Join GitHub today
GitHub is home to over 40 million developers working together to host and review code, manage projects, and build software together.Sign up
gitutils: add validation for ref (CVE-2019-13139) #38944
From a fix that @tonistiigi created, this PR adds validation for git ref so it can't be misinterpreted as a flag.
Thanks to @staaldraad for pointing this issue out originally.
@@ Coverage Diff @@ ## master #38944 +/- ## ========================================= Coverage ? 36.9% ========================================= Files ? 614 Lines ? 45404 Branches ? 0 ========================================= Hits ? 16757 Misses ? 26357 Partials ? 2290
Mar 27, 2019
9 checks passed
@staaldraad thanks! I got notified of the CVE, so updated the titles of all the related PR's to include it
We should probably update the release notes as well; https://github.com/docker/docker.github.io/blob/master/engine/release-notes.md#18094
Let me know if you're interested in opening a pull request in that repository, or if you want me to do so