[3.3] git: Escape out of git-shell (CVE-2017-8386)
A vulnerability was found in git concerning the git shell. A user who
comes over SSH could run an
interactive pager by causing it to spawn “git upload-pack —help”.
Fixed In Version:
git 2.4.12, git 2.5.6, git 2.6.7, git 2.7.5, git 2.8.5, git 2.9.4, git 2.10.3, git 2.11.2, git 2.12.3
References:
https://insinuator.net/2017/05/git-shell-bypass-by-abusing-less-cve-2017-8386/
http://public-inbox.org/git/xmqq8tm5ziat.fsf@gitster.mtv.corp.google.com/
Patch:
https://kernel.googlesource.com/pub/scm/git/git/+/3ec804490a265f4c418a321428c12f3f18b7eff5
(from redmine: issue id 7371, created on 2017-06-01, closed on 2017-06-15)
- Changesets:
- Revision b19d4f7c on 2017-06-15T12:37:57Z:
main/git: security fixes #7371 (CVE-2017-8386)