Post: [Gitoxide October] The first security issue and usable `gix status` (CLI)
Link: https://azorius.net/c/4DhtRB1WbJvCLJwS5M
Nice to see progress on this! Having independent git-compatible implementations is good.
By the way, the "ssh --" issue has prior art:
CVE-2017-9800 (Subversion) CVE-2017-12426 (GitLab) CVE-2017-1000116 (Mercurial (hg)) CVE-2017-1000117 (Git)
https://subversion.apache.org/security/CVE-2017-9800-advisory.txt
https://www.mail-archive.com/linux-kernel@vger.kernel.org/msg1466490.html
https://wiki.mercurial-scm.org/WhatsNew/Archive#Mercurial_4.3_.2F_4.3.1_.282017-08-10.29
Nice to see progress on this! Having independent git-compatible implementations is good.
By the way, the "ssh --" issue has prior art:
CVE-2017-9800 (Subversion)
CVE-2017-12426 (GitLab)
CVE-2017-1000116 (Mercurial (hg))
CVE-2017-1000117 (Git)
https://subversion.apache.org/security/CVE-2017-9800-advisory.txt
https://www.mail-archive.com/linux-kernel@vger.kernel.org/msg1466490.html
https://wiki.mercurial-scm.org/WhatsNew/Archive#Mercurial_4.3_.2F_4.3.1_.282017-08-10.29