Home My Page Projects Site Admin
Summary Activity Tracker Lists Docs News SCM

Forum: git client vulnerability on windows and mac

Posted by: Matthieu Imbert
Date: 2015-01-06 12:34
Summary: git client vulnerability on windows and mac
Project: Site Admin

Content:

Windows and Mac users should check the versions of their git clients, as security issue CVE-2014-9390 was recently discovered.

It affects git and mercurial clients on case-insensitive filesystems (most commonly windows and mac).

See http://security.stackexchange.com/questions/76588/how-does-cve-2014-9390-affect-me for an explanation.

To put things into perspective, the impact of this security issue is actually quite low since cloning from a git/mercurial repository is usually followed by executing a makefile, so in any case, code is executed, this vulnerability only changes the time of execution.

We have conducted an audit of all git repositories on the inria forge, there is currently no repository with suspicious case conflicting .git repositories versionned.
Latest News

git-annex available on the forge

Matthieu Imbert - 2017-07-04 13:39 -

Forge maintenance on 2017/04/04 at 9:00 (30 min)

Charles DELTEL - 2017-04-03 09:38 -

Taskboard plugin desactivated

Charles DELTEL - 2017-03-09 10:38 -

general inria forge performance issues

Charles DELTEL - 2016-02-04 11:40 -

Group the projects of your team

Sylvain Beucler - 2015-11-16 16:32 -
Monitor Forum | Start New Thread Start New Thread
Topic Topic Starter Replies Last Post
Welcome to git-client-vulnerability-on-windows-and-macMatthieu Imbert02015-01-06 12:34