FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

Git -- Execute arbitrary code

Affected packages
git < 2.6.1
git-gui < 2.6.1
git-lite < 2.6.1
git-subversion < 2.6.1


VuXML ID 7f645ee5-7681-11e5-8519-005056ac623e
Discovery 2015-09-23
Entry 2015-10-19
Modified 2015-12-12

Git release notes:

Some protocols (like git-remote-ext) can execute arbitrary code found in the URL. The URLs that submodules use may come from arbitrary sources (e.g., .gitmodules files in a remote repository), and can hurt those who blindly enable recursive fetch. Restrict the allowed protocols to well known and safe ones.


CVE Name CVE-2015-7545