Matt Mackall and Augie Fackler discovered that Git incorrectly handled certain filesystem paths. A remote attacker could possibly use this issue to execute arbitrary code if the Git tree is stored in an HFS+ or NTFS filesystem. The remote attacker would need write access to a Git repository that the victim pulls from.
{ "availability": "No subscription required", "binaries": [ { "binary_name": "git", "binary_version": "1:1.9.1-1ubuntu0.1" }, { "binary_name": "git-all", "binary_version": "1:1.9.1-1ubuntu0.1" }, { "binary_name": "git-arch", "binary_version": "1:1.9.1-1ubuntu0.1" }, { "binary_name": "git-bzr", "binary_version": "1:1.9.1-1ubuntu0.1" }, { "binary_name": "git-core", "binary_version": "1:1.9.1-1ubuntu0.1" }, { "binary_name": "git-cvs", "binary_version": "1:1.9.1-1ubuntu0.1" }, { "binary_name": "git-daemon-run", "binary_version": "1:1.9.1-1ubuntu0.1" }, { "binary_name": "git-daemon-sysvinit", "binary_version": "1:1.9.1-1ubuntu0.1" }, { "binary_name": "git-doc", "binary_version": "1:1.9.1-1ubuntu0.1" }, { "binary_name": "git-el", "binary_version": "1:1.9.1-1ubuntu0.1" }, { "binary_name": "git-email", "binary_version": "1:1.9.1-1ubuntu0.1" }, { "binary_name": "git-gui", "binary_version": "1:1.9.1-1ubuntu0.1" }, { "binary_name": "git-man", "binary_version": "1:1.9.1-1ubuntu0.1" }, { "binary_name": "git-mediawiki", "binary_version": "1:1.9.1-1ubuntu0.1" }, { "binary_name": "git-svn", "binary_version": "1:1.9.1-1ubuntu0.1" }, { "binary_name": "gitk", "binary_version": "1:1.9.1-1ubuntu0.1" }, { "binary_name": "gitweb", "binary_version": "1:1.9.1-1ubuntu0.1" } ] }