[Secure-testing-team] Bug#876854: git: Git cvsserver OS Command Injection
Salvatore Bonaccorso
carnil at debian.org
Tue Sep 26 11:19:30 UTC 2017
Source: git
Version: 1:2.1.4-1
Severity: grave
Tags: security upstream
Justification: user security hole
Control: fixed -1 1:2.14.2-1
Control: fixed -1 1:2.11.0-3+deb9u2
Control: fixed -1 1:2.1.4-2.1+deb8u5
There is not CVE for tracking for this/those issues, so filling a
respective bug in the Debian BTS. It is already fixed in unstable.
http://www.openwall.com/lists/oss-security/2017/09/26/9
Regards,
Salvatore
More information about the Secure-testing-team
mailing list