-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Package : git Version : 1:2.1.4-2.1+deb8u7 CVE ID : CVE-2018-17456
joernchen of Phenoelit discovered that git, a fast, scalable, distributed revision control system, is prone to an arbitrary code execution vulnerability via a specially crafted .gitmodules file in a project cloned with --recurse-submodules. For Debian 8 "Jessie", this problem has been fixed in version 1:2.1.4-2.1+deb8u7. We recommend that you upgrade your git packages. Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -----BEGIN PGP SIGNATURE----- iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAlu3vGxfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND z0QXPw/9El7a9TB+OpkNeHeT7WFPitlbDYBCE/af3AfdafS4xqsDdqJEWYr5QDae olw01MuYMh3HiqbBXqzJKQJuiLVnsBtvx/ceBjZsH0kFJlI320mCvbxM6K9rCMzs Ie0rms0FGCbnUnCuvxziKGnytNbQ+gHFUHZ4enlEx9aKFRa6bKhfcPNFCtpo2QCO lSPzlF1LpFLjbZN4/yVex2nBKgFCQiTGNbfZVoMr9czUKRMZEzCA5wW+EwxDyJ02 pxHUlI2H5dt4wy44jQ2AXI3ap2TnjBwj5PngFo2ZGFio1TNK8Yp+QI66zt1K/oG9 Vfk/mbA2S9xA0h+e8diI6w6EZYLevjc4BnhNHJp+UACWLeLQEc0gr/RWls2CNeBu IzH6RsZ0mHLGy5snfXSsL2fmE3y9NO+xVn13OVfjjFPuZJq8ETD1zYwBxL6TdRFP CQ9pmvALn/xtWquayCgwlsx2XwRbsx8op9ZJyiTQwvWKctvFIuxvmqZldY9srThj kSHQC+a4rswLlaCIccc01g3D/OvJ1qF64+Omyt5B4cU6lff9DIW/w6dqGEQ49gX/ LjJCbnjs7PPZH0WX6nXiG55aIg1rjouHlG+5DqWSB+mtQPaBwlE6+KNIW4ZcgUFP d75MuPymRC2x5NF0/OUQgkYfH9DEGx/mKLGY3WN//guno9yzcEI= =cAjE -----END PGP SIGNATURE-----
