*** This bug is a security vulnerability ***

Public security bug reported:

A security bugfix was released today to Git: https://public-
inbox.org/git/xmqqh8xf482j....@gitster.mtv.corp.google.com/T/#u.

Without it, cloning an attacker-controlled ssh:// URL (either directly
or indirectly via submodules) leads to arbitrary code execution.

** Affects: git (Ubuntu)
     Importance: Undecided
         Status: New

** Information type changed from Private Security to Public Security

** CVE added: https://cve.mitre.org/cgi-
bin/cvename.cgi?name=2017-1000117

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1710016

Title:
  Please update Git to get the fix to CVE-2017-1000117

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/git/+bug/1710016/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

Reply via email to