On Tue, Dec 30, 2014 at 08:13:08AM -0800, tony mancill wrote:
> On 12/30/2014 05:18 AM, Emmanuel Bourg wrote:
> > Here are the relevant commits to backport:
> >
> > Always ignore case when forbidding .git in ObjectChecker
> > https://github.com/eclipse/jgit/commit/07612a6
> >
> > Disallow ".git."
On 12/30/2014 05:18 AM, Emmanuel Bourg wrote:
> Here are the relevant commits to backport:
>
> Always ignore case when forbidding .git in ObjectChecker
> https://github.com/eclipse/jgit/commit/07612a6
>
> Disallow ".git." and ".git"
> https://github.com/eclipse/jgit/commit/10310bf
>
> Disallow W
Here are the relevant commits to backport:
Always ignore case when forbidding .git in ObjectChecker
https://github.com/eclipse/jgit/commit/07612a6
Disallow ".git." and ".git"
https://github.com/eclipse/jgit/commit/10310bf
Disallow Windows shortname "GIT~1"
https://github.com/eclipse/jgit/commit/
Source: jgit
Severity: important
Tags: security
jgit is also affected by the recent git vulnerability:
http://openwall.com/lists/oss-security/2014/12/18/21
Cheers,
Moritz
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Con
4 matches
Mail list logo