Debian Wheezy: DLA-1144-1 Moderate: git-annex Remote Command Execution
debian lts
October 27, 2017
git-annex before 6.20170818 allows remote attackers to execute arbitrary commands via an ssh URL with an initial dash character in the hostname, as demonstrated by an ssh://-eProxy...
Topics Covered
Summary
We recommend that you upgrade your git-annex packages.
Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
PREVIOUS
NEXT
Severity
important
Lowest
Low
Medium
High
Critical
<pre><font face="Courier">Package: git-annex
Version: 3.20120629+deb7u1
CVE ID: CVE-2017-12976
Debian Bug: 873088
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!