Linux News Today: Git Vulnerability Founds and Fixed in All Supported Ubuntu OSes
A Git vulnerability has been identified and repaired in Ubuntu 15.10, Ubuntu 15.04, Ubuntu 14.04 LTS, and Ubuntu 12.04 LTS operating systems.
Git is the famous distributed revision control system, and it’s in the hands of millions of people every day. It’s an incredible tool and a lot of faith is put into it. Any kind of vulnerability that found in Git needs to ble closed and that’s exactly what’s happened. This is the kind of patch that usually ends up in multiple distros, not just Ubuntu.
“Blake Burkhart discovered that the Git git-remote-ext helper incorrectly handled recursive clones of git repositories. A remote attacker could possibly use this issue to execute arbitrary code by injecting commands via crafted URLs.” said the maintainers in the security notification.
For a more detailed description of the issues, you can see Canonical’s security notification. Users should upgrade their Linux distribution in order to correct this issue. The vulnerability can be fixed if you upgrade your system(s) to the latest git package specific to each distribution. To apply the patch, users can simply run the Update Manager application.
If you don’t want to use the Software Updater, you can open a terminal and enter the following commands (you will need to be root):
sudo apt-get update
sudo apt-get dist-upgrade
Since this is not a core package, users won’t have to reboot the system.