[ubuntu/wily-updates] git 1:2.5.0-1ubuntu0.1 (Accepted)
Ubuntu Archive Robot
cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk
Tue Dec 15 19:28:14 UTC 2015
git (1:2.5.0-1ubuntu0.1) wily-security; urgency=medium
* SECURITY UPDATE: arbitrary code execution issues via URLs
- debian/diff/0008-CVE-2015-7545-1.patch: add a protocol-whitelist
environment variable.
- debian/diff/0009-CVE-2015-7545-2.patch: allow only certain protocols
for submodule fetches.
- debian/diff/0010-CVE-2015-7545-3.patch: refactor protocol whitelist
code.
- debian/diff/0011-CVE-2015-7545-4.patch: limit redirection to
protocol-whitelist.
- debian/diff/0012-CVE-2015-7545-5.patch: limit redirection depth.
- debian/rules: make new tests executable.
- CVE-2015-7545
Date: 2015-12-11 19:00:14.902447+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
Signed-By: Ubuntu Archive Robot <cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk>
https://launchpad.net/ubuntu/+source/git/1:2.5.0-1ubuntu0.1
-------------- next part --------------
Sorry, changesfile not available.
More information about the Wily-changes
mailing list