-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Package : git Version : 1:1.7.10.4-1+wheezy4 CVE ID : CVE-2017-8386
Timo Schmid of ERNW GmbH discovered that the Git git-shell, a restricted login shell for Git-only SSH access, allows a user to run an interactive pager by causing it to spawn "git upload-pack --help". For Debian 7 "Wheezy", these problems have been fixed in version 1:1.7.10.4-1+wheezy4. We recommend that you upgrade your git packages. Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -----BEGIN PGP SIGNATURE----- iQKTBAEBCgB9FiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAlkTcFFfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQACgkQ2a0UuVE7 UeT/jhAAshpG+D7BC+Fj+ujVMebrHt1XeU1B1Rk8VR8JLOEqJeUYQRKFHCsQGQ95 4hhq4p2v0OTbmvwobOagLGiF4xAvUEfEr0mldXTsPgPu4AHhvSNk9AXkdefv4qk4 CqC/nqc8SVDBC88Hkajuuq1B55VyTkZHQsiX71mt04a2dFPuHUiBw2J3xOwfJ0EK x09Eb0jCrPr+5axDe3sTl0TwVEtd/5JLjSD7U37xTBY6gl0C244o3ZsRyF+B2wB6 hQTXDjDcumOR32Hu5Mz2ZBdRNUzR1rOHQOXHRQq9n7dW+c7d3FHJ+ptWB0fAR9H5 HxLsFSIbxswDXnbcSdqGHjxQ84Sy3h0UmzBi4QpdPxBa2wYOirV2cDpS+56Tx+uS LAQ9qxxjxR8OCklFh2fXJ/ip2FZI9BfOygP759I+ZyATUc/tfg8zZ5IhTsEoGPu6 EZwJ/sHx7l2NXFjhNfcA2ltjzd9uFlymCCa/zoA8QY/pNz5A6OPMbgCyvB+3zXWf /LJ/my86ggpjGN16YjuwCn7VF7B4WHWe/I+q9Y2iDFCBHZYYFVF5WZaUgiR7IPdx V3NorS0t3OJpNRIVa2xqfySR4FKievLfw6OV5tlORMM5gouYAFQ0OKufQUiS4VFt 5GMjD7bFF9Fxy334s5hraa7wB79l8XytpSMC92QAPAdkZqp6K4E= =l9d7 -----END PGP SIGNATURE-----
