USN-2835-1: Git vulnerability
15 December 2015
Git could be made to run programs as your login if it processed an untrusted repository.
- git - fast, scalable, distributed revision control system
Blake Burkhart discovered that the Git git-remote-ext helper incorrectly
handled recursive clones of git repositories. A remote attacker could
possibly use this issue to execute arbitrary code by injecting commands
via crafted URLs.
The problem can be corrected by updating your system to the following package versions:
In general, a standard system update will make all the necessary changes.