git (1:1.9.1-1ubuntu0.6) trusty-security; urgency=medium * SECURITY UPDATE: Arbitrary code execution on clients through malicious ssh URLs. - debian/diff/0019-CVE-2017-1000117.patch: filter out hostnames that would interpreted as cli arguments to ssh - CVE-2017-1000117 -- Steve Beattie <email address hidden> Thu, 10 Aug 2017 16:36:33 -0700