Server : Apache/2.4.52 (Ubuntu) System : Linux webserver 6.8.0-49-generic #49~22.04.1-Ubuntu SMP PREEMPT_DYNAMIC Wed Nov 6 17:42:15 UTC 2 x86_64 User : www-data ( 33) PHP Version : 8.1.2-1ubuntu2.21 Disable Function : NONE Directory : /usr/share/doc/git/RelNotes/ |
Git v2.14.5 Release Notes ========================= This release is to address the recently reported CVE-2018-17456. Fixes since v2.14.4 ------------------- * Submodules' "URL"s come from the untrusted .gitmodules file, but we blindly gave it to "git clone" to clone submodules when "git clone --recurse-submodules" was used to clone a project that has such a submodule. The code has been hardened to reject such malformed URLs (e.g. one that begins with a dash). Credit for finding and fixing this vulnerability goes to joernchen and Jeff King, respectively.