Wednesday, October 10, 2018

Git Users Should Get To Updating Due To An Arbitrary Code Execution Vulnerability - Phoronix (blog)


Phoronix (blog)

Git Users Should Get To Updating Due To An Arbitrary Code Execution Vulnerability
Phoronix (blog)
Hamano explained, "When running "git clone --recurse-submodules", Git parses the supplied .gitmodules file for a URL field and blindly passes it as an argument to a "git clone" subprocess. If the URL field is set to a string that begins with a dash ...