Hi, Today I found information about this topic at the German web site heise.de. Here is this information in German:
http://www.heise.de/newsticker/meldung/Boesartige-Repositories-koennen-Schadcode-ueber-Git-ausfuehren-3150756.html I will translate some of it into English: ###################################### Malicious repositories can execute malicious code via Git Two security holes, which have been closed by the Git developers in the meantime, enable attacs in unpatched Git servers and Git clients. Due to this, attackers can infiltrate and execute malicious code ... Vulnerable are as well as servers as also Git client systems. Affected are the version branches 1.7.x, 1.9.x and 2.x. One of these holes had been closed with Git 2.7.1 (the latest version is Git 2.7.4), the other hole will be closed with version 2.8, which has not yet officially been released. Most Linux distributions have built appropriate patches into their Git packages which they distribute. Admins should ensure that they use the latest Git version in their systems. ... ###################################### (Technical) details about this in English at http://seclists.org/oss-sec/2016/q1/645 Regards, Jens ------------------------------------------------------------------------------ Transform Data into Opportunity. Accelerate data analysis in your applications with Intel Data Analytics Acceleration Library. Click to learn more. http://pubads.g.doubleclick.net/gampad/clk?id=278785351&iu=/4140 _______________________________________________ Lmuse-developer mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/lmuse-developer
