Mercurial Mercurial > public > mercurial-scm > hg / diff
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
mercurial/subrepo.py
changeset 28670 ff0d3b6b287f
parent 28624 345f4fa4cc89
parent 28658 34d43cb85de8
child 28949 9d3e280864fb 
--- a/mercurial/subrepo.py	Fri Mar 25 23:05:32 2016 -0700
+++ b/mercurial/subrepo.py	Tue Mar 29 12:29:00 2016 -0500
@@ -1385,6 +1385,11 @@
         are not supported and very probably fail.
         """
         self.ui.debug('%s: git %s\n' % (self._relpath, ' '.join(commands)))
+        if env is None:
+            env = os.environ.copy()
+        # fix for Git CVE-2015-7545
+        if 'GIT_ALLOW_PROTOCOL' not in env:
+            env['GIT_ALLOW_PROTOCOL'] = 'file:git:http:https:ssh'
         # unless ui.quiet is set, print git's stderr,
         # which is mostly progress and useful info
         errpipe = None
mercurial-scm/hg