*** This bug is a security vulnerability *** Public security bug reported:
A security bugfix was released today to Git: https://public- inbox.org/git/[email protected]/T/#u. Without it, cloning an attacker-controlled ssh:// URL (either directly or indirectly via submodules) leads to arbitrary code execution. ** Affects: git (Ubuntu) Importance: Undecided Status: New ** Information type changed from Private Security to Public Security ** CVE added: https://cve.mitre.org/cgi- bin/cvename.cgi?name=2017-1000117 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1710016 Title: Please update Git to get the fix to CVE-2017-1000117 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/git/+bug/1710016/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
