Bug ID 910756
Summary CVE-2014-9390: git: arbitrary command execution vulnerability on case-insensitive file systems
Classification openSUSE
Product openSUSE Distribution
Version 13.2
Hardware Other
OS Other
Status NEW
Severity Normal
Priority P5 - None
Component Security
Assignee security-team@suse.de
Reporter Andreas.Stieger@gmx.de
QA Contact qa-bugs@suse.de
Found By ---
Blocker --- 

From http://article.gmane.org/gmane.linux.kernel/1853266

> This is a security-fix for CVE-2014-9390, which affects users on
> Windows and Mac OS X but not typical UNIX users.  A set of new
> releases for older maintenance tracks (v1.8.5.6, v1.9.5, v2.0.5, and
> v2.1.4) are published at the same time and they contain the same fix.
> Various implementations and ports, including Git for Windows, Git OS
> X installer, JGit & EGit, libgit2 (and Visual Studio which uses it)
> have been updated at the same time.
> 
> Even though the issue may not affect Linux users, if you are a
> hosting service whose users may fetch from your service to Windows
> or Mac OS X machines, you are strongly encouraged to update to
> protect such users who use existing versions of Git.

Not directly affected, but updates to 1.8.5.6, 1.9.5, 2.0.5, 2.1.4, 2.2.1
should be advised.

You are receiving this mail because: