Am 16.08.2017 um 16:29 schrieb Herbert Chang: > hi centos community, > > as many of you probably have been following along, a few days ago CVE > 2017-1000117 <https://bugzilla.redhat.com/show_bug.cgi?id=1480386> was > identified and redhat was prompt to release patches to fedora 25/26. I > haven't seen any chatter thus far from CentOS, so was wondering if anyone > knew the status of the patches landing in CentOS, and more specifically, > for CentOS 6 and git 1.7.x that's currently latest in the repos. > > thanks! > Herbert Red Hat has a CVE database. For the issue see https://access.redhat.com/security/cve/cve-2017-1000117 Red Hat just today has released a new git package for RHEL 6 + 7, RHSA-2017:2485 and RHSA-2017:2484. The CentOS update packages will for sure pop up on the mirrors in near future. Alexander