git 1:2.14.2-1 source package in Debian
Changelog
git (1:2.14.2-1) unstable; urgency=high
* new upstream point release (see RelNotes/2.14.1.txt). Among other
changes, this fixes a remote shell command execution vulnerability
via CVS protocol:
- git-shell: drop cvsserver support by default
- git-cvsserver: harden backtick captures against user input
Thanks to joernchen of Phenoelit for discovering, reporting, and
fixing this vulnerability, and to Junio C Hamano and Jeff King for
the fixes to related issues.
-- Jonathan Nieder <email address hidden> Mon, 25 Sep 2017 18:23:18 -0700
Upload details
- Uploaded by:
- Gerrit Pape
- Uploaded to:
- Sid
- Original maintainer:
- Gerrit Pape
- Architectures:
- any all
- Section:
- vcs
- Urgency:
- Very Urgent
See full publishing history Publishing
| Series | Published | Component | Section |
|---|
Builds
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| git_2.14.2-1.dsc | 2.8 KiB | 0fa137a90497970e94c05c3bccb5cb93d23a2fa27543456cb5db50c9492c45ce |
| git_2.14.2.orig.tar.xz | 4.6 MiB | 50e9723996114ad1eec4dda89960d9fe34461749ae42031008a261fedd03c7a1 |
| git_2.14.2-1.debian.tar.xz | 533.8 KiB | b150a25b6bde086fe4bb10ebe5f90f81e5c075d3fcd8aebe8ce50bdbf3ed5c3d |
No changes file available.
