I've recently noticed a security update for git-core in Debian stable/testing/unstable, which fixes a denial of service bug in the git-daemon. Debian got the fix on Jul 25th.
Fedora 11 folks were even more responsive by releasing an update on Jun 23rd (!). How about Ubuntu I hear you asking. Guess what... no update so far. I bet the bug applies to Ubuntu as well: Jaunty uses git-core 1.6.0.4; for Debian sid it was fixed with version 1.6.3.3-1. Fedora users got git-1.6.2.5. Wake up, Ubuntu Security team!
No comments:
Post a Comment