Closed zhangyuan closed 5 years ago
Checked on 18.10 and it's not vulnerable to this. So, closing:
$ docker run -it --rm=true gocd/gocd-agent-centos-7:v18.10.0 bash
$ exec bash
[root@09ba39fc3e94 /]# (git init test && cd test && git update-index --add --cacheinfo 120000 e69de29bb2d1d6434b8b29ae775ad8c2e48c5391 .gitmodules)
Initialized empty Git repository in /test/.git/
error: Invalid path '.gitmodules'
fatal: git update-index: --cacheinfo cannot add .gitmodules
That check is from https://www.edwardthomson.com/blog/upgrading_git_for_cve2018_11235.html
Currently the docker image is using an old version of git as follows:
see https://www.edwardthomson.com/blog/upgrading_git_for_cve2018_11235.html
Please upgrade git. Thanks.