git-annex/doc/bugs/git_security_fix.mdwn

git had some remotely exploitable security holes announced recently
(CVE-2016-2324, CVE-2016-2315)

git-annex builds that bundle git need to be updated.

status of autobuilds:

* Linux is fixed (all builds)
* OSX pending (host is moving)
* Windows does not bundle git
* Android is fixed (git build is untested)

status of released builds:

* Linux is fixed (all builds)
* OSX is **vulnerable**
* Windows does not bundle git
* Android is fixed (git build is untested)
tracking bug 2016-03-18 03:08:39 +00:00			`git had some remotely exploitable security holes announced recently`
			`(CVE-2016-2324, CVE-2016-2315)`

			`git-annex builds that bundle git need to be updated.`

			`status of autobuilds:`

			`* Linux is fixed (all builds)`
update 2016-03-18 15:28:11 +00:00			`* OSX pending (host is moving)`
update 2016-03-18 15:46:03 +00:00			`* Windows does not bundle git`
tracking bug 2016-03-18 03:08:39 +00:00			`* Android is fixed (git build is untested)`

			`status of released builds:`

update 2016-03-18 15:28:11 +00:00			`* Linux is fixed (all builds)`
update 2016-03-18 15:46:03 +00:00			`* OSX is vulnerable`
			`* Windows does not bundle git`
update 2016-03-18 15:28:11 +00:00			`* Android is fixed (git build is untested)`