How to handle locally updated Git binary
Because of recent git vulnerability issues, I removed the git package from my Fedora 23 instances with sudo dnf erase -y git and added exclude=git to /etc/dnf/dnf.conf. Since I still need git in my workflow, I installed it from source like so:
sudo dnf install -y curl-devel expat-devel gettext-devel openssl-devel perl-devel zlib-devel asciidoc xmlto docbook2X
sudo ln -s /usr/bin/db2x_docbook2texi /usr/bin/docbook2x-texi
wget https://www.kernel.org/pub/software/scm/git/git-2.7.4.tar.gz
wget https://www.kernel.org/pub/software/scm/git/git-2.7.4.tar.sign
gpg2 --keyserver gpg.mozilla.org --recv-keys 96AFE6CB
gunzip git-2.7.4.tar.gz
gpg2 --verify git-2.7.4.tar.sign git-2.7.4.tar
tar -zxvf git-2.7.4.tar.gz && cd git-2.7.4
make configure
./configure --prefix=/usr
make all doc info
sudo make install install-doc install-html install-info
However, I use some packages that rely on git (pass). Since I no longer have the maintained package for git installed, these packages will refuse to install.
Is there a way to fool DNF into believing a package is installed when it isn't? Or another nice way of handling this?
Interesting, can you provide information on the git vulnerability you mention? Or maybe just a link to more info? Thanks!
it's on the sec lists for those who know where to look, but posting links is a little frowned on right now because the vulnerability will only be announced when most hosts have had time to patch.
Thanks, found it. Very clever not posting a link. Thanks, florian.