Most of the malleability issues listed in BIP62 stem from the fact that an input script (scriptSig) can be modified and still remain valid for the input, and because the input script is included when calculating the TXID, this modifies the TXID as well.
Example ways you can turn an input script into a different but still valid input script:
- Any valid ECDSA signature can be turned into a different valid signature by inverting the s-value. BIP62 proposed that an s-value in the lower half of the range be required.
- Any push operation can be expressed multiple ways. For example, pushing the byte
can be done with the opcode0x51
), but also less efficiently using the sequence0101
). BIP62 proposed that the most efficient (“canonical”) way be required. - Since the input script is a script, it can be modified any number of ways, for example by including
<data> OP_DROP
anywhere in the script. BIP62 proposed to restrict input scripts to data pushing opcodes.
SegWit cleverly fixed all of these malleability vectors by simply requiring the input script to be empty (or, in the case of wrapped SegWit, to push a single specific byte vector), and moving signatures and other script inputs to the witness which isn’t covered by the TXID. Witness data can still be malleated by third parties, but it doesn’t affect TXID malleability anymore.
“Nonintentional malleability” just refers to malleability by a third party that the original creator of the transaction didn’t intend. It will of course always be possible for the creator to intentionally malleate the transaction themselves before it is included in a block, and even with SegWit you can still create transactions intentionally malleable by third parties by e.g. not requiring any signatures to spend an output.
The pull request you mention changed standardness rules, not consensus rules, so it’s easily bypassed by miners. Because SegWit took a different approach to fixing malleability, high s-value signatures are still just non-standard but valid by consensus.