Debian LTS Advisory ([SECURITY] [DLA 2059-1] git security update)

The remote host is missing an update for the 'git' package(s) announced via the DSA-2059-1 advisory.

Several vulnerabilities have been discovered in git, a fast, scalable, distributed revision control system. CVE-2019-1348 It was reported that the --export-marks option of git fast-import is exposed also via the in-stream command feature export-marks=..., allowing to overwrite arbitrary paths. CVE-2019-1387 It was discovered that submodule names are not validated strictly enough, allowing very targeted attacks via remote code execution when performing recursive clones. In addition this update addresses a number of security issues which are only an issue if git is operating on an NTFS filesystem (CVE-2019-1349, CVE-2019-1352 and CVE-2019-1353).

'git' package(s) on Debian Linux.

Checks if a vulnerable package version is present on the target host.

For Debian 8 'Jessie', these problems have been fixed in version 1:2.1.4-2.1+deb8u8. We recommend that you upgrade your git packages.