Previous versions of git mishandled layers of tree objects, which allowed remote attackers to cause a denial of service (memory consumption) via a crafted repository, aka a git bomb. This can also have an impact of disk consumption; however, an affected process typically would not survive its attempt to build the data structure in memory before writing to disk.
Updates may require up to 24 hours to propagate to mirrors. If the following command doesn't work, please retry later:
sudo dnf upgrade --refresh --advisory=FEDORA-2017-cdfd888e2e
Please login to add feedback.
This update has been submitted for testing by tmz.
This update has been pushed to testing.
This update has reached 7 days in testing and can be pushed to stable now if the maintainer wishes
This update has been submitted for batched by tmz.
This update has been submitted for stable by bodhi.
This update has been pushed to stable.