status
of the external diff driver into account when deciding the exit
status of the overall "git diff" invocation when configured to do
so.
* "git update-ref --stdin" learned to handle transactional updates of
symbolic-refs.
* "git format-patch --interdiff" for multi-patch series learned to
turn on cover letters automatically (unless told never to enable
cover letter with "--no-cover-letter" and such).
* The "--heads" option of "ls-remote" and "show-ref" has been been
deprecated; "--branches" replaces "--heads".
* For over a year, setting add.interactive.useBuiltin configuration
variable did nothing but giving a "this does not do anything"
warning. The warning has been removed.
* The http transport can now be told to send request with
authentication material without first getting a 401 response.
* A handful of entries are added to the GitFAQ document.
* "git var GIT_SHELL_PATH" should report the path to the shell used
to spawn external commands, but it didn't do so on Windows, which
has been corrected.
Performance, Internal Implementation, Development Support etc.
* Advertise "git contacts", a tool for newcomers to find people to
ask review for their patches, a bit more in our developer
documentation.
* In addition to building the objects needed, try to link the objects
that are used in fuzzer tests, to make sure at least they build
without bitrot, in Linux CI runs.
* Code to write out reftable has seen some optimization and
simplification.
* Tests to ensure interoperability between reftable written by jgit
and our code have been added and enabled in CI.
* The singleton index_state instance "the_index" has been eliminated
by always instantiating "the_repository" and replacing references
to "the_index" with references to its .index member.
* Git-GUI has a new maintainer, Johannes Sixt.
* The "test-tool" has been taught to run testsuite tests in parallel,
bypassing the need to use the "prove" tool.
* The "whitespace check" task that was enabled for GitHub Actions CI
has been ported to GitLab CI.
* The refs API lost functions that implicitly assumes to work on the
primary ref_store by forcing the callers to pass a ref_store as an
argument.
* Code clean-up to reduce inter-function communication inside
builtin/config.c done via the use of global variables.
* The pack bitmap code saw some clean-up to prepare for a follow-up topic.
* Preliminary code clean-up for "git send-email".
* The default "creation-factor" used by "git format-patch" has been
raised to make it more aggressively find matching commits.
* Before discovering the repository details, We used to assume SHA-1
as the "default" hash function, which has been corrected. Hopefully
this will smoke out codepaths that rely on such an unwarranted
assumptions.
* The project decision making policy has been documented.
* The strcmp-offset tests have been rewritten using the unit test
framework.
* "git add -p" learned to complain when an answer with more than one
letter is given to a prompt that expects a single letter answer.
* The alias-expanded command lines are logged to the trace output.
* A new test was added to ensure git commands that are designed to
run outside repositories do work.
* A few tests in reftable library have been rewritten using the
unit test framework.
* A pair of test helpers that essentially are unit tests on hash
algorithms have been rewritten using the unit-tests framework.
* A test helper that essentially is unit tests on the "decorate"
logic has been rewritten using the unit-tests framework.
* Many memory leaks in the sparse-checkout code paths have been
plugged.
* "make check-docs" noticed problems and reported to its output but
failed to signal its findings with its exit status, which has been
corrected.
* Building with "-Werror -Wwrite-strings" is now supported.
* To help developers, the build procedure now allows builders to use
CFLAGS_APPEND to specify additional CFLAGS.
* "oidtree" tests were rewritten to use the unit test framework.
* The structure of the document that records longer-term project
decisions to deprecate/remove/update various behaviour has been
outlined.
* The pseudo-merge reachability bitmap to help more efficient storage
of the reachability bitmap in a repository with too many refs has
been added.
* When "git merge" sees that the index cannot be refreshed (e.g. due
to another process doing the same in the background), it died but
after writing MERGE_HEAD etc. files, which was useless for the
purpose to recover from the failure.
* The output from "git cat-file --batch-check" and "--batch-command
(info)" should not be unbuffered, for which some tests have been
added.
* A CPP macro USE_THE_REPOSITORY_VARIABLE is introduced to help
transition the codebase to rely less on the availability of the
singleton the_repository instance.
* "git version --build-options" reports the version information of
OpenSSL and other libraries (if used) in the build.
* Memory ownership rules for the in-core representation of
remote.*.url configuration values have been straightened out, which
resulted in a few leak fixes and code clarification.
* When bundleURI interface fetches multiple bundles, Git failed to
take full advantage of all bundles and ended up slurping duplicated
objects, which has been corrected.
* The code to deal with modified paths that are out-of-cone in a
sparsely checked out working tree has been optimized.
* An existing test of oidmap API has been rewritten with the
unit-test framework.
* The "ort" merge backend saw one bugfix for a crash that happens
when inner merge gets killed, and assorted code clean-ups.
* A new warning message is issued when a command has to expand a
sparse index to handle working tree cruft that are outside of the
sparse checkout.
* The test framework learned to take the test body not as a single
string but as a here-document.
* "git push '' HEAD:there" used to hit a BUG(); it has been corrected
to die with "fatal: bad repository ''".
* What happens when http.cookieFile gets the special value "" has
been clarified in the documentation.
Fixes
* "git rebase --signoff" used to forget that it needs to add a
sign-off to the resulting commit when told to continue after a
conflict stops its operation.
* The procedure to build multi-pack-index got confused by the
replace-refs mechanism, which has been corrected by disabling the
latter.
* The "-k" and "--rfc" options of "format-patch" will now error out
when used together, as one tells us not to add anything to the
title of the commit, and the other one tells us to add "RFC" in
addition to "PATCH".
* "git stash -S" did not handle binary files correctly, which has
been corrected.
* A scheduled "git maintenance" job is expected to work on all
repositories it knows about, but it stopped at the first one that
errored out. Now it keeps going.
* zsh can pretend to be a normal shell pretty well except for some
glitches that we tickle in some of our scripts. Work them around
so that "vimdiff" and our test suite works well enough with it.
* Command line completion support for zsh (in contrib/) has been
updated to stop exposing internal state to end-user shell
interaction.
* Tests that try to corrupt in-repository files in chunked format did
not work well on macOS due to its broken "mv", which has been
worked around.
* The maximum size of attribute files is enforced more consistently.
* Unbreak CI jobs so that we do not attempt to use Python 2 that has
been removed from the platform.
* Git 2.43 started using the tree of HEAD as the source of attributes
in a bare repository, which has severe performance implications.
For now, revert the change, without ripping out a more explicit
support for the attr.tree configuration variable.
* The "--exit-code" option of "git diff" command learned to work with
the "--ext-diff" option.
* Windows CI running in GitHub Actions started complaining about the
order of arguments given to calloc(); the imported regex code uses
the wrong order almost consistently, which has been corrected.
* Expose "name conflict" error when a ref creation fails due to D/F
conflict in the ref namespace, to improve an error message given by
"git fetch".
(merge 9339fca23e it/refs-name-conflict later to maint).
* The SubmittingPatches document now refers folks to manpages
translation project.
* The documentation for "git diff --name-only" has been clarified
that it is about showing the names in the post-image tree.
* The credential helper that talks with osx keychain learned to avoid
storing back the authentication material it just got received from
the keychain.
(merge e1ab45b2da kn/osxkeychain-skip-idempotent-store later to maint).
* The chainlint script (invoked during "make test") did nothing when
it failed to detect the number of available CPUs. It now falls
back to 1 CPU to avoid the problem.
* Revert overly aggressive "layered defence" that went into 2.45.1
and friends, which broke "git-lfs", "git-annex", and other use
cases, so that we can rebuild necessary counterparts in the open.
* "git init" in an already created directory, when the user
configuration has includeif.onbranch, started to fail recently,
which has been corrected.
* Memory leaks in "git mv" has been plugged.
* The safe.directory configuration knob has been updated to
optionally allow leading path matches.
* An overly large ".gitignore" files are now rejected silently.
* Upon expiration event, the credential subsystem forgot to clear
in-core authentication material other than password (whose support
was added recently), which has been corrected.
* Fix for an embarrassing typo that prevented Python2 tests from running
anywhere.
* Varargs functions that are unannotated as printf-like or execl-like
have been annotated as such.
* "git am" has a safety feature to prevent it from starting a new
session when there already is a session going. It reliably
triggers when a mbox is given on the command line, but it has to
rely on the tty-ness of the standard input. Add an explicit way to
opt out of this safety with a command line option.
(merge 62c71ace44 jk/am-retry later to maint).
* A leak in "git imap-send" that somehow escapes LSan has been
plugged.
* Setting core.abbrev too early before the repository set-up
(typically in "git clone") caused segfault, which as been
corrected.
* When the user adds to "git rebase -i" instruction to "pick" a merge
commit, the error experience is not pleasant. Such an error is now
caught earlier in the process that parses the todo list.
* We forgot to normalize the result of getcwd() to NFC on macOS where
all other paths are normalized, which has been corrected. This still
does not address the case where core.precomposeUnicode configuration
is not defined globally.
* Earlier we stopped using the tree of HEAD as the default source of
attributes in a bare repository, but failed to document it. This
has been corrected.
* "git update-server-info" and "git commit-graph --write" have been
updated to use the tempfile API to avoid leaving cruft after
failing.
* An unused extern declaration for mingw has been removed to prevent
it from causing build failure.
* A helper function shared between two tests had a copy-paste bug,
which has been corrected.
* "git fetch-pack -k -k" without passing "--lock-pack" (which we
never do ourselves) did not work at all, which has been corrected.
* CI job to build minimum fuzzers learned to pass NO_CURL=NoThanks to
the build procedure, as its build environment does not offer, or
the rest of the build needs, anything cURL.
(merge 4e66b5a990 jc/fuzz-sans-curl later to maint).
* "git diff --no-ext-diff" when diff.external is configured ignored
the "--color-moved" option.
(merge 0f4b0d4cf0 rs/diff-color-moved-w-no-ext-diff-fix later to maint).
* "git archive --add-virtual-file=<path>:<contents>" never paid
attention to the --prefix=<prefix> option but the documentation
said it would. The documentation has been corrected.
(merge 72c282098d jc/archive-prefix-with-add-virtual-file later to maint).
* When GIT_PAGER failed to spawn, depending on the code path taken,
we failed immediately (correct) or just spew the payload to the
standard output (incorrect). The code now always fail immediately
when GIT_PAGER fails.
(merge 78f0a5d187 rj/pager-die-upon-exec-failure later to maint).
* date parser updates to be more careful about underflowing epoch
based timestamp.
(merge 9d69789770 db/date-underflow-fix later to maint).
* The Bloom filter used for path limited history traversal was broken
on systems whose "char" is unsigned; update the implementation and
bump the format version to 2.
(merge 9c8a9ec787 tb/path-filter-fix later to maint).
* Typofix.
(merge 231cf7370e as/pathspec-h-typofix later to maint).
* Code clean-up.
(merge 4b837f821e rs/simplify-submodule-helper-super-prefix-invocation later to maint).
* "git describe --dirty --broken" forgot to refresh the index before
seeing if there is any chang, ("git describe --dirty" correctly did
so), which has been corrected.
(merge b8ae42e292 as/describe-broken-refresh-index-fix later to maint).
* Test suite has been taught not to unnecessarily rely on DNS failing
a bogus external name.
(merge 407cdbd271 jk/tests-without-dns later to maint).
* GitWeb update to use committer date consistently in rss/atom feeds.
(merge cf6ead095b am/gitweb-feed-use-committer-date later to maint).
* Custom control structures we invented more recently have been
taught to the clang-format file.
(merge 1457dff9be rs/clang-format-updates later to maint).
* Developer build procedure fix.
(merge df32729866 tb/dev-build-pedantic-fix later to maint).
* "git push" that pushes only deletion gave an unnecessary and
harmless error message when push negotiation is configured, which
has been corrected.
(merge 4d8ee0317f jc/disable-push-nego-for-deletion later to maint).
* Address-looking strings found on the trailer are now placed on the
Cc: list after running through sanitize_address by "git send-email".
(merge c852531f45 cb/send-email-sanitize-trailer-addresses later to maint).
* Tests that use GIT_TEST_SANITIZE_LEAK_LOG feature got their exit
status inverted, which has been corrected.
(merge 8c1d6691bc rj/test-sanitize-leak-log-fix later to maint).
* The http.cookieFile and http.saveCookies configuration variables
have a few values that need to be avoided, which are now ignored
with warning messages.
(merge 4f5822076f jc/http-cookiefile later to maint).
* Repacking a repository with multi-pack index started making stupid
pack selections in Git 2.45, which has been corrected.
(merge 8fb6d11fad ds/midx-write-repack-fix later to maint).
* Fix documentation mark-up regression in 2.45.
(merge 6474da0aa4 ja/doc-markup-updates-fix later to maint).
* Work around asciidoctor's css that renders <code>monospace</code> material
in the SYNOPSIS section of manual pages as block elements.
(merge d44ce6ddd5 js/doc-markup-updates-fix later to maint).</p>
<ul>
<li>
<p>CVE-2024-24577: Fixed arbitrary code execution due to heap corruption
in git_index_add (bsc#1219660)</p>
</li>
<li>
<p>Update to 2.45.2:</p>
</li>
<li>
<p>Revert "defense in depth" fixes from 2.45.1 broke 'git lfs' and
'git annex'</p>
</li>
<li>
<p>remove dependency on /usr/bin/python3 using
%python3_fix_shebang_path macro, [bsc#1212476]</p>
</li>
</ul>
<h2>Patch Instructions:</h2>
<p>
To install this SUSE update use the SUSE recommended
installation methods like YaST online_update or "zypper patch".<br/>
Alternatively you can run the command listed for your product:
</p>
<ul class="list-group">
<li class="list-group-item">
SUSE Linux Micro 6.0
<br/>
<code>zypper in -t patch SUSE-SLE-Micro-6.0-470=1</code>
</li>
</ul>
<h2>Package List:</h2>
<ul>
<li>
SUSE Linux Micro 6.0 (aarch64 s390x x86_64)
<ul>
<li>perl-Git-2.51.0-1.1</li>
<li>git-debugsource-2.51.0-1.1</li>
<li>git-core-2.51.0-1.1</li>
<li>git-2.51.0-1.1</li>
<li>git-core-debuginfo-2.51.0-1.1</li>
<li>git-debuginfo-2.51.0-1.1</li>
</ul>
</li>
</ul>
<h2>References:</h2>
<ul>
<li>
<a href="https://www.suse.com/security/cve/CVE-2024-24577.html">https://www.suse.com/security/cve/CVE-2024-24577.html</a>
</li>
<li>
<a href="https://www.suse.com/security/cve/CVE-2024-50349.html">https://www.suse.com/security/cve/CVE-2024-50349.html</a>
</li>
<li>
<a href="https://www.suse.com/security/cve/CVE-2024-52006.html">https://www.suse.com/security/cve/CVE-2024-52006.html</a>
</li>
<li>
<a href="https://www.suse.com/security/cve/CVE-2025-27613.html">https://www.suse.com/security/cve/CVE-2025-27613.html</a>
</li>
<li>
<a href="https://www.suse.com/security/cve/CVE-2025-27614.html">https://www.suse.com/security/cve/CVE-2025-27614.html</a>
</li>
<li>
<a href="https://www.suse.com/security/cve/CVE-2025-46334.html">https://www.suse.com/security/cve/CVE-2025-46334.html</a>
</li>
<li>
<a href="https://www.suse.com/security/cve/CVE-2025-46835.html">https://www.suse.com/security/cve/CVE-2025-46835.html</a>
</li>
<li>
<a href="https://www.suse.com/security/cve/CVE-2025-48384.html">https://www.suse.com/security/cve/CVE-2025-48384.html</a>
</li>
<li>
<a href="https://www.suse.com/security/cve/CVE-2025-48385.html">https://www.suse.com/security/cve/CVE-2025-48385.html</a>
</li>
<li>
<a href="https://www.suse.com/security/cve/CVE-2025-48386.html">https://www.suse.com/security/cve/CVE-2025-48386.html</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1212476">https://bugzilla.suse.com/show_bug.cgi?id=1212476</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1219660">https://bugzilla.suse.com/show_bug.cgi?id=1219660</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1235600">https://bugzilla.suse.com/show_bug.cgi?id=1235600</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1235601">https://bugzilla.suse.com/show_bug.cgi?id=1235601</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1239989">https://bugzilla.suse.com/show_bug.cgi?id=1239989</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1245938">https://bugzilla.suse.com/show_bug.cgi?id=1245938</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1245939">https://bugzilla.suse.com/show_bug.cgi?id=1245939</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1245942">https://bugzilla.suse.com/show_bug.cgi?id=1245942</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1245943">https://bugzilla.suse.com/show_bug.cgi?id=1245943</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1245946">https://bugzilla.suse.com/show_bug.cgi?id=1245946</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1245947">https://bugzilla.suse.com/show_bug.cgi?id=1245947</a>
</li>
</ul>
</div>