Slackware-14.2 ChangeLog (2018-10-10)

Wed Oct 10 23:09:36 UTC 2018

  • patches/packages/git-2.14.5-i586-1_slack14.2.txz
    This update fixes a security issue:
    Submodules' “URL“s come from the untrusted .gitmodules file, but we
    blindly gave it to “git clone” to clone submodules when “git clone
    –recurse-submodules” was used to clone a project that has such a
    submodule. The code has been hardened to reject such malformed URLs
    (e.g. one that begins with a dash). Credit for finding and fixing this
    vulnerability goes to joernchen and Jeff King, respectively.
    For more information, see:
    (* Security fix *)
  • news/2018/10/10/slackware-14.2-changelog.txt
  • Last modified: 4 years ago
  • by Giuseppe Di Terlizzi