Updated git packages fix security vulnerability
Publication date: 16 Apr 2020Modification date: 16 Apr 2020
Type: security
Affected Mageia releases : 7
CVE: CVE-2020-5260
Description
With a crafted URL that contains a newline in it, the credential helper machinery can be fooled to give credential information for a wrong host. The attack has been made impossible by forbidding a newline character in any value passed via the credential protocol (CVE-2020-5260).
References
SRPMS
7/core
- git-2.21.2-1.mga7