git (1:2.1.4-2.1ubuntu0.1) vivid-security; urgency=medium

  * SECURITY UPDATE: arbitrary code execution issues via URLs
    - debian/diff/0011-CVE-2015-7545-1.patch: add a protocol-whitelist
      environment variable.
    - debian/diff/0012-CVE-2015-7545-2.patch: allow only certain protocols
      for submodule fetches.
    - debian/diff/0013-CVE-2015-7545-3.patch: refactor protocol whitelist
      code.
    - debian/diff/0014-CVE-2015-7545-4.patch: limit redirection to
      protocol-whitelist.
    - debian/diff/0015-CVE-2015-7545-5.patch: limit redirection depth.
    - debian/rules: make new tests executable.
    - CVE-2015-7545

Date: 2015-12-11 20:11:12.793968+00:00
Changed-By: Marc Deslauriers <[email protected]>
Signed-By: Ubuntu Archive Robot 
<[email protected]>
https://launchpad.net/ubuntu/+source/git/1:2.1.4-2.1ubuntu0.1
Sorry, changesfile not available.
-- 
Vivid-changes mailing list
[email protected]
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/vivid-changes

Reply via email to