[SECURITY] [DLA 938-1] git security update

[Markus Koschany <apo@debian.org>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Package        : git
Version        : 1:1.7.10.4-1+wheezy4
CVE ID         : CVE-2017-8386

Timo Schmid of ERNW GmbH discovered that the Git git-shell, a restricted
login shell for Git-only SSH access, allows a user to run an interactive
pager by causing it to spawn "git upload-pack --help".

For Debian 7 "Wheezy", these problems have been fixed in version
1:1.7.10.4-1+wheezy4.

We recommend that you upgrade your git packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAlkTcFFfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD
RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQACgkQ2a0UuVE7
UeT/jhAAshpG+D7BC+Fj+ujVMebrHt1XeU1B1Rk8VR8JLOEqJeUYQRKFHCsQGQ95
4hhq4p2v0OTbmvwobOagLGiF4xAvUEfEr0mldXTsPgPu4AHhvSNk9AXkdefv4qk4
CqC/nqc8SVDBC88Hkajuuq1B55VyTkZHQsiX71mt04a2dFPuHUiBw2J3xOwfJ0EK
x09Eb0jCrPr+5axDe3sTl0TwVEtd/5JLjSD7U37xTBY6gl0C244o3ZsRyF+B2wB6
hQTXDjDcumOR32Hu5Mz2ZBdRNUzR1rOHQOXHRQq9n7dW+c7d3FHJ+ptWB0fAR9H5
HxLsFSIbxswDXnbcSdqGHjxQ84Sy3h0UmzBi4QpdPxBa2wYOirV2cDpS+56Tx+uS
LAQ9qxxjxR8OCklFh2fXJ/ip2FZI9BfOygP759I+ZyATUc/tfg8zZ5IhTsEoGPu6
EZwJ/sHx7l2NXFjhNfcA2ltjzd9uFlymCCa/zoA8QY/pNz5A6OPMbgCyvB+3zXWf
/LJ/my86ggpjGN16YjuwCn7VF7B4WHWe/I+q9Y2iDFCBHZYYFVF5WZaUgiR7IPdx
V3NorS0t3OJpNRIVa2xqfySR4FKievLfw6OV5tlORMM5gouYAFQ0OKufQUiS4VFt
5GMjD7bFF9Fxy334s5hraa7wB79l8XytpSMC92QAPAdkZqp6K4E=
=l9d7
-----END PGP SIGNATURE-----