An arbitrary code execution vulnerability was disovered in fish, a command line shell. When using the default configuraton of fish, changing to a directory automatically ran `git` commands in order to display information about the current repository in the prompt. Such repositories can contain per-repository configuration that change the behavior of git, including running arbitrary commands. For the stable distribution (bullseye), this problem has been fixed in version 3.1.2-3+deb11u1. We recommend that you upgrade your fish packages. For the detailed security status of fish please refer to its security tracker page at: https://security-tracker.debian.org/tracker/fish
An arbitrary code execution vulnerability was disovered in fish, a command line shell. When using the default configuraton of fish, changing to a directory automatically ran `git` commands in order to display information about the current repository in the prompt. Such repositories can contain per-repository configuration that change the behavior of git, including running arbitrary commands.
For the stable distribution (bullseye), this problem has been fixed in version 3.1.2-3+deb11u1.
We recommend that you upgrade your fish packages.
For the detailed security status of fish please refer to its security tracker page at: https://security-tracker.debian.org/tracker/fish
Vulmon