-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Mon, 02 Oct 2017 15:47:26 -0400 Source: git Binary: git git-man git-core git-doc git-arch git-cvs git-svn git-email git-daemon-run git-daemon-sysvinit git-gui gitk git-el gitweb git-all Architecture: source amd64 all Version: 1:1.7.10.4-1+wheezy6 Distribution: wheezy-security Urgency: high Maintainer: Gerrit Pape <pape@smarden.org> Changed-By: Antoine Beaupré <anarcat@debian.org> Description: git - fast, scalable, distributed revision control system git-all - fast, scalable, distributed revision control system (all subpacka git-arch - fast, scalable, distributed revision control system (arch interop git-core - fast, scalable, distributed revision control system (obsolete) git-cvs - fast, scalable, distributed revision control system (cvs interope git-daemon-run - fast, scalable, distributed revision control system (git-daemon s git-daemon-sysvinit - fast, scalable, distributed revision control system (git-daemon s git-doc - fast, scalable, distributed revision control system (documentatio git-el - fast, scalable, distributed revision control system (emacs suppor git-email - fast, scalable, distributed revision control system (email add-on git-gui - fast, scalable, distributed revision control system (GUI) git-man - fast, scalable, distributed revision control system (manual pages git-svn - fast, scalable, distributed revision control system (svn interope gitk - fast, scalable, distributed revision control system (revision tre gitweb - fast, scalable, distributed revision control system (web interfac Closes: 876854 Changes: git (1:1.7.10.4-1+wheezy6) wheezy-security; urgency=high . * Non-maintainer upload by the LTS Security Team. * Fix CVE-2017-14867: Git uses unsafe Perl scripts to support subcommands such as cvsserver, which allows attackers to execute arbitrary OS commands via shell metacharacters in a module name. The vulnerable code is reachable via git-shell even without CVS support. (Closes: #876854) Checksums-Sha1: 912744c572992c0d51abd0a96d9ad59abdcda8f8 2647 git_1.7.10.4-1+wheezy6.dsc 4856017b7ee7171374beb7208026734289987263 524332 git_1.7.10.4-1+wheezy6.diff.gz 692d9fd310f560c56e61bf7f4e7e892edeed4040 6692664 git_1.7.10.4-1+wheezy6_amd64.deb 9e73c2cc379619e6d75c2016f327d7f99e75e20b 2265626 git-doc_1.7.10.4-1+wheezy6_all.deb 7058208f65b1212d9a456e176cdb5f4738e0e50d 465172 git-arch_1.7.10.4-1+wheezy6_all.deb f71b7134a99457447da07f4032d5531fd3e7da1e 533804 git-cvs_1.7.10.4-1+wheezy6_all.deb 46c5f15ba36a07a110ccc1082b29f05168ef8a07 520822 git-svn_1.7.10.4-1+wheezy6_all.deb b25e7b47e437acf9e1a770519ec184b1e9f1d243 451764 git-daemon-run_1.7.10.4-1+wheezy6_all.deb 5b1950698237b2de7bd7fdc7cb8502b5b3864698 453162 git-daemon-sysvinit_1.7.10.4-1+wheezy6_all.deb da2d262b158bf60eaaa4f899da40db877876ca71 470458 git-email_1.7.10.4-1+wheezy6_all.deb 38c2f4c6e1b605c3a6ba78c01ee6492e973275aa 731064 git-gui_1.7.10.4-1+wheezy6_all.deb 497a907e742deff1a9fe786a0ff50ab9262ded36 578424 gitk_1.7.10.4-1+wheezy6_all.deb e55fab5cb8302c7331aea65b99f9ab7a2de6aefb 454514 gitweb_1.7.10.4-1+wheezy6_all.deb aeb25062fe167f0cb96f2a3223448a6c386a26a0 450014 git-all_1.7.10.4-1+wheezy6_all.deb 1f956c1ded18fd34b3e736ed4d3359206026d665 1336 git-core_1.7.10.4-1+wheezy6_all.deb 1a60460aba3ae675e8d442855d6dcaaf5af639a6 473442 git-el_1.7.10.4-1+wheezy6_all.deb 4654d97f1a6cdafd1670136220eca14fff89ecbb 1075384 git-man_1.7.10.4-1+wheezy6_all.deb Checksums-Sha256: 8befb631b5fd5148a7de7ff6af0cf126d151e3054275beaf2e0c684c0deae64b 2647 git_1.7.10.4-1+wheezy6.dsc 983cf65f3e2aa609f54c53680f420c328b2f254a2b6227fa0677d103ff378aa6 524332 git_1.7.10.4-1+wheezy6.diff.gz 56c4f29bdab2fe3ff423d14dbd82b6ac0a7a0d78d74ca4372c7f82abc5beb135 6692664 git_1.7.10.4-1+wheezy6_amd64.deb 162e7f3dcbfc6886e1489a740038e1e3bb0a2cb4401bf4cb3968cff9532fea1b 2265626 git-doc_1.7.10.4-1+wheezy6_all.deb 308a9ae781bd572a87370db60c8393737f55fc6145c0b05608c458c2f1e29a16 465172 git-arch_1.7.10.4-1+wheezy6_all.deb c790afb523597b2669f7da73f42dbde342feadac4804a6a2063d0a62492fdac3 533804 git-cvs_1.7.10.4-1+wheezy6_all.deb 531627f24dae305e053dbac8345c42b33fc75d45ed75f61aff6c52c0cd45b45c 520822 git-svn_1.7.10.4-1+wheezy6_all.deb 951de998a252320a3f355e701ed24ec9f993e7681d9c90ebabbd31baf673340b 451764 git-daemon-run_1.7.10.4-1+wheezy6_all.deb 8223b458a05232f75586e2be87128e74b4a5650cd7fdb014dcdeba96f3adea00 453162 git-daemon-sysvinit_1.7.10.4-1+wheezy6_all.deb 009e11db742de3b7e4a532efae4f86d7aee986523a010ea1baf0f9ed8b15e53e 470458 git-email_1.7.10.4-1+wheezy6_all.deb 663512e4b6b5b431150e8c1aa3e5c10171a188e8a4f72af403988d094ca6ad2b 731064 git-gui_1.7.10.4-1+wheezy6_all.deb 71bad03805b9574383fa48b4ad621960258dc07b3406d50b941c13024c269386 578424 gitk_1.7.10.4-1+wheezy6_all.deb e54702d823c2c5a55e3224a6e8a6392e675c71fcc51afadacc3674a821562e6e 454514 gitweb_1.7.10.4-1+wheezy6_all.deb de149882a54fd0f05a5283b82c8717f1a1c181ec6bdcfcc91664019b9d1bccbb 450014 git-all_1.7.10.4-1+wheezy6_all.deb 908f48476d0c8e6dacb868ce290ed386461a044b78c12e824b57f2daa22d6f2d 1336 git-core_1.7.10.4-1+wheezy6_all.deb 09943172f07f917b15fc174b22ad753bacf39cbe701a5ef41d4edc2f86c33b1a 473442 git-el_1.7.10.4-1+wheezy6_all.deb 9233c0d7d9d047085bbec9aa9576934131472aaa87a3f3b0dcac905a127588e3 1075384 git-man_1.7.10.4-1+wheezy6_all.deb Files: 7eb8764521b36cfab48dc07157cb6107 2647 vcs optional git_1.7.10.4-1+wheezy6.dsc a2c30b5f957f41f5cb6e7247d72eab7e 524332 vcs optional git_1.7.10.4-1+wheezy6.diff.gz 686982ebccbf7ea240b69286a7275ea6 6692664 vcs optional git_1.7.10.4-1+wheezy6_amd64.deb 4cb94543ebfc128e0c05129c4d3f8135 2265626 doc optional git-doc_1.7.10.4-1+wheezy6_all.deb 5ce08b57c72517b0d8f1abeb084aee8d 465172 vcs optional git-arch_1.7.10.4-1+wheezy6_all.deb 838b9cec4f1dd6c01d45de57a57b8771 533804 vcs optional git-cvs_1.7.10.4-1+wheezy6_all.deb fad78ad1cbbb3eea30fa48afdf562132 520822 vcs optional git-svn_1.7.10.4-1+wheezy6_all.deb 9d4921d569aa31f2221883974cad29bc 451764 vcs optional git-daemon-run_1.7.10.4-1+wheezy6_all.deb 9305b1fedf39da3eb51de4c25f1246a6 453162 vcs extra git-daemon-sysvinit_1.7.10.4-1+wheezy6_all.deb 61b1d498ab1f2be2de74e6d2a8ce0b02 470458 vcs optional git-email_1.7.10.4-1+wheezy6_all.deb 4189af924e573046f5499b6d86e930cc 731064 vcs optional git-gui_1.7.10.4-1+wheezy6_all.deb 3ff0d2d2152fda8afae1a00dcd38234c 578424 vcs optional gitk_1.7.10.4-1+wheezy6_all.deb 1c02c97bfa8166637ec8fb206673559c 454514 vcs optional gitweb_1.7.10.4-1+wheezy6_all.deb 82c812e55205202ed24f3d148b933637 450014 vcs optional git-all_1.7.10.4-1+wheezy6_all.deb 4be6bb394ed804bcd45da9d012b767d9 1336 vcs optional git-core_1.7.10.4-1+wheezy6_all.deb ce37faa4dc196260322faf83fae14b60 473442 vcs optional git-el_1.7.10.4-1+wheezy6_all.deb 2738caa1a4d886a4798c4825a2236259 1075384 doc optional git-man_1.7.10.4-1+wheezy6_all.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEjckBzmQUbASK1Q+7eSFSUnt1kh4FAlnSp/UACgkQeSFSUnt1 kh4yOg//bFLHK/4b0hfj/+DQQtUZqIUk9l7uLgmo8fF1GcthsHrUi1y1h7qZNk2O ljSrq99cjo07Dl5yZWdjMLMgX1VIkS6UdhW2XvKr0LrnMeXHFTxJzL1qYhb1f5tI NKlfVldDvX350asWpHfOJnDgf02LapOR3XkM4LsSEv3LWxdFp8JF/mf9clTHKSi8 tDPjUJI6ozf8dzPl3eofHygGgo1OVKlWK20DySK7dWDS1kwU6q716flOE8gJgJa/ iqNu8Ebqxk2d7Lp/v288bTH0nN8iVuJeAO2I/QkA4myCsNjwRmbC2/1D42tdI1zD da+SrSbCVH7tCg1toFvQE9NeDI4WkhOwHVBEm/A4RTrygIfiAxu8FrG6a8CHteFJ WCB5qTM0oUAp4GalET6Ez9y/JWxPxmkAnijzVmt/w4S/bKzK1CAUUSPCQE3lUeBD exj2A/uCaJu8DKIxnvZ1QtxIkvdWqGSIscWdORickLKCXIm1ivUdxX/7i5a0CXS8 iaQsZavV36DZSiJ6hhYKlKJKnvVU49AHr9tZb/E4JaXbo+2TIfgbw37PnQERZOFA 3a9dx6UPHt6aIxXuRV/gqy11jIq0lkSuo7biUTR6YMWIeDbVs0EqvusMdEG7b86r 26d1vZZZ/LfT9kOrG+FJi3wLNk1j53sDZJCcu7cSj2G/XHkpQig= =Ckn8 -----END PGP SIGNATURE-----
