17 lines
511 B
Plaintext
17 lines
511 B
Plaintext
Git v2.17.6 Release Notes
|
|
=========================
|
|
|
|
This release addresses the security issues CVE-2021-21300.
|
|
|
|
Fixes since v2.17.5
|
|
-------------------
|
|
|
|
* CVE-2021-21300:
|
|
On case-insensitive file systems with support for symbolic links,
|
|
if Git is configured globally to apply delay-capable clean/smudge
|
|
filters (such as Git LFS), Git could be fooled into running
|
|
remote code during a clone.
|
|
|
|
Credit for finding and fixing this vulnerability goes to Matheus
|
|
Tavares, helped by Johannes Schindelin.
|