Closed
Bug 1113394
Opened 10 years ago
Closed 10 years ago
deploy git server update to mitigate CVE-2014-9390
Categories
(Developer Services :: Git, defect)
Developer Services
Git
Tracking
(Not tracked)
RESOLVED
FIXED
People
(Reporter: hwine, Assigned: bkero)
References
Details
2.2.1 addresses an RCE on windows & mac clients http://article.gmane.org/gmane.linux.kernel/1853266 for announce. Packages not yet available.
Comment 1•10 years ago
|
||
We don't need a confidential bug for a released vuln (I think).
Group: mozilla-employee-confidential
Comment 2•10 years ago
|
||
We don't need 2.2.1. All the major Git branches received updates today. As talked about in #vcs, we should stay inside the current release branch and not cross version boundaries.
Summary: deploy git server update to 2.2.1 or later → deploy git server update to mitigate CVE-2014-9390
Assignee | ||
Comment 3•10 years ago
|
||
Built and deployed git 1.9.5 on git1 and git2.
Assignee: nobody → bkero
Status: NEW → RESOLVED
Closed: 10 years ago
Resolution: --- → FIXED
Assignee | ||
Comment 4•10 years ago
|
||
Additionally, 2.2.1 packages were built and put into mrepo, but not deployed.
You need to log in
before you can comment on or make changes to this bug.
Description
•