[openstack-dev] Git client vulnerability
kragniz at gmail.com
Fri Dec 19 13:34:06 UTC 2014
On Fri, Dec 19, 2014 at 01:19:48PM +0000, Jeremy Stanley wrote:
> Please re-read that advisory. GitHub's _servers_ were not
> affected as this is a client-side vulnerability. What GitHub did was
> release fixed versions of their "GitHub for Windows" and "GitHub for
> Mac" _client_ tools.
Github's servers were patched such that is is now not possible to host a
malicious repository on github servers, and attempts to push one will be
rejected. This is mentioned in the advisory.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 473 bytes
Desc: Digital signature
More information about the OpenStack-dev