[Bug 1558293] Re: Git package is old, compromised
Seth Arnold
1558293 at bugs.launchpad.net
Wed Mar 16 22:55:36 UTC 2016
*** This bug is a duplicate of bug 1557787 ***
https://bugs.launchpad.net/bugs/1557787
** Information type changed from Private Security to Public Security
** This bug has been marked a duplicate of bug 1557787
client/server RCEs in path_name()
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to git in Ubuntu.
https://bugs.launchpad.net/bugs/1558293
Title:
Git package is old, compromised
Status in git package in Ubuntu:
New
Bug description:
$ apt-cache policy git
git:
Installed: (none)
Candidate: 1:2.5.0-1ubuntu0.1
Version table:
1:2.5.0-1ubuntu0.1 0
500 http://us.archive.ubuntu.com/ubuntu/ wily-updates/main amd64 Packages
500 http://security.ubuntu.com/ubuntu/ wily-security/main amd64 Packages
1:2.5.0-1 0
500 http://us.archive.ubuntu.com/ubuntu/ wily/main amd64 Packages
http://www.openwall.com/lists/oss-security/2016/03/16/9 reports that
the security hole is fixed in 2.7.1, yet we are at 2.5.0!
I need git to be up-to-date. Please package and backport to LTS for
those running servers with a git-server.
ProblemType: Bug
DistroRelease: Ubuntu 15.10
Package: git (not installed)
ProcVersionSignature: Ubuntu 4.2.0-30.36-generic 4.2.8-ckt3
Uname: Linux 4.2.0-30-generic x86_64
ApportVersion: 2.19.1-0ubuntu5
Architecture: amd64
CurrentDesktop: KDE
Date: Wed Mar 16 14:58:50 2016
InstallationDate: Installed on 2015-08-11 (218 days ago)
InstallationMedia: It
SourcePackage: git
UpgradeStatus: Upgraded to wily on 2015-09-04 (194 days ago)
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/git/+bug/1558293/+subscriptions
More information about the foundations-bugs
mailing list