git 2.19.1 upgrade

This should get handled as part of normal patching, but RHEL ships with a 1.8.x branch of Git. We aren’t cloning from public repos for most things, but I can’t be 100% about it, and workstations are probably vulnerable as well. We should all update our workstations, but it doesn’t appear to be that simple for Linux servers:

 

(2.19.1 is the version to upgrade to.)

 

Mac: brew upgrade git didn’t seem to update the cli git, still on 1.8.3.1, have to download and install from https://sourceforge.net/projects/git-osx-installer/files/git-2.19.0-intel-universal-mavericks.dmg/download?use_mirror=autoselect

 

Windows: https://github.com/git-for-windows/git/releases/download/v2.19.1.windows.1/Git-2.19.1-64-bit.exe

 

Linux: Looks like git does not have an rpm for a 2.x, it’s a clone and compile, which makes long term sustainability a pain.

CVE says version 2.18 is the oldest affected version, and the newest available from the yum repos is 1.8.3.1-14.

https://git-scm.com/download/linux says to download and compile.

 

This works:

#!/bin/bash

# update git to 2.19.1

git –version

which git

cp /usr/bin/git /usr/bin/git-1.8.3.1

yum -y install curl-devel expat-devel gettext-devel openssl-devel zlib-devel

yum -y install gcc perl-ExtUtils-MakeMaker

cd /usr/src

wget https://www.kernel.org/pub/software/scm/git/git-2.19.1.tar.gz

tar xzf git-2.19.1.tar.gz

cd git-2.19.1

make prefix=/usr/local/git all

make prefix=/usr/local/git install

rm -f /bin/git

ln -s /usr/local/git/bin/git /bin/git

git –version

 

Leave a Reply

Your email address will not be published. Required fields are marked *