Bump Git version on Windows to 2.45.1.windows.1

[github-actions]

Bump Git version on Windows

Update the Git Windows version for Windows Server Core

changed lines [51] of file "/tmp/updatecli/github/jenkinsci/docker-agent/windows/windowsservercore/Dockerfile"

2.45.1.windows.1

Release published on the 2024-05-14 17:10:06 +0000 UTC at the url /~https://github.com/git-for-windows/git/releases/tag/v2.45.1.windows.1

Changes since Git for Windows v2.45.0 (April 29th 2024)

Git for Windows for Windows v2.45 is the last version to support for Windows 7 and for Windows 8, see [MSYS2's corresponding deprecation announcement](https://www.msys2.org/docs/windows_support/) (Git for Windows relies on MSYS2 for components such as Bash and Perl).

Please also note that the 32-bit variant of Git for Windows is deprecated; Its last official release [is planned for 2025](https://gitforwindows.org/32-bit.html).

### New Features

* Comes with [Git v2.45.1](/~https://github.com/git/git/blob/v2.45.1/Documentation/RelNotes/2.45.1.txt).

### Bug Fixes

* **CVE-2024-32002**: Recursive clones on case-insensitive filesystems that support
  symbolic links are susceptible to case confusion that can be exploited to
  execute just-cloned code during the clone operation.
* **CVE-2024-32004**: Repositories can be configured to execute arbitrary code
  during local clones. To address this, the ownership checks introduced in
  v2.30.3 are now extended to cover cloning local repositories.
* **CVE-2024-32020**: Local clones may end up hardlinking files into the target
  repository's object database when source and target repository reside on the
  same disk. If the source repository is owned by a different user, then those
  hardlinked files may be rewritten at any point in time by the untrusted user.
* **CVE-2024-32021**: When cloning a local source repository that contains symlinks
  via the filesystem, Git may create hardlinks to arbitrary user-readable files
  on the same filesystem as the target repository in the objects/ directory.
* **CVE-2024-32465**: It is supposed to be safe to clone untrusted repositories,
  even those unpacked from zip archives or tarballs originating from untrusted
  sources, but Git can be tricked to run arbitrary code as part of the clone.
* Defense-in-depth: submodule: require the submodule path to contain
  directories only.
* Defense-in-depth: clone: when symbolic links collide with directories, keep
  the latter.
* Defense-in-depth: clone: prevent hooks from running during a clone.
* Defense-in-depth: core.hooksPath: add some protection while cloning.
* Defense-in-depth: fsck: warn about symlink pointing inside a gitdir.
* Various fix-ups on HTTP tests.
* HTTP Header redaction code has been adjusted for a newer version of cURL
  library that shows its traces differently from earlier versions.
* Fix was added to work around a regression in libcURL 8.7.0 (which has already
  been fixed in their tip of the tree).
* Replace macos-12 used at GitHub CI with macos-13.
* ci(linux-asan/linux-ubsan): let's save some time
* Tests with LSan from time to time seem to emit harmless message that makes
  our tests unnecessarily flakey; we work it around by filtering the
  uninteresting output.
* Update GitHub Actions jobs to avoid warnings against using deprecated version
  of Node.js.

Filename | SHA-256
-------- | -------
Git-2.45.1-64-bit.exe | 1b2b58fb516495feb70353aa91da230be0a2b4aa01acc3bc047ee1fe4846bc4e
Git-2.45.1-32-bit.exe | f46c2f013b6767fc5da15783643d7243f037cbdf6e0b2779ad157ab0741318ca
PortableGit-2.45.1-64-bit.7z.exe | f4be1f923e9cc1ee0cb09e99f0e90cf254b530bb622d12064361563307e2f505
PortableGit-2.45.1-32-bit.7z.exe | 43d0f03af3d5a12a60cab82a02f386896ed2d61af93496fa8110f2dac83ebee1
MinGit-2.45.1-64-bit.zip | f7ba0e2acdc603cf8893b446f6871c869b7644b88a1116b00d6b30fb30f18c74
MinGit-2.45.1-32-bit.zip | 9c1089f13f5873190ac9473375126ba697df6773188f01ca2d6a0cf920c44287
MinGit-2.45.1-busybox-64-bit.zip | b9151e9ff31d4cbf0b45c5dad1d45e115c3942bdf3822cf0729efe54d42d909f
MinGit-2.45.1-busybox-32-bit.zip | 44c61ff4706c8db83009670bd6a67036f6ea5e0dc3c901bc1d37d7649879ece4
Git-2.45.1-64-bit.tar.bz2 | 3314914e47c080e80ddcbc543e374890bdfe4d60e9cd7d0faa996d3d0a174a05
Git-2.45.1-32-bit.tar.bz2 | e5d04b0228fda44f50f9d52730b72c2ad5773faebe12b54b009e3952f5b19f2b

Update the Git Windows version for Windows Nanoserver

changed lines [59] of file "/tmp/updatecli/github/jenkinsci/docker-agent/windows/nanoserver/Dockerfile"

2.45.1.windows.1

Release published on the 2024-05-14 17:10:06 +0000 UTC at the url /~https://github.com/git-for-windows/git/releases/tag/v2.45.1.windows.1

Changes since Git for Windows v2.45.0 (April 29th 2024)

Git for Windows for Windows v2.45 is the last version to support for Windows 7 and for Windows 8, see [MSYS2's corresponding deprecation announcement](https://www.msys2.org/docs/windows_support/) (Git for Windows relies on MSYS2 for components such as Bash and Perl).

Please also note that the 32-bit variant of Git for Windows is deprecated; Its last official release [is planned for 2025](https://gitforwindows.org/32-bit.html).

### New Features

* Comes with [Git v2.45.1](/~https://github.com/git/git/blob/v2.45.1/Documentation/RelNotes/2.45.1.txt).

### Bug Fixes

* **CVE-2024-32002**: Recursive clones on case-insensitive filesystems that support
  symbolic links are susceptible to case confusion that can be exploited to
  execute just-cloned code during the clone operation.
* **CVE-2024-32004**: Repositories can be configured to execute arbitrary code
  during local clones. To address this, the ownership checks introduced in
  v2.30.3 are now extended to cover cloning local repositories.
* **CVE-2024-32020**: Local clones may end up hardlinking files into the target
  repository's object database when source and target repository reside on the
  same disk. If the source repository is owned by a different user, then those
  hardlinked files may be rewritten at any point in time by the untrusted user.
* **CVE-2024-32021**: When cloning a local source repository that contains symlinks
  via the filesystem, Git may create hardlinks to arbitrary user-readable files
  on the same filesystem as the target repository in the objects/ directory.
* **CVE-2024-32465**: It is supposed to be safe to clone untrusted repositories,
  even those unpacked from zip archives or tarballs originating from untrusted
  sources, but Git can be tricked to run arbitrary code as part of the clone.
* Defense-in-depth: submodule: require the submodule path to contain
  directories only.
* Defense-in-depth: clone: when symbolic links collide with directories, keep
  the latter.
* Defense-in-depth: clone: prevent hooks from running during a clone.
* Defense-in-depth: core.hooksPath: add some protection while cloning.
* Defense-in-depth: fsck: warn about symlink pointing inside a gitdir.
* Various fix-ups on HTTP tests.
* HTTP Header redaction code has been adjusted for a newer version of cURL
  library that shows its traces differently from earlier versions.
* Fix was added to work around a regression in libcURL 8.7.0 (which has already
  been fixed in their tip of the tree).
* Replace macos-12 used at GitHub CI with macos-13.
* ci(linux-asan/linux-ubsan): let's save some time
* Tests with LSan from time to time seem to emit harmless message that makes
  our tests unnecessarily flakey; we work it around by filtering the
  uninteresting output.
* Update GitHub Actions jobs to avoid warnings against using deprecated version
  of Node.js.

Filename | SHA-256
-------- | -------
Git-2.45.1-64-bit.exe | 1b2b58fb516495feb70353aa91da230be0a2b4aa01acc3bc047ee1fe4846bc4e
Git-2.45.1-32-bit.exe | f46c2f013b6767fc5da15783643d7243f037cbdf6e0b2779ad157ab0741318ca
PortableGit-2.45.1-64-bit.7z.exe | f4be1f923e9cc1ee0cb09e99f0e90cf254b530bb622d12064361563307e2f505
PortableGit-2.45.1-32-bit.7z.exe | 43d0f03af3d5a12a60cab82a02f386896ed2d61af93496fa8110f2dac83ebee1
MinGit-2.45.1-64-bit.zip | f7ba0e2acdc603cf8893b446f6871c869b7644b88a1116b00d6b30fb30f18c74
MinGit-2.45.1-32-bit.zip | 9c1089f13f5873190ac9473375126ba697df6773188f01ca2d6a0cf920c44287
MinGit-2.45.1-busybox-64-bit.zip | b9151e9ff31d4cbf0b45c5dad1d45e115c3942bdf3822cf0729efe54d42d909f
MinGit-2.45.1-busybox-32-bit.zip | 44c61ff4706c8db83009670bd6a67036f6ea5e0dc3c901bc1d37d7649879ece4
Git-2.45.1-64-bit.tar.bz2 | 3314914e47c080e80ddcbc543e374890bdfe4d60e9cd7d0faa996d3d0a174a05
Git-2.45.1-32-bit.tar.bz2 | e5d04b0228fda44f50f9d52730b72c2ad5773faebe12b54b009e3952f5b19f2b

GitHub Action workflow link

---

Created automatically by Updatecli Options: Most of Updatecli configuration is done via its manifest(s). If you close this pull request, Updatecli will automatically reopen it, the next time it runs. If you close this pull request and delete the base branch, Updatecli will automatically recreate it, erasing all previous commits made. Feel free to report any issues at github.com/updatecli/updatecli. If you find this tool useful, do not hesitate to star our GitHub repository as a sign of appreciation, and/or to tell us directly on our chat!

[MarkEWaite]

/~https://github.com/git-for-windows/git/releases/tag/v2.45.1.windows.1 shows that the The 2.45.1 release resolves several CVE's, including:

• CVE-2024-32002
• CVE-2024-32004
• CVE-2024-32020
• CVE-2024-32021
• CVE-2024-32465

https://github.blog/2024-05-14-securing-git-addressing-5-new-vulnerabilities/ is the blog post from Johannes Schindelin (Git for Windows maintainer and Git community coordinator of the latest security bugfix release of Git)