This bug was fixed in the package git - 1:2.11.0-2ubuntu0.3
---
git (1:2.11.0-2ubuntu0.3) zesty-security; urgency=high
* SECURITY UPDATE: Git cvsserver OS Command Injection (LP: #1719740)
- shell-drop-git-cvsserver-support-by-default.diff
- cvsserver-use-safe_pipe_capture.di
This bug was fixed in the package git - 1:2.7.4-0ubuntu1.3
---
git (1:2.7.4-0ubuntu1.3) xenial-security; urgency=high
* SECURITY UPDATE: Git cvsserver OS Command Injection (LP: #1719740)
- shell-drop-git-cvsserver-support-by-default.diff
- cvsserver-use-safe_pipe_capture.dif
This bug was fixed in the package git - 1:1.9.1-1ubuntu0.7
---
git (1:1.9.1-1ubuntu0.7) trusty-security; urgency=high
* SECURITY UPDATE: Git cvsserver OS Command Injection (LP: #1719740)
- shell-drop-git-cvsserver-support-by-default.diff
- cvsserver-use-safe_pipe_capture.dif
This bug was fixed in the package git - 1:2.14.1-1ubuntu4
---
git (1:2.14.1-1ubuntu4) artful; urgency=high
* SECURITY UPDATE: Git cvsserver OS Command Injection (LP: #1719740)
- shell-drop-git-cvsserver-support-by-default.diff
- cvsserver-use-safe_pipe_capture.diff
- cvs
ACK on the zesty debdiff, thanks!
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1719740
Title:
[CVE] Git cvsserver OS Command Injection
To manage notifications about this bug go to:
https://bugs.la
Attached is a debdiff for Zesty applicable to 1:2.11.0-2ubuntu0.2. I
tested it in a LXD container and it works as intended with no apparent
regressions.
** Patch added: "1-2.11.0-2ubuntu0.3.debdiff"
https://bugs.launchpad.net/ubuntu/+source/git/+bug/1719740/+attachment/4961735/+files/1-2.11.0-
** Changed in: git (Ubuntu Artful)
Status: In Progress => Fix Committed
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1719740
Title:
[CVE] Git cvsserver OS Command Injection
To manage notifi
OK, as pointed out on irc, commit
31add46823fe926e85efbfeab865e366018b33b4 does contain the three others.
Looks good, thanks!
Uploading now.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1719740
Tit
Hi Simon,
I think you're missing a few commits. Here is the list of commits Debian
has added:
http://repo.or.cz/git/debian.git/commit/ad86ba2e77a442db38510bcc5e5283872df49d88
Also, you don't need to change the patch headers, just leave the
original git commit headers there.
Thanks!
--
You rec
** Summary changed:
- [DSA 3984-1] Git cvsserver OS Command Injection
+ [CVE] Git cvsserver OS Command Injection
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1719740
Title:
[CVE] Git cvsserver OS
10 matches
Mail list logo
