ELA-1-1 git security update

arbitrary code execution vulnerability

2018-06-07
Packagegit
Version1:1.7.10.4-1+wheezy7
Related CVEs CVE-2018-11235

Etienne Stalmans discovered that git, a fast, scalable, distributed revision control system, is prone to an arbitrary code execution vulnerability exploitable via specially crafted submodule names in a .gitmodules file.

For Debian 7 Wheezy, these problems have been fixed in version 1:1.7.10.4-1+wheezy7.

We recommend that you upgrade your git packages.

Further information about Extended LTS security advisories can be found at: https://deb.freexian.com/extended-lts/