Any updates on CVE-2018-1000021
Hi,
I'd like to ask if there's any update on the git-vulnerability CVE-2018-100002. According to the description on both the tracker and the NVD it has been fixed since Version 2.15.1, but the security trackers of both Debian and Ubuntu still list it as vulnerable on all Versions, up to 1:2.40.1-1. I'm pretty sure that's wrong. Is that a problem that has been kept in the application for legacy-reasons or something that has been fixed upstream, copied, but not marked as fixed in the tracker? The last update on the linked bug-report (889680) is from 2018 and appears to be spam.
Thanks in advance
Leos
Attachment:
publickey - EmailAddress(s=leos@sklw.de) - 0x49C909DA.asc
Description: application/pgp-keys
Attachment:
signature.asc
Description: OpenPGP digital signature
Reply to: