Advisories ยป MGASA-2018-0395

Updated git packages fix security vulnerability

Publication date: 14 Oct 2018
Modification date: 14 Oct 2018
Type: security
Affected Mageia releases : 6
CVE: CVE-2018-17456

Description

joernchen of Phenoelit discovered that git is prone to an arbitrary code
execution vulnerability due to insufficient validation of submodule url
and path via a specially crafted .gitmodules file in a project cloned
with --recurse-submodules (CVE-2018-17456).
                

References

SRPMS

6/core