[ubuntu/xenial-security] git 1:2.7.4-0ubuntu1.2 (Accepted)
Steve Beattie
sbeattie at ubuntu.com
Fri Aug 11 03:22:39 UTC 2017
git (1:2.7.4-0ubuntu1.2) xenial-security; urgency=medium
* SECURITY UPDATE: Arbitrary code execution on clients through
malicious ssh URLs.
- debian/patches/CVE-2017-1000117.patch: filter out hostnames that
would interpreted as cli arguments to ssh
- debian/diff/0002-transport-expose-git_tcp_connect-and-friends-in-new-t.diff:
update to adjust for changes from CVE-2017-1000117.patch.
- CVE-2017-1000117
Date: 2017-08-10 22:50:30.793121+00:00
Changed-By: Steve Beattie <sbeattie at ubuntu.com>
https://launchpad.net/ubuntu/+source/git/1:2.7.4-0ubuntu1.2
-------------- next part --------------
Sorry, changesfile not available.
More information about the Xenial-changes
mailing list