openSUSE Security Update : git (openSUSE-2017-1115)
High Nessus Plugin ID 103622
SynopsisThe remote openSUSE host is missing a security update.
DescriptionThis update for git to version 2.13.6 fixes the following issues :
- CVE-2017-14867: Various Perl scripts did not use safe_pipe_capture() instead of backticks, leaving them susceptible to end-user input (boo#1061041)
As an additional measure, 'git cvsserver' no longer is invoked by 'git daemon' by default.
SolutionUpdate the affected git packages.