Closed Bug 1113394 Opened 10 years ago Closed 10 years ago

deploy git server update to mitigate CVE-2014-9390

Tracking

(Not tracked)

Status:

RESOLVED FIXED

People

(Reporter: hwine, Assigned: bkero)

References

Details

Hal Wine [:hwine] use NI!

Reporter

Description

•

10 years ago

2.2.1 addresses an RCE on windows & mac clients

http://article.gmane.org/gmane.linux.kernel/1853266 for announce. Packages not yet available.

Gregory Szorc [:gps]

Comment 1

•

10 years ago

We don't need a confidential bug for a released vuln (I think).

Group: mozilla-employee-confidential

Gregory Szorc [:gps]

Comment 2

•

10 years ago

We don't need 2.2.1. All the major Git branches received updates today. As talked about in #vcs, we should stay inside the current release branch and not cross version boundaries.

Summary: deploy git server update to 2.2.1 or later → deploy git server update to mitigate CVE-2014-9390

Ben Kero [:bkero]

Assignee

Comment 3

•

10 years ago

Built and deployed git 1.9.5 on git1 and git2.

Assignee: nobody → bkero

Status: NEW → RESOLVED

Closed: 10 years ago

Resolution: --- → FIXED

Ben Kero [:bkero]

Assignee

Comment 4

•

10 years ago

Additionally, 2.2.1 packages were built and put into mrepo, but not deployed.

You need to log in before you can comment on or make changes to this bug.

Bugzilla

Quick Search

deploy git server update to mitigate CVE-2014-9390

Categories

(Developer Services :: Git, defect)

Tracking

(Not tracked)

People

(Reporter: hwine, Assigned: bkero)

References

Details

Crash Data

Security

(public)

User Story

Description

Comment 1

Comment 2

Comment 3

Comment 4