Hank Leininger dixit:
>Of course, the repo specification looks very odd, so tricking a victim
>may be harder than for SCM tools where it's prefixed by an ssh://, or
It’s also immediately obvious and quite hard to exploit at all, I agree.
> https://marc.info/?l=oss-security&m=150241876103454&w=2
Bugs in Git, Subversion, and Mercurial were just announced & patched
which allowed arbitrary local command execution if a malicious name was
used for the remote server, such as starting with - to pass options to
the ssh client:
git clone ssh://-oProxyCommand=some-command...
CVS has a similar pr
