ubuntu-phone team mailing list archive
-
ubuntu-phone team
-
Mailing list archive
-
Message #10852
Re: Critical Git Vulnerability
I am pretty sure we do not ship a git client on the phone image.
So why did you add ubuntu-phone to the cc in your reply? The thread on
ubuntu-devel-discuss (where it belongs) seems have a useful conclusion
without needing to cross-post to unrelated lists. Appreciate the desire
to get it fixed, but you don't need to spam another list to garner more
support for doing so. It's already being fixed.
On Sun, 2014-12-21 at 08:32 -0800, Joshua Anderson wrote:
> It is a vulnerability on caps insensitive file systems, which mostly
> affects Windows and Mac OS X but can affect Linux too, depending on
> the filesystem used. It would be great to see this fixed.
>
> git is at:
>
> Vivid: 2.1.3
> Utopic: 2.1.0
> Trusty: 1.9.1
> Precise: 1.7.9
>
> -- Joshua Anderson
>
> On Dec 21, 2014 5:21 AM, "Colin Law" <clanlaw@xxxxxxxxx> wrote:
> On 21 December 2014 at 00:45, Alex Oh <alexoh86@xxxxxxxxx>
> wrote:
> >
> http://git-blame.blogspot.com.es/2014/12/git-1856-195-205-214-and-221-and.html
> >
> > There is a vulnerability with git pull. Would be great if
> the git package
> > can be updated to version 2.2.1.
>
> The link suggests it is only relevant on Win and OS X, or do I
> misinterpret it?
>
> Colin
>
> --
> Ubuntu-devel-discuss mailing list
> Ubuntu-devel-discuss@xxxxxxxxxxxxxxxx
> Modify settings or unsubscribe at:
> https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Follow ups
References