Git -- Execute arbitrary code

ID 7F645EE5-7681-11E5-8519-005056AC623E
Type freebsd
Reporter FreeBSD
Modified 2015-12-12T00:00:00


Git release notes:

Some protocols (like git-remote-ext) can execute arbitrary code found in the URL. The URLs that submodules use may come from arbitrary sources (e.g., .gitmodules files in a remote repository), and can hurt those who blindly enable recursive fetch. Restrict the allowed protocols to well known and safe ones.