A vulnerability in Git might allow remote attackers to bypass security restrictions.
|Package||dev-vcs/git on all architectures|
|Affected versions||< 2.13.0|
|Unaffected versions||>= 2.13.0|
Git is a free and open source distributed version control system designed to handle everything from small to very large projects with speed and efficiency.
Timo Schmid discovered that the Git restricted shell incorrectly filtered allowed commands.
A remote attacker could possibly bypass security restrictions and access sensitive information.
There is no known workaround at this time.
All Git users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=dev-vcs/git-2.13.0"
June 06, 2017
June 06, 2017: 1