From 27e6dc7ad5f40fe0549fabc6900dfd1c48030e22 Mon Sep 17 00:00:00 2001
From: Oreofe Solarin <oreofesolarin@gmail.com>
Date: Tue, 21 Apr 2026 18:38:42 -0400
Subject: [PATCH] fix: correct GHSA-4j5j-58j7-6c3w dulwich fixed version 0.9.9
 -> 0.10.0

---
 .../2022/05/GHSA-4j5j-58j7-6c3w/GHSA-4j5j-58j7-6c3w.json    | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/advisories/github-reviewed/2022/05/GHSA-4j5j-58j7-6c3w/GHSA-4j5j-58j7-6c3w.json b/advisories/github-reviewed/2022/05/GHSA-4j5j-58j7-6c3w/GHSA-4j5j-58j7-6c3w.json
index c9509704c1123..58de771c61c3f 100644
--- a/advisories/github-reviewed/2022/05/GHSA-4j5j-58j7-6c3w/GHSA-4j5j-58j7-6c3w.json
+++ b/advisories/github-reviewed/2022/05/GHSA-4j5j-58j7-6c3w/GHSA-4j5j-58j7-6c3w.json
@@ -1,13 +1,13 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-4j5j-58j7-6c3w",
-  "modified": "2024-09-20T17:38:53Z",
+  "modified": "2026-04-21T00:00:00Z",
   "published": "2022-05-17T04:14:03Z",
   "aliases": [
     "CVE-2014-9706"
   ],
   "summary": "Dulwich Arbitrary code execution via commit with directory path starting with .git",
-  "details": "The `build_index_from_tree` function in index.py in Dulwich before 0.9.9 allows remote attackers to execute arbitrary code via a commit with a directory path starting with `.git/`, which is not properly handled when checking out a working tree.",
+  "details": "The `build_index_from_tree` function in index.py in Dulwich before 0.10.0 allows remote attackers to execute arbitrary code via a commit with a directory path starting with `.git/`, which is not properly handled when checking out a working tree.",
   "severity": [
     {
       "type": "CVSS_V3",
@@ -32,7 +32,7 @@
               "introduced": "0"
             },
             {
-              "fixed": "0.9.9"
+              "fixed": "0.10.0"
             }
           ]
         }