Security fix for CVE-2021-21300
A specially crafted repository that contains symbolic links as well as files using a clean/smudge filter such as Git LFS, may cause just-checked out script to be executed while cloning onto a case-insensitive file system such as NTFS, HFS+ or APFS. Note that clean/smudge filters have to be configured in advance, in the system-wide or global user configuration for this bug to be exploited.
This issue does not affect Fedora in default configurations.
For further details, please refer to the upstream advisory.
Updates may require up to 24 hours to propagate to mirrors. If the following command doesn't work, please retry later:
sudo dnf upgrade --refresh --advisory=FEDORA-2021-03e61a6647
Please login to add feedback.
This update has been submitted for testing by tmz.
This update's test gating status has been changed to 'ignored'.
This update's test gating status has been changed to 'waiting'.
This update's test gating status has been changed to 'ignored'.
This update has been pushed to testing.
This update can be pushed to stable now if the maintainer wishes
This update has been submitted for stable by tmz.
This update has been pushed to stable.