Scientific Linux Security Update : git on SL6.x i386/x86_64
Medium Nessus Plugin ID 102576
SynopsisThe remote Scientific Linux host is missing one or more security updates.
DescriptionSecurity Fix(es) :
- A shell command injection flaw related to the handling of 'ssh' URLs has been discovered in Git. An attacker could use this flaw to execute shell commands with the privileges of the user running the Git client, for example, when performing a 'clone' action on a malicious repository or a legitimate repository containing a malicious commit. (CVE-2017-1000117)
SolutionUpdate the affected packages.