Update git. It has an RCE vulnerability

by Bill Sempf 30. May 2018 13:57

There is a new version of git, including for Windows, including VSTS, that you should move to immediately.

https://blogs.msdn.microsoft.com/devops/2018/05/29/announcing-the-may-2018-git-security-vulnerability/

Turns out there is a remote code execution vuln in git at the "protocol" level and a malicious repo can really cause a mess.  Update right away.

This news brief brought to you by Application Security Weekly.  Now back to your regularly scheduled cat video.

 

He's so proud of his catch until he realizes...it's all a lie from r/aww

Tags:

Comments are closed

Husband. Father. Pentester. Secure software composer. Brewer. Lockpicker. Ninja. Insurrectionist. Lumberjack. All words that have been used to describe me recently. I help people write more secure software.

Find me on Mastodon

profile for Bill Sempf on Stack Exchange, a network of free, community-driven Q&A sites

MonthList

Mastodon