CVE-2017-12976

author: Joey Hess <joeyh@joeyh.name> 2017-08-20 16:50:53 -0400
committer: Joey Hess <joeyh@joeyh.name> 2017-08-20 16:50:53 -0400
commit: 513ee1060c288e58a010018413e3d7c1c328cb35 (patch)
tree: 62d7e9c883f3f8e17f8c0c76ee28ca62c53b1bfa /CHANGELOG
parent: 9f0fff3afdb530829b576e6d2d85e8deddfb71ff (diff)
1 files changed, 1 insertions, 0 deletions
diff --git a/CHANGELOG b/CHANGELOG
index 0c0f5631f..05f13456f 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -4,6 +4,7 @@ git-annex (6.20170818) unstable; urgency=high
     would get passed to ssh and be treated an option. This could
     be used by an attacker who provides a crafted repository url
     to cause the victim to execute arbitrary code via -oProxyCommand.
+    CVE-2017-12976
     (The same class of security hole recently affected git itself.)
   * git-annex.cabal: Deal with breaking changes in Cabal 2.0.
   * Fix build with QuickCheck 2.10.
author	Joey Hess <joeyh@joeyh.name>	2017-08-20 16:50:53 -0400
committer	Joey Hess <joeyh@joeyh.name>	2017-08-20 16:50:53 -0400
commit	513ee1060c288e58a010018413e3d7c1c328cb35 (patch)
tree	62d7e9c883f3f8e17f8c0c76ee28ca62c53b1bfa /CHANGELOG
parent	9f0fff3afdb530829b576e6d2d85e8deddfb71ff (diff)