Web lists-archives.com

Re: [Announce] Git 2.14.5, 2.15.3, 2.16.5, 2.17.2, 2.18.1, and 2.19.1




Junio C Hamano <gitster@xxxxxxxxx> writes:

> These releases fix a security flaw (CVE-2018-17456), which allowed an
> attacker to execute arbitrary code by crafting a malicious .gitmodules
> file in a project cloned with --recurse-submodules.

The tarballs are found at:

    https://www.kernel.org/pub/software/scm/git/

The following public repositories all have a copy of these
tags:

  url = https://kernel.googlesource.com/pub/scm/git/git
  url = git://repo.or.cz/alt-git.git
  url = https://github.com/gitster/git