Per the upstream release announcement¹, this release fixes "various security flaws, which allowed an attacker to overwrite arbitrary paths, remotely execute code, and/or overwrite files in the .git/ directory etc. See the release notes attached for the list for their descriptions and CVE identifiers."
Refer to the 2.14.6 release notes² for details on these vulnerabilities.
sudo dnf upgrade --advisory=FEDORA-2019-1cec196e20
Please login to add feedback.