Re: Advice regarding CVE-2017-15298 for git
Am Sun, 15 Oct 2017 14:15:31 +0200
schrieb Ola Lundqvist <firstname.lastname@example.org>:
> Hi fellow LTS maintainers
> I have looked into CVE-2017-15298 for git. The vulnerability is that
> if you try to clone a crafted repo it may use very lot of memory.
> I'm not convinced that this is a vulnerability that we should spend
> time on. I mean the worst thing is that you have to press Ctrl-C to
> make it stop and then do not use that repo anymore.
> Or do you have another opinion?
What happens, if people use a cronjob to run git?
> Best regards
> // Ola