Comment 6 for bug 1713690

This bug was fixed in the package git - 1:2.17.1-1ubuntu0.3

---------------
git (1:2.17.1-1ubuntu0.3) bionic-security; urgency=medium

  * SECURITY UPDATE: arbitrary code execution via submodule URLs and
    paths in .gitsubmodules.
    - 0001-submodule-helper-use-to-signal-end-of-clone-options.patch,
      0002-submodule-config-ban-submodule-urls-that-start-with-.patch,
      0003-submodule-config-ban-submodule-paths-that-start-with.patch:
      disallow urls and files that begin with '--'.
    - 0004-fsck-detect-submodule-urls-starting-with-dash.patch,
      0005-fsck-detect-submodule-paths-starting-with-dash.patch:
      reject gitmodules that contain submdule urls and files that begin
      with '--'.
    - CVE-2018-17456

git (1:2.17.1-1ubuntu0.2) bionic; urgency=medium

  * Build diff-highlight in the contrib dir (closes: #868871, LP: #1713690)

 -- Steve Beattie <email address hidden> Fri, 05 Oct 2018 16:27:58 -0700