Updated git packages fix security vulnerability
Publication date: 14 Oct 2018Modification date: 14 Oct 2018
Type: security
Affected Mageia releases : 6
CVE: CVE-2018-17456
Description
joernchen of Phenoelit discovered that git is prone to an arbitrary code execution vulnerability due to insufficient validation of submodule url and path via a specially crafted .gitmodules file in a project cloned with --recurse-submodules (CVE-2018-17456).
References
SRPMS
6/core
- git-2.13.7-1.2.mga6