This bug was fixed in the package git - 1:2.7.4-0ubuntu1.3
--------------- git (1:2.7.4-0ubuntu1.3) xenial-security; urgency=high
* SECURITY UPDATE: Git cvsserver OS Command Injection (LP: #1719740) - shell-drop-git-cvsserver-support-by-default.diff - cvsserver-use-safe_pipe_capture.diff - cvsimport-shell-quote-variable-used-in-backticks.diff - archimport-use-safe_pipe_capture-for-user-input.diff - CVE-2017-14867
-- Simon Quigley <email address hidden> Tue, 03 Oct 2017 13:14:37 -0500
This bug was fixed in the package git - 1:2.7.4-0ubuntu1.3
--------------- 4-0ubuntu1. 3) xenial-security; urgency=high
git (1:2.7.
* SECURITY UPDATE: Git cvsserver OS Command Injection (LP: #1719740) git-cvsserver- support- by-default. diff use-safe_ pipe_capture. diff shell-quote- variable- used-in- backticks. diff use-safe_ pipe_capture- for-user- input.diff
- shell-drop-
- cvsserver-
- cvsimport-
- archimport-
- CVE-2017-14867
-- Simon Quigley <email address hidden> Tue, 03 Oct 2017 13:14:37 -0500