Thread of 2 posts
jump to replies
joernchen 
(open profile)
Happy Valentine's Day!
I've got a little something for you all right here https://github.com/git/git/security/advisories/GHSA-r87m-v37r-cwfh
๐ Patch your Gits ๐
joernchen
(open profile)
And while we're at it:
Roses are red
violets are blue
RCE is bad
We've got a patch for you โฅ๏ธ
A.k.a. patch your GitLabs
6 replies
back to top
@joern Beautiful, if the fixing patch would actually be a PoC exploit for said bug :D
joernchen
(open profile)
@ljrk LOL yeah. IIRC the tests give away the exploit.
joernchen
(open profile)
@ljrk reminds me of
https://seclists.org/fulldisclosure/2013/Oct/att-272/whatsup.txt
section Example ;)
@joern Ooh, I like this!
@joern great bug!
@joern signal boost! Be careful out there! #git #vulnerability