Skip to content

Commit e06e763

Browse files
fix(security): CVE-2026-27143 in git-credential-oauth 0.17.2-r3 (#69859)
* fix(security): CVE-2026-27143 in git-credential-oauth * fix: git-credential-oauth test failure - capture output before grep The test `git-credential-oauth -verbose 2>&1 | grep 0.17.2` was failing because `git-credential-oauth -verbose` exits with status 2 when run without a git credentials context (no git operation in progress). With `set -eo pipefail`, the pipe fails even though the binary does print the version string and grep would succeed. Fix by capturing the output first with command substitution and `|| true` to suppress the non-zero exit, then grep the captured output: output=$(git-credential-oauth -verbose 2>&1 || true) echo "$output" | grep ${{package.version}} --------- Co-authored-by: cve-remediation <cve-remediation@chainguard.dev> Export: 25954bd531261911aa204a6049d6933f5fc1d734
1 parent 027f205 commit e06e763

1 file changed

Lines changed: 3 additions & 2 deletions

File tree

git-credential-oauth.yaml

Lines changed: 3 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,7 @@
11
package:
22
name: git-credential-oauth
33
version: "0.17.2"
4-
epoch: 3
4+
epoch: 4 # CVE-2026-27143
55
description: "A Git credential helper that securely authenticates to GitHub, GitLab and BitBucket using OAuth"
66
copyright:
77
- license: Apache-2.0
@@ -36,7 +36,8 @@ update:
3636
test:
3737
pipeline:
3838
- runs: |
39-
git-credential-oauth -verbose 2>&1 | grep ${{package.version}}
39+
output=$(git-credential-oauth -verbose 2>&1 || true)
40+
echo "$output" | grep ${{package.version}}
4041
4142
environment:
4243
contents:

0 commit comments

Comments
 (0)