Skip to main content

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
[jgit-dev] Security fix for CVE-2023-4759

The vulnerability CVE-2023-4759 "Arbitrary File Overwrite in Eclipse JGit <= 6.6.0" was fixed in JGit and EGit and

If you are using JGit with non-bare repositories on a case-insensitive filesystem you should update asap.
Setting core.symlinks=false in the global git config avoids the problem.
Kudos to Ryota K for finding and reporting this issue.


Back to the top