Skip to content

MinGit for Windows 2.46.2(2)

Compare
Choose a tag to compare
@mjcheetham mjcheetham released this 14 Jan 18:14
· 4713 commits to main since this release
v2.46.2.windows.2

Changes since Git for Windows v2.46.2 (September 24th 2024)

New Features

Bug Fixes

  • CVE-2024-50338: Git Credential Manager can be tricked to exfiltrate credentials for a trusted site to an untrusted site. Since the URLs needed for such an attack look suspicious, this usually requires a recursive clone or fetch.
  • CVE-2024-50349: When prompting the user for a password in the terminal, Git does not neutralize control characters.
  • CVE-2024-52005: The sideband channel does not neutralize control characters.
  • CVE-2024-52006: Similar to CVE-2020-5260, affecting credential helpers that interpret Carriage Returns as newlines.
Filename SHA-256
MinGit-2.46.2.2-64-bit.zip 9fa5d4c0858b92b14f424393d51eee1412e53c1eae2b689f56a5113c924d7087
MinGit-2.46.2.2-32-bit.zip 950546c6069879a9a8c858c1c781790a356a6f8fec864cbc57383ad8b396f4a4
MinGit-2.46.2.2-busybox-64-bit.zip 1bdfe5d96b7956175b5078c48039f6b49de30ce25a3f30151872ca02edf134b5
MinGit-2.46.2.2-busybox-32-bit.zip 043b7bc72d79b151d4a17c0ae2323e39ba32d2b8ed38a66ddd0a81f6c01a56a0