CVE-2017-12976 in Ubuntu

CVE-2017-12976

Priority

Description

git-annex before 6.20170818 allows remote attackers to execute arbitrary
commands via an ssh URL with an initial dash character in the hostname, as
demonstrated by an ssh://-eProxyCommand= URL, a related issue to
CVE-2017-9800, CVE-2017-12836, CVE-2017-1000116, and CVE-2017-1000117.

References

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12976
http://source.git-annex.branchable.com/?p=source.git;a=commit;h=df11e54788b254efebb4898b474de11ae8d3b471
http://source.git-annex.branchable.com/?p=source.git;a=commit;h=c24d0f0e8984576654e2be149005bc884fe0403a
http://source.git-annex.branchable.com/?p=source.git;a=blob;f=doc/bugs/dashed_ssh_hostname_security_hole.mdwn

Notes

seth-arnold

security-fake-sync fails with "Original tarballs differ. Aborting"

Package

Source: git-annex (LP Ubuntu Debian)

Upstream:	released (6.20170818-1)
Ubuntu 18.04 LTS:	not-affected (6.20170818-1)
Ubuntu 20.04 LTS:	not-affected (6.20170818-1)
Ubuntu 21.10:	not-affected (6.20170818-1)
Ubuntu 22.04 LTS:	not-affected (6.20170818-1)
Ubuntu 14.04 ESM:	DNE (trusty was needed)

Patches:

More Information

Updated: 2022-04-25 00:19:13 UTC (commit ecc1009cb19540b950de59270950018900f37f15)