Jan: It’s not special. As a rule, stable releases almost never get version bumps outside of a handful of prominent packages that can’t be supported securely any other way (e.g. Firefox). Instead, individual security patches are backported. https://wiki.ubuntu.com/StableReleaseUpdates
git 2.7.4-0ubuntu1.4 in xenial-security has the security fix. If you want 2.17.1 in xenial, use the PPA (https://launchpad.net/~git- core/+archive/ubuntu/ppa). -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1774061 Title: git: CVE-2018-11235 arbitary code execution via submodule names in .gitmodules To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/git/+bug/1774061/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
