Am 16.08.2017 um 16:29 schrieb Herbert Chang:
hi centos community,
as many of you probably have been following along, a few days ago CVE 2017-1000117 https://bugzilla.redhat.com/show_bug.cgi?id=1480386 was identified and redhat was prompt to release patches to fedora 25/26. I haven't seen any chatter thus far from CentOS, so was wondering if anyone knew the status of the patches landing in CentOS, and more specifically, for CentOS 6 and git 1.7.x that's currently latest in the repos.
thanks! Herbert
Red Hat has a CVE database. For the issue see
https://access.redhat.com/security/cve/cve-2017-1000117
Red Hat just today has released a new git package for RHEL 6 + 7, RHSA-2017:2485 and RHSA-2017:2484. The CentOS update packages will for sure pop up on the mirrors in near future.
Alexander