7168 moderate openSUSE Leap 42.2 Update This update for git-annex fixes the following issues: - CVE-2017-12976: Disallow hostname starting with a dash, which would get passed to ssh and be treated an option. This could be used by an attacker who provides a crafted repository url to cause the victim to execute arbitrary code via -oProxyCommand. (boo#1054653). git-annex-6.20170818-2.6.1.src.rpm git-annex-6.20170818-2.6.1.x86_64.rpm git-annex-bash-completion-6.20170818-2.6.1.x86_64.rpm