GLSA-201706-04 : Git: Security bypass
Medium Nessus Plugin ID 100647
SynopsisThe remote Gentoo host is missing one or more security-related patches.
DescriptionThe remote host is affected by the vulnerability described in GLSA-201706-04 (Git: Security bypass)
Timo Schmid discovered that the Git restricted shell incorrectly filtered allowed commands.
A remote attacker could possibly bypass security restrictions and access sensitive information.
There is no known workaround at this time.
SolutionAll Git users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose '>=dev-vcs/git-2.13.0'