In December everyone and his grandmother were talking about CVE-2014-9390 and we were all busy installing the git maintenance releases.
Looking at my Xcode installment today - 41 days later - I still see a version 1.9.3 (Apple Git-50) from October lurking in /Applications/http://ift.tt/1bfjE1z.
Apple did update git in Xcode 6.2 beta 3. But apparently they didn't bother updating their current "golden master build".
So, if you are using Xcode's built-in git services, you are still working with a vulnerable version. What is the recommended approach in this situation? Delete the file?
Aucun commentaire:
Enregistrer un commentaire