Commit d0832b28 authored by Junio C Hamano's avatar Junio C Hamano

Git 2.14.5

Signed-off-by: default avatarJunio C Hamano <>
parent 273c6149
Git v2.14.5 Release Notes
This release is to address the recently reported CVE-2018-17456.
Fixes since v2.14.4
* Submodules' "URL"s come from the untrusted .gitmodules file, but
we blindly gave it to "git clone" to clone submodules when "git
clone --recurse-submodules" was used to clone a project that has
such a submodule. The code has been hardened to reject such
malformed URLs (e.g. one that begins with a dash).
Credit for finding and fixing this vulnerability goes to joernchen
and Jeff King, respectively.
\ No newline at end of file
\ No newline at end of file
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment