[Bug 1719740] Re: [CVE] Git cvsserver OS Command Injection

Launchpad Bug Tracker Thu, 05 Oct 2017 05:06:31 -0700

This bug was fixed in the package git - 1:2.7.4-0ubuntu1.3

---------------
git (1:2.7.4-0ubuntu1.3) xenial-security; urgency=high


  * SECURITY UPDATE: Git cvsserver OS Command Injection (LP: #1719740)
    - shell-drop-git-cvsserver-support-by-default.diff
    - cvsserver-use-safe_pipe_capture.diff
    - cvsimport-shell-quote-variable-used-in-backticks.diff
    - archimport-use-safe_pipe_capture-for-user-input.diff
    - CVE-2017-14867

 -- Simon Quigley <[email protected]>  Tue, 03 Oct 2017 13:14:37 -0500

** Changed in: git (Ubuntu Xenial)
       Status: In Progress => Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1719740

Title:
  [CVE] Git cvsserver OS Command Injection

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/git/+bug/1719740/+subscriptions

-- 
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1719740] Re: [CVE] Git cvsserver OS Command Injection

Reply via email to