Skip to content

build(deps): bump dulwich from 1.1.0 to 1.2.5#178

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/pip/dulwich-1.2.5
Open

build(deps): bump dulwich from 1.1.0 to 1.2.5#178
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/pip/dulwich-1.2.5

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github May 28, 2026
edited
Loading

Copy link
Copy Markdown

Bumps dulwich from 1.1.0 to 1.2.5.

Release notes

Sourced from dulwich's releases.

1.2.5

This is a security release. All users are encouraged to upgrade.

Security fixes

  • GHSA-gfhv-vqv2-4544 -- Validate submodule paths in porcelain.submodule_update (and thus porcelain.clone(recurse_submodules=True)). A crafted upstream repository could carry a submodule whose path was .git/hooks (or any other path inside .git or above the work tree), causing the submodule's tree contents to be written there with their executable bits intact. The dulwich analogue of git's CVE-2024-32002 / CVE-2024-32004. (Reported by tonghuaroot)

  • CVE-2026-42305 -- Harden tree path validation against entry names that are harmless on POSIX but dangerous when checked out on Windows. validate_path_element_ntfs now also rejects Windows path separators, the alternate data stream marker :, NTFS 8.3 short-name aliases of .git, and reserved Windows device names. core.protectNTFS now defaults to true on every platform, and both core.protectNTFS and core.protectHFS are now read under their correct option names. (Reported by Christopher Toth)

  • CVE-2026-42563 -- Shell-quote values substituted into ProcessMergeDriver commands. A malicious branch could inject shell commands when a merge driver referencing %P was configured. (Reported by Ravishanker Kusuma (hayageek))

  • CVE-2026-47712 -- Sanitize commit subjects used in porcelain.format_patch filenames so a malicious subject (e.g. x/../../x) cannot direct the generated patch outside outdir. (Reported by Christopher Toth)

  • receive.maxInputSize -- Honour receive.maxInputSize in ReceivePackHandler. Previously a remote unauthenticated client could send a tiny crafted pack that declared a huge dest_size and trigger hundreds of MB of allocation over git-receive-pack. (Reported by Liyi, Ziyue, Strick, Maurice and Chenchen @ University of Sydney)

1.2.4

What's Changed

Full Changelog: jelmer/dulwich@dulwich-1.2.3...dulwich-1.2.4

1.2.1

Changes since 1.2.0

  • Derive the LFS endpoint as the remote's on-disk LFS store (<remote>/.git/lfs for worktrees, <remote>/lfs for bare repos) when remote.origin.url points at a local filesystem path or file:// URL, matching git-lfs behaviour. Previously the built-in smudge filter constructed an HTTP-style <remote>.git/info/lfs path that did not exist on disk, leaving LFS-tracked files as pointers when cloning from a local repo.

  • Deduplicate objects when writing a multi-pack-index. Objects present in multiple packs (e.g. after git gc creates a cruft pack) would otherwise produce an OIDL chunk with repeated SHAs, causing git multi-pack-index verify to fail with "oid lookup out of order". (#2152)

  • Extend ignorecase and precomposeunicode support to index lookups. (#1807)

1.2.0

Notable changes since 1.1.0

New features

  • Add am command and porcelain.am() for applying mailbox-style email patches (git am), with state persistence for --continue, --skip, --abort, and --quit recovery (#1692).
  • Add apply command and porcelain.apply_patch() for applying unified diffs, including rename/copy detection, binary patches with Git's base85 encoding, and --3way merge fallback (#1784).

... (truncated)

Changelog

Sourced from dulwich's changelog.

1.2.5 2026-05-28

  • SECURITY(GHSA-gfhv-vqv2-4544): Validate submodule paths in porcelain.submodule_update (and thus porcelain.clone(recurse_submodules=True)). A crafted upstream repository could carry a submodule whose path was .git/hooks (or any other path inside .git or above the work tree), causing the submodule's tree contents to be written there with their executable bits intact -- dropping a hook that later commands would run. Submodule paths are now rejected if they are absolute or carry a component that the configured path validator refuses, and the submodule's own tree is materialized with the same validator. This is the dulwich analogue of git's CVE-2024-32002 / CVE-2024-32004. (Jelmer Vernooij; reported by tonghuaroot)

  • SECURITY(CVE-2026-42305): Harden tree path validation against entry names that are harmless on POSIX but dangerous when checked out on Windows. A crafted tree could previously carry such names through to the work tree. validate_path_element_ntfs now also rejects:

    • Windows path separators, so an entry named .git\hooks\pre-commit.exe can no longer materialize a file inside .git that Git for Windows would execute.
    • The alternate data stream marker : (e.g. .git::$INDEX_ALLOCATION, which writes into .git directly).
    • NTFS 8.3 short-name aliases of .git (git~<digits>); only git~1 was rejected before.
    • Reserved Windows device names (CON, PRN, AUX, NUL, COM1-COM9, LPT1-LPT9), including with an extension or trailing dots/spaces such as NUL.txt or COM1 .bar.

    In addition, core.protectNTFS now defaults to true on every platform (matching git after CVE-2019-1353), so a POSIX clone no longer accepts paths that would be unsafe on a later Windows clone, and both core.protectNTFS and core.protectHFS are now read under their correct option names, having previously been silently ignored. POSIX users who need literal NTFS-unsafe filenames can opt out with core.protectNTFS=false. (Jelmer Vernooij; reported by Christopher Toth)

  • SECURITY (CVE-2026-42563): Shell-quote values substituted into ProcessMergeDriver commands. %P is a path from the git tree, so a malicious branch could inject shell commands when the user had a merge driver configured that referenced %P. (Jelmer Vernooij; reported by Ravishanker Kusuma (hayageek))

  • SECURITY(CVE-2026-47712): Sanitize commit subjects used in porcelain.format_patch filenames so a malicious subject (e.g. x/../../x) cannot direct the generated patch outside outdir. get_summary now matches git's format_sanitized_subject.

... (truncated)

Commits
  • 073f4df Release 1.2.5
  • 5f85d3e tests: fix Windows-only failures in NTFS and merge-driver tests
  • 25313ad Merge branch 'advisory-5'
  • 1ca1814 submodule: Reject unsafe submodule paths in submodule_update
  • 3559ef1 Merge branch 'advisory-4'
  • f860ca4 server: Honour receive.maxInputSize to bound received packs
  • 0fd6e6b Merge branch 'advisory-3'
  • 0110b88 Merge branch 'advisory-2'
  • 49eb56e Add NEWS entry for CVE-2026-42305
  • 57efc4a Merge branch 'advisory-1'
  • Additional commits viewable in compare view

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file python Pull requests that update python code labels May 28, 2026
@dependabot
build(deps): bump dulwich from 1.1.0 to 1.2.5
3723a13 
Bumps [dulwich](https://github.com/dulwich/dulwich) from 1.1.0 to 1.2.5.
- [Release notes](https://github.com/dulwich/dulwich/releases)
- [Changelog](https://github.com/jelmer/dulwich/blob/main/NEWS)
- [Commits](jelmer/dulwich@dulwich-1.1.0...dulwich-1.2.5)

---
updated-dependencies:
- dependency-name: dulwich
  dependency-version: 1.2.5
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/pip/dulwich-1.2.5 branch from 7fa7d97 to 3723a13 Compare June 17, 2026 21:00
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file python Pull requests that update python code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants