mirrors/git-annex
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages 1 Wiki Activity Actions

add upgrade note

Browse source
This commit is contained in:
Joey Hess 2018-06-21 18:16:44 -04:00
parent fff1825f13
commit 9faef71650
No known key found for this signature in database
GPG key ID: DB12DB0FF05F8F38
1 changed files with 2 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

3
doc/security/CVE-2018-10857_and_CVE-2018-10859.mdwn
View file

@ -9,7 +9,8 @@ key. This attack could be used to expose encrypted data that was never
stored in git-annex. Daniel Dent discovered this attack in collaboration stored in git-annex. Daniel Dent discovered this attack in collaboration
with Joey Hess. with Joey Hess.
These security holes were fixed in git-annex 6.20180626. These security holes were fixed in git-annex 6.20180626. After upgrading
git-annex, you should restart any git-annex assistant processes.
Also, some external special remotes (plugins) were improved, as a second Also, some external special remotes (plugins) were improved, as a second
line of defense against CVE-2018-10857: line of defense against CVE-2018-10857: