Makefile: update Git versions (v17.0 backport)
Update Git versions to address several CVEs:
-
CVE-2024-32002, which can lead to arbitrary code execution on case-insensitive filesystems when doing recursive clones.
-
CVE-2024-32004, which can lead to arbitrary code execution when doing a local partial clones via the filesystem.
-
CVE-2024-32021, which allows an adversary to rewrite files in a cloned repository when using local clones with hardlinks.
-
CVE-2024-32021, which can lead to linking to arbitrary files accessible to the user when doing local clones via a TOCTOU style race.
-
CVE-2024-32465, which can lead to executing arbitrary commands when cloning an untrusted local repository.
None of these issues were found to impact Gitaly, but upgrading is the right thing to do regardless.
(cherry picked from commit ea6a3464)
Part of Upgrade Git to pull in security releases (#6072 - closed).