Software: nginx/1.23.4. PHP/5.6.40-65+ubuntu20.04.1+deb.sury.org+1 

uname -a: Linux foro-restaurado-2 5.15.0-1040-oracle #46-Ubuntu SMP Fri Jul 14 21:47:21 UTC 2023
aarch64 

uid=33(www-data) gid=33(www-data) groups=33(www-data) 

Safe-mode: OFF (not secure)

/usr/share/doc/git/RelNotes/   drwxr-xr-x
Free 83.38 GB of 96.73 GB (86.2%)
                            Encoder    Tools    Proc.    FTP brute    Sec.    SQL    PHP-code    Update    Feedback    Self remove    Logout    

Viewing file:     2.7.6.txt (951 B)      -rw-r--r--

Git v2.7.6 Release Notes
========================

Fixes since v2.7.5
------------------

 * A "ssh://..." URL can result in a "ssh" command line with a
   hostname that begins with a dash "-", which would cause the "ssh"
   command to instead (mis)treat it as an option.  This is now
   prevented by forbidding such a hostname (which will not be
   necessary in the real world).

 * Similarly, when GIT_PROXY_COMMAND is configured, the command is
   run with host and port that are parsed out from "ssh://..." URL;
   a poorly written GIT_PROXY_COMMAND could be tricked into treating
   a string that begins with a dash "-".  This is now prevented by
   forbidding such a hostname and port number (again, which will not
   be necessary in the real world).

 * In the same spirit, a repository name that begins with a dash "-"
   is also forbidden now.

Credits go to Brian Neel at GitLab, Joern Schneeweisz of Recurity
Labs and Jeff King at GitHub.