[asterisk-bugs] [JIRA] (ASTERISK-30029) build: Git security vulnerability fix is sad with our accessing git as root during "make install"

Tue Apr 26 09:53:40 CDT 2022

Joshua C. Colp created ASTERISK-30029:
-----------------------------------------

             Summary: build: Git security vulnerability fix is sad with our accessing git as root during "make install"
                 Key: ASTERISK-30029
                 URL: https://issues.asterisk.org/jira/browse/ASTERISK-30029
             Project: Asterisk
          Issue Type: Bug
      Security Level: None
          Components: Core/BuildSystem
    Affects Versions: 19.3.1, 18.11.1, 16.25.1
            Reporter: Joshua C. Colp
            Severity: Major

When installing Asterisk we seemingly use git in some way. If this is run as root but the git repo is your user, then recent versions of git complain due to a fix for a security vulnerability[1].

[1] https://github.blog/2022-04-12-git-security-vulnerability-announced/

--
This message was sent by Atlassian JIRA
(v6.2#6252)