On Fri, Aug 3, 2018 at 5:12 PM Jason A. Donenfeld <ja...@zx2c4.com> wrote: > * A fix for a critical directory traversal vulnerability, when > `enable-http-clone=1` is not turned off, discovered by Jann Horn. > This is pretty nasty and all users must update immediately.
This has been assigned CVE-2018-14912. _______________________________________________ CGit mailing list CGit@lists.zx2c4.com https://lists.zx2c4.com/mailman/listinfo/cgit
