Skip to main content


Eclipse Community Forums
Forum Search:

Search      Help    Register    Login    Home
Home » Eclipse Projects » EGit / JGit » What is the action for CVE 2018-11234 and CVE 2018-11235?(Vulnerability for Git with repos containing sub-modules)
What is the action for CVE 2018-11234 and CVE 2018-11235? [message #1788556] Wed, 30 May 2018 18:39 Go to next message
Andy Chapman is currently offline Andy ChapmanFriend
Messages: 4
Registered: July 2009
Junior Member
Is there a fix version of eGit or a way to link to a patched Git version installed outside eGit?

Useful links:
https://blogs.msdn.microsoft.com/devops/2018/05/29/announcing-the-may-2018-git-security-vulnerability/
https://www.edwardthomson.com/blog/upgrading_git_for_cve2018_11235.html

Report message to a moderator

Re: What is the action for CVE 2018-11234 and CVE 2018-11235? [message #1788634 is a reply to message #1788556] Wed, 30 May 2018 19:17 Go to previous messageGo to next message
Matthias Sohn is currently offline Matthias SohnFriend
Messages: 1268
Registered: July 2009
Senior Member
JGit and EGit which is based on JGit (not native git) are not affected by this vulnerability.
See https://bugs.eclipse.org/bugs/show_bug.cgi?id=535027

Report message to a moderator

Re: What is the action for CVE 2018-11234 and CVE 2018-11235? [message #1788705 is a reply to message #1788634] Wed, 30 May 2018 19:51 Go to previous message
Andy Chapman is currently offline Andy ChapmanFriend
Messages: 4
Registered: July 2009
Junior Member
Thanks.

Report message to a moderator

Previous Topic:Eclipse EGIT plugin install Missing Requirement required items could not be found
Next Topic:JGit PUSH only Single File
Goto Forum:
  

[ Syndicate this forum (XML) ] [ RSS ]

Current Time: Fri Apr 26 22:29:35 GMT 2024

Powered by FUDForum. Page generated in 0.03316 seconds
.:: Contact :: Home ::.

Powered by: FUDforum 3.0.2.
Copyright ©2001-2010 FUDforum Bulletin Board Software

Back to the top

Sign up to our Newsletter

A fresh new issue delivered monthly