USN-3387-1: Git vulnerability
11 August 2017
Git could be made run programs as your login if it opened a specially crafted git repository.
- git - fast, scalable, distributed revision control system
Brian Neel, Joern Schneeweisz, and Jeff King discovered that Git did
not properly handle host names in 'ssh://' URLs. A remote attacker
could use this to construct a git repository that when accessed could
run arbitrary code with the privileges of the user.