[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Git 2.17.1 security update CVE-2018-{11234,11235}
From: |
Leo Famulari |
Subject: |
Git 2.17.1 security update CVE-2018-{11234,11235} |
Date: |
Tue, 29 May 2018 16:07:48 -0400 |
User-agent: |
Mutt/1.10.0 (2018-05-17) |
I just pushed commit b50196c3a4275bc51a614f6c1945b2272c595ab8 which
updates Git to 2.17.1, fixing some serious security vulnerabilities:
https://blogs.msdn.microsoft.com/devops/2018/05/29/announcing-the-may-2018-git-security-vulnerability/
https://marc.info/?l=git&m=152761328506724&w=2
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11235
The summary is that a malicious Git remote can execute arbitrary code on
your machine when you clone from the remote, so please update ASAP.
signature.asc
Description: PGP signature
- Git 2.17.1 security update CVE-2018-{11234,11235},
Leo Famulari <=