Saturday, October 6, 2018

GitHub fixes security flaw that allowed arbitrary code execution, Windows unaffected - Neowin


Neowin

GitHub fixes security flaw that allowed arbitrary code execution, Windows unaffected
Neowin
When running "git clone --recurse-submodules", Git parses the supplied .gitmodules file for a URL field and blindly passes it as an argument to a "git clone" subprocess. If the URL field is set to a string that begins with a dash, this "git clone ...

and more »