Re: [Announce] Git 2.14.5, 2.15.3, 2.16.5, 2.17.2, 2.18.1, and 2.19.1

From: Junio C Hamano
Date: Fri Oct 05 2018 - 13:04:10 EST


Junio C Hamano <gitster@xxxxxxxxx> writes:

> These releases fix a security flaw (CVE-2018-17456), which allowed an
> attacker to execute arbitrary code by crafting a malicious .gitmodules
> file in a project cloned with --recurse-submodules.

The tarballs are found at:

https://www.kernel.org/pub/software/scm/git/

The following public repositories all have a copy of these
tags:

url = https://kernel.googlesource.com/pub/scm/git/git
url = git://repo.or.cz/alt-git.git
url = https://github.com/gitster/git