Upgrading Git/Mercurial in SourceTree for Mac

関連コンテンツ

  • 関連コンテンツがありません

お困りですか?

アトラシアン コミュニティをご利用ください。

コミュニティに質問

問題

SourceTree version 2.0.4 and later's embedded Git/Mercurial versions address CVE-2014-9390. If you are using system Git/Mercurial please ensure you update them.

原因

Security vulnerability CVE-2014-9390

ソリューション

If you are running SourceTree for Mac version 2.0.3 or earlier here's how fix your Git/Hg versions:

Security vulnerability CVE-2014-9390

SourceTree version 2.0.4 and later's embedded Git/Mercurial versions address CVE-2014-9390. If you are using system Git/Mercurial please ensure you update them.

If you are running SourceTree version 2.0.3 or earlier here's how fix your Git/Hg versions:

Update Git

  1. Download Git version 2.2.1 or later - at the time of writing git-scm.com's download page still links an older binary version for Mac so download from here instead: http://sourceforge.net/projects/git-osx-installer/files/latest/download
  2. Open the Git DMG and run the included install package
  3. Open a fresh terminal and run 'git --version' from the command line and check that it says version 2.2.1. If not, edit ~/.profile or ~/.bash_profile and add to the bottom: "export PATH=/usr/local/git/bin:$PATH", then close & re-open your terminal and repeat the test
  4. Open SourceTree, then press "," to open Preferences
  5. Select the Git tab, then click the 'Use System Git' button - in the Finder window make sure the version in /usr/local/git/bin is selected
  6. The Git Version box should now report 'System Git version 2.2.1'

Update Mercurial

Currently the hgsubversion extension packaged with SourceTree does not work with Mercurial 3.2.3 and must be disabled. This will be addressed in a future update. Disable it before updating to avoid errors:

  1. Open SourceTree, then press "," to open Preferences
  2. Select the Mercurial tab
  3. In the Extensions box, scroll down until you see the hgsubversion line
  4. Uncheck the box & close Preferences

Updating Mercurial:

  1. Download Mercurial version 3.2.3+ for your OS from http://mercurial.selenic.com/downloads
  2. Run the installer
  3. Open a fresh terminal and run 'hg --version', check that it is 3.2.3 or later. If not run 'which hg' and uninstall that version (hg's installer installs in /usr/local/bin so should not be an issue)
  4. Open SourceTree, then press "⌘," to open Preferences
  5. Select the Mercurial tab, then click the 'Use System Mercurial' button
  6. The Git Version box should now report 'System Mercurial version 3.2.3'

You now have versions of Git & Hg on the command line and in SourceTree that are not vulnerable to this issue.

To upgrade the version of Git/Mercurial used in SourceTree you can go to your SourceTree preferences either by hitting ⌘, or via the SourceTree menu > Preferences and going to either the Git and Mercurial tabs. From here you can then go to the 'Git Version' or 'Mercurial Version' boxes respectively and selecting either 'Reset to embedded Git/Hg' or 'Use System Git/Hg'. When selecting 'Use System Git/Hg' you are then prompted to select the location on your system. 

 

 


最終更新日: 2016 年 2 月 26 日

この内容はお役に立ちましたか?

はい
いいえ
この記事についてのフィードバックを送信する

関連コンテンツ

  • 関連コンテンツがありません
Powered by Confluence and Scroll Viewport.