[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Advice regarding CVE-2017-15298 for git

Am Sun, 15 Oct 2017 14:15:31 +0200
schrieb Ola Lundqvist <ola@inguza.com>:

> Hi fellow LTS maintainers
> I have looked into CVE-2017-15298 for git. The vulnerability is that
> if you try to clone a crafted repo it may use very lot of memory.
> I'm not convinced that this is a vulnerability that we should spend
> time on. I mean the worst thing is that you have to press Ctrl-C to
> make it stop and then do not use that repo anymore.
> Or do you have another opinion?

What happens, if people use a cronjob to run git?

> Best regards
> // Ola

Reply to: