*** This bug is a security vulnerability ***
Public security bug reported:
A security bugfix was released today to Git: https://public-
Without it, cloning an attacker-controlled ssh:// URL (either directly
or indirectly via submodules) leads to arbitrary code execution.
** Affects: git (Ubuntu)
** Information type changed from Private Security to Public Security
** CVE added: https://cve.mitre.org/cgi-
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
Please update Git to get the fix to CVE-2017-1000117
To manage notifications about this bug go to:
ubuntu-bugs mailing list