On Wed, Jun 07, 2017 at 09:54:54PM +, Assaf Gordon wrote:
> Hello
>
> On Wed, Jun 07, 2017 at 04:39:59PM -0400, Leo Famulari wrote:
>
> > CVE-2017-8386 [0] was recently fixed for Git. This bug allows remote users
> > to bypass authentication restrictions in git-shell [...]
> > Does Savannah
Hello
On Wed, Jun 07, 2017 at 04:39:59PM -0400, Leo Famulari wrote:
CVE-2017-8386 [0] was recently fixed for Git. This bug allows remote users
to bypass authentication restrictions in git-shell
[...]
Does Savannah use git-shell? Has anybody looked into this yet?
Thank you for alerting us
Dear Savannah,
CVE-2017-8386 [0] was recently fixed for Git. This bug allows remote users
to bypass authentication restrictions in git-shell and possibly have
other impacts.
This bug was fixed in upstream Git maintenance releases Git v2.4.12,
v2.5.6, v2.6.7, v2.7.5, v2.8.5, v2.9.4, v2.10.3,
