ID UBUNTU_USN-4220-1.NASL Type nessus Reporter Ubuntu Security Notice (C) 2019-2022 Canonical, Inc. / NASL script (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof. Modified 2022-05-18T00:00:00
Description
Joern Schneeweisz and Nicolas Joly discovered that Git contained various security flaws. An attacker could possibly use these issues to overwrite arbitrary paths, execute arbitrary code, and overwrite files in the .git directory.
Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Ubuntu Security Notice USN-4220-1. The text
# itself is copyright (C) Canonical, Inc. See
# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered
# trademark of Canonical, Inc.
#
include("compat.inc");
if (description)
{
script_id(132015);
script_version("1.6");
script_set_attribute(attribute:"plugin_modification_date", value:"2022/05/18");
script_cve_id("CVE-2019-1348", "CVE-2019-1349", "CVE-2019-1350", "CVE-2019-1351", "CVE-2019-1352", "CVE-2019-1353", "CVE-2019-1354", "CVE-2019-1387", "CVE-2019-19604");
script_xref(name:"USN", value:"4220-1");
script_name(english:"Ubuntu 16.04 LTS / 18.04 LTS / 19.04 / 19.10 : Git vulnerabilities (USN-4220-1)");
script_summary(english:"Checks dpkg output for updated package.");
script_set_attribute(
attribute:"synopsis",
value:"The remote Ubuntu host is missing a security-related patch."
);
script_set_attribute(
attribute:"description",
value:
"Joern Schneeweisz and Nicolas Joly discovered that Git contained
various security flaws. An attacker could possibly use these issues to
overwrite arbitrary paths, execute arbitrary code, and overwrite files
in the .git directory.
Note that Tenable Network Security has extracted the preceding
description block directly from the Ubuntu security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues."
);
script_set_attribute(
attribute:"see_also",
value:"https://usn.ubuntu.com/4220-1/"
);
script_set_attribute(attribute:"solution", value:"Update the affected git package.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2019-19604");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:git");
script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:16.04");
script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:18.04:-:lts");
script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:19.04");
script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:19.10");
script_set_attribute(attribute:"vuln_publication_date", value:"2019/12/11");
script_set_attribute(attribute:"patch_publication_date", value:"2019/12/10");
script_set_attribute(attribute:"plugin_publication_date", value:"2019/12/12");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"Ubuntu Security Notice (C) 2019-2022 Canonical, Inc. / NASL script (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_family(english:"Ubuntu Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/cpu", "Host/Ubuntu", "Host/Ubuntu/release", "Host/Debian/dpkg-l");
exit(0);
}
include("audit.inc");
include("ubuntu.inc");
include("misc_func.inc");
if ( ! get_kb_item("Host/local_checks_enabled") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/Ubuntu/release");
if ( isnull(release) ) audit(AUDIT_OS_NOT, "Ubuntu");
release = chomp(release);
if (! preg(pattern:"^(16\.04|18\.04|19\.04|19\.10)$", string:release)) audit(AUDIT_OS_NOT, "Ubuntu 16.04 / 18.04 / 19.04 / 19.10", "Ubuntu " + release);
if ( ! get_kb_item("Host/Debian/dpkg-l") ) audit(AUDIT_PACKAGE_LIST_MISSING);
cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Ubuntu", cpu);
flag = 0;
if (ubuntu_check(osver:"16.04", pkgname:"git", pkgver:"1:2.7.4-0ubuntu1.7")) flag++;
if (ubuntu_check(osver:"18.04", pkgname:"git", pkgver:"1:2.17.1-1ubuntu0.5")) flag++;
if (ubuntu_check(osver:"19.04", pkgname:"git", pkgver:"1:2.20.1-2ubuntu1.19.04.1")) flag++;
if (ubuntu_check(osver:"19.10", pkgname:"git", pkgver:"1:2.20.1-2ubuntu1.19.10.1")) flag++;
if (flag)
{
security_report_v4(
port : 0,
severity : SECURITY_HOLE,
extra : ubuntu_report_get()
);
exit(0);
}
else
{
tested = ubuntu_pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "git");
}
{"openvas": [{"lastseen": "2020-01-31T16:30:02", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2020-01-30T00:00:00", "type": "openvas", "title": "openSUSE: Security Advisory for git (openSUSE-SU-2020:0123_1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1387", "CVE-2019-1350", "CVE-2019-1351", "CVE-2019-1349", "CVE-2019-1353", "CVE-2019-19604", "CVE-2019-1348", "CVE-2019-1354", "CVE-2019-1352"], "modified": "2020-01-31T00:00:00", "id": "OPENVAS:1361412562310853019", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310853019", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.853019\");\n script_version(\"2020-01-31T08:04:39+0000\");\n script_cve_id(\"CVE-2019-1348\", \"CVE-2019-1349\", \"CVE-2019-1350\", \"CVE-2019-1351\", \"CVE-2019-1352\", \"CVE-2019-1353\", \"CVE-2019-1354\", \"CVE-2019-1387\", \"CVE-2019-19604\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:04:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-30 04:01:08 +0000 (Thu, 30 Jan 2020)\");\n script_name(\"openSUSE: Security Advisory for git (openSUSE-SU-2020:0123_1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSELeap15\\.1\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2020:0123-1\");\n script_xref(name:\"URL\", value:\"https://lists.opensuse.org/opensuse-security-announce/2020-01/msg00056.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'git'\n package(s) announced via the openSUSE-SU-2020:0123-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This update for git fixes the following issues:\n\n Security issues fixed:\n\n - CVE-2019-1349: Fixed issue on Windows, when submodules are cloned\n recursively, under certain circumstances Git could be fooled into using\n the same Git directory twice (bsc#1158787).\n\n - CVE-2019-19604: Fixed a recursive clone followed by a submodule update\n could execute code contained within the repository without the user\n explicitly having asked for that (bsc#1158795).\n\n - CVE-2019-1387: Fixed recursive clones that are currently affected by a\n vulnerability that is caused by too-lax validation of submodule names,\n allowing very targeted attacks via remote code execution in recursive\n clones (bsc#1158793).\n\n - CVE-2019-1354: Fixed issue on Windows that refuses to write tracked\n files with filenames that contain backslashes (bsc#1158792).\n\n - CVE-2019-1353: Fixed issue when run in the Windows Subsystem for Linux\n while accessing a working directory on a regular Windows drive, none of\n the NTFS protections were active (bsc#1158791).\n\n - CVE-2019-1352: Fixed issue on Windows was unaware of NTFS Alternate Data\n Streams (bsc#1158790).\n\n - CVE-2019-1351: Fixed issue on Windows mistakes drive letters outside of\n the US-English alphabet as relative paths (bsc#1158789).\n\n - CVE-2019-1350: Fixed incorrect quoting of command-line arguments allowed\n remote code execution during a recursive clone in conjunction with SSH\n URLs (bsc#1158788).\n\n - CVE-2019-1348: Fixed the --export-marks option of fast-import is exposed\n also via the in-stream command feature export-marks=... and it allows\n overwriting arbitrary paths (bsc#1158785).\n\n - Fixes an issue where git send-email failed to authenticate with SMTP\n server (bsc#1082023)\n\n Bug fixes:\n\n - Add zlib dependency, which used to be provided by openssl-devel, so that\n package can compile successfully after openssl upgrade to 1.1.1.\n (bsc#1149792).\n\n This update was imported from the SUSE:SLE-15:Update update project.\n\n Patch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended\n installation methods\n like YaST online_update or 'zypper patch'.\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 15.1:\n\n zypper in -t patch openSUSE-2020-123=1\");\n\n script_tag(name:\"affected\", value:\"'git' package(s) on openSUSE Leap 15.1.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSELeap15.1\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"git\", rpm:\"git~2.16.4~lp151.4.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"git-arch\", rpm:\"git-arch~2.16.4~lp151.4.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"git-core\", rpm:\"git-core~2.16.4~lp151.4.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"git-core-debuginfo\", rpm:\"git-core-debuginfo~2.16.4~lp151.4.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"git-credential-gnome-keyring\", rpm:\"git-credential-gnome-keyring~2.16.4~lp151.4.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"git-credential-gnome-keyring-debuginfo\", rpm:\"git-credential-gnome-keyring-debuginfo~2.16.4~lp151.4.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"git-credential-libsecret\", rpm:\"git-credential-libsecret~2.16.4~lp151.4.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"git-credential-libsecret-debuginfo\", rpm:\"git-credential-libsecret-debuginfo~2.16.4~lp151.4.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"git-cvs\", rpm:\"git-cvs~2.16.4~lp151.4.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"git-daemon\", rpm:\"git-daemon~2.16.4~lp151.4.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"git-daemon-debuginfo\", rpm:\"git-daemon-debuginfo~2.16.4~lp151.4.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"git-debuginfo\", rpm:\"git-debuginfo~2.16.4~lp151.4.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"git-debugsource\", rpm:\"git-debugsource~2.16.4~lp151.4.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"git-email\", rpm:\"git-email~2.16.4~lp151.4.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"git-gui\", rpm:\"git-gui~2.16.4~lp151.4.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"git-p4\", rpm:\"git-p4~2.16.4~lp151.4.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"git-svn\", rpm:\"git-svn~2.16.4~lp151.4.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"git-svn-debuginfo\", rpm:\"git-svn-debuginfo~2.16.4~lp151.4.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"git-web\", rpm:\"git-web~2.16.4~lp151.4.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"gitk\", rpm:\"gitk~2.16.4~lp151.4.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"git-doc\", rpm:\"git-doc~2.16.4~lp151.4.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"perl-Authen-SASL\", rpm:\"perl-Authen-SASL~2.16~lp151.3.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"perl-Net-SMTP-SSL\", rpm:\"perl-Net-SMTP-SSL~1.04~lp151.3.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-01-14T14:48:52", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2020-01-08T00:00:00", "type": "openvas", "title": "Fedora Update for git FEDORA-2019-1cec196e20", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1387", "CVE-2019-1350", "CVE-2019-1351", "CVE-2019-1349", "CVE-2019-1353", "CVE-2019-19604", "CVE-2019-1348", "CVE-2019-1354", "CVE-2019-1352"], "modified": "2020-01-13T00:00:00", "id": "OPENVAS:1361412562310877099", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310877099", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.877099\");\n script_version(\"2020-01-13T11:49:13+0000\");\n script_cve_id(\"CVE-2019-1348\", \"CVE-2019-1349\", \"CVE-2019-1350\", \"CVE-2019-1351\", \"CVE-2019-1352\", \"CVE-2019-1353\", \"CVE-2019-1354\", \"CVE-2019-1387\", \"CVE-2019-19604\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-01-13 11:49:13 +0000 (Mon, 13 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-08 11:19:31 +0000 (Wed, 08 Jan 2020)\");\n script_name(\"Fedora Update for git FEDORA-2019-1cec196e20\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC30\");\n\n script_xref(name:\"FEDORA\", value:\"2019-1cec196e20\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N6UGTEOXWIYSM5KDZL74QD2GK6YQNQCP\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'git'\n package(s) announced via the FEDORA-2019-1cec196e20 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Git is a fast, scalable, distributed revision control system with an\nunusually rich command set that provides both high-level operations\nand full access to internals.\n\nThe git rpm installs common set of tools which are usually using with\nsmall amount of dependencies. To install all git packages, including\ntools for integrating with other SCMs, install the git-all meta-package.\");\n\n script_tag(name:\"affected\", value:\"'git' package(s) on Fedora 30.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC30\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"git\", rpm:\"git~2.21.1~1.fc30\", rls:\"FC30\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-01-14T14:48:02", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2020-01-09T00:00:00", "type": "openvas", "title": "Fedora Update for git FEDORA-2019-c841bcc3b9", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1387", "CVE-2019-1350", "CVE-2019-1351", "CVE-2019-1349", "CVE-2019-1353", "CVE-2019-19604", "CVE-2019-1348", "CVE-2019-1354", "CVE-2019-1352"], "modified": "2020-01-13T00:00:00", "id": "OPENVAS:1361412562310877262", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310877262", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.877262\");\n script_version(\"2020-01-13T11:49:13+0000\");\n script_cve_id(\"CVE-2019-1348\", \"CVE-2019-1349\", \"CVE-2019-1350\", \"CVE-2019-1351\", \"CVE-2019-1352\", \"CVE-2019-1353\", \"CVE-2019-1354\", \"CVE-2019-1387\", \"CVE-2019-19604\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-01-13 11:49:13 +0000 (Mon, 13 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-09 07:34:37 +0000 (Thu, 09 Jan 2020)\");\n script_name(\"Fedora Update for git FEDORA-2019-c841bcc3b9\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC31\");\n\n script_xref(name:\"FEDORA\", value:\"2019-c841bcc3b9\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HCYSSCA5ZTEP46SB4XRPSQGFV2L3NKMZ\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'git'\n package(s) announced via the FEDORA-2019-c841bcc3b9 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Git is a fast, scalable, distributed revision control system with an\nunusually rich command set that provides both high-level operations\nand full access to internals.\n\nThe git rpm installs common set of tools which are usually using with\nsmall amount of dependencies. To install all git packages, including\ntools for integrating with other SCMs, install the git-all meta-package.\");\n\n script_tag(name:\"affected\", value:\"'git' package(s) on Fedora 31.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC31\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"git\", rpm:\"git~2.24.1~1.fc31\", rls:\"FC31\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-02-26T20:45:15", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-02-25T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for git (EulerOS-SA-2020-1151)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1387", "CVE-2019-1350", "CVE-2019-1351", "CVE-2019-1349", "CVE-2019-1353", "CVE-2019-19604", "CVE-2019-1348", "CVE-2019-1354", "CVE-2019-1352"], "modified": "2020-02-25T00:00:00", "id": "OPENVAS:1361412562311220201151", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220201151", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2020.1151\");\n script_version(\"2020-02-25T13:57:02+0000\");\n script_cve_id(\"CVE-2019-1348\", \"CVE-2019-1349\", \"CVE-2019-1350\", \"CVE-2019-1351\", \"CVE-2019-1352\", \"CVE-2019-1353\", \"CVE-2019-1354\", \"CVE-2019-1387\", \"CVE-2019-19604\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-02-25 13:57:02 +0000 (Tue, 25 Feb 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-02-25 13:57:02 +0000 (Tue, 25 Feb 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for git (EulerOS-SA-2020-1151)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP8\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2020-1151\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-1151\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'git' package(s) announced via the EulerOS-SA-2020-1151 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"An issue was found in Git before v2.24.1, v2.23.1, v2.22.2, v2.21.1, v2.20.2, v2.19.3, v2.18.2, v2.17.3, v2.16.6, v2.15.4, and v2.14.6. The --export-marks option of git fast-import is exposed also via the in-stream command feature export-marks=... and it allows overwriting arbitrary paths.(CVE-2019-1348)\n\nA remote code execution vulnerability exists when Git for Visual Studio improperly sanitizes input, aka 'Git for Visual Studio Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1350, CVE-2019-1352, CVE-2019-1354, CVE-2019-1387.(CVE-2019-1349)\n\nA remote code execution vulnerability exists when Git for Visual Studio improperly sanitizes input, aka 'Git for Visual Studio Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1349, CVE-2019-1352, CVE-2019-1354, CVE-2019-1387.(CVE-2019-1350)\n\nA tampering vulnerability exists when Git for Visual Studio improperly handles virtual drive paths, aka 'Git for Visual Studio Tampering Vulnerability'.(CVE-2019-1351)\n\nA remote code execution vulnerability exists when Git for Visual Studio improperly sanitizes input, aka 'Git for Visual Studio Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1349, CVE-2019-1350, CVE-2019-1354, CVE-2019-1387.(CVE-2019-1352)\n\nAn issue was found in Git before v2.24.1, v2.23.1, v2.22.2, v2.21.1, v2.20.2, v2.19.3, v2.18.2, v2.17.3, v2.16.6, v2.15.4, and v2.14.6. When running Git in the Windows Subsystem for Linux (also known as 'WSL') while accessing a working directory on a regular Windows drive, none of the NTFS protections were active.(CVE-2019-1353)\n\nA remote code execution vulnerability exists when Git for Visual Studio improperly sanitizes input, aka 'Git for Visual Studio Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1349, CVE-2019-1350, CVE-2019-1352, CVE-2019-1387.(CVE-2019-1354)\n\nAn issue was found in Git before v2.24.1, v2.23.1, v2.22.2, v2.21.1, v2.20.2, v2.19.3, v2.18.2, v2.17.3, v2.16.6, v2.15.4, and v2.14.6. Recursive clones are currently affected by a vulnerability that is caused by too-lax validation of submodule names, allowing very targeted attacks via remote code execution in recursive clones.(CVE-2019-1387)\n\nArbitrary command execution is possible in Git before 2.20.2, 2.21.x before 2.21.1, 2.22.x before 2.22.2, 2.23.x before 2.23.1, and 2.24.x before 2.24.1 because a 'git submodule update' operation can run commands found in the .gitmodules file of a malicious repository.(CVE-2019-19604)\");\n\n script_tag(name:\"affected\", value:\"'git' package(s) on Huawei EulerOS V2.0SP8.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP8\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"git\", rpm:\"git~2.19.1~1.h5.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"git-core\", rpm:\"git-core~2.19.1~1.h5.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"git-core-doc\", rpm:\"git-core-doc~2.19.1~1.h5.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"perl-Git\", rpm:\"perl-Git~2.19.1~1.h5.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-04-03T17:04:45", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-04-01T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for git (EulerOS-SA-2020-1361)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1387", "CVE-2019-1350", "CVE-2019-1351", "CVE-2019-1349", "CVE-2019-1353", "CVE-2019-19604", "CVE-2019-1348", "CVE-2019-1354", "CVE-2019-1352"], "modified": "2020-04-01T00:00:00", "id": "OPENVAS:1361412562311220201361", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220201361", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2020.1361\");\n script_version(\"2020-04-01T13:54:53+0000\");\n script_cve_id(\"CVE-2019-1348\", \"CVE-2019-1349\", \"CVE-2019-1350\", \"CVE-2019-1351\", \"CVE-2019-1352\", \"CVE-2019-1353\", \"CVE-2019-1354\", \"CVE-2019-1387\", \"CVE-2019-19604\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-04-01 13:54:53 +0000 (Wed, 01 Apr 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-04-01 13:54:53 +0000 (Wed, 01 Apr 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for git (EulerOS-SA-2020-1361)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROSVIRTARM64-3\\.0\\.6\\.0\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2020-1361\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-1361\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'git' package(s) announced via the EulerOS-SA-2020-1361 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Arbitrary command execution is possible in Git before 2.20.2, 2.21.x before 2.21.1, 2.22.x before 2.22.2, 2.23.x before 2.23.1, and 2.24.x before 2.24.1 because a 'git submodule update' operation can run commands found in the .gitmodules file of a malicious repository.(CVE-2019-19604)\n\nAn issue was found in Git before v2.24.1, v2.23.1, v2.22.2, v2.21.1, v2.20.2, v2.19.3, v2.18.2, v2.17.3, v2.16.6, v2.15.4, and v2.14.6. Recursive clones are currently affected by a vulnerability that is caused by too-lax validation of submodule names, allowing very targeted attacks via remote code execution in recursive clones.(CVE-2019-1387)\n\nA remote code execution vulnerability exists when Git for Visual Studio improperly sanitizes input, aka 'Git for Visual Studio Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1349, CVE-2019-1350, CVE-2019-1352, CVE-2019-1387.(CVE-2019-1354)\n\nAn issue was found in Git before v2.24.1, v2.23.1, v2.22.2, v2.21.1, v2.20.2, v2.19.3, v2.18.2, v2.17.3, v2.16.6, v2.15.4, and v2.14.6. When running Git in the Windows Subsystem for Linux (also known as 'WSL') while accessing a working directory on a regular Windows drive, none of the NTFS protections were active.(CVE-2019-1353)\n\nA remote code execution vulnerability exists when Git for Visual Studio improperly sanitizes input, aka 'Git for Visual Studio Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1349, CVE-2019-1350, CVE-2019-1354, CVE-2019-1387.(CVE-2019-1352)\n\nA tampering vulnerability exists when Git for Visual Studio improperly handles virtual drive paths, aka 'Git for Visual Studio Tampering Vulnerability'.(CVE-2019-1351)\n\nA remote code execution vulnerability exists when Git for Visual Studio improperly sanitizes input, aka 'Git for Visual Studio Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1349, CVE-2019-1352, CVE-2019-1354, CVE-2019-1387.(CVE-2019-1350)\n\nA remote code execution vulnerability exists when Git for Visual Studio improperly sanitizes input, aka 'Git for Visual Studio Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1350, CVE-2019-1352, CVE-2019-1354, CVE-2019-1387.(CVE-2019-1349)\n\nAn issue was found in Git before v2.24.1, v2.23.1, v2.22.2, v2.21.1, v2.20.2, v2.19.3, v2.18.2, v2.17.3, v2.16.6, v2.15.4, and v2.14.6. The --export-marks option of git fast-import is exposed also via the in-stream command feature export-marks=... and it allows overwriting arbitrary paths.(CVE-2019-1348)\");\n\n script_tag(name:\"affected\", value:\"'git' package(s) on Huawei EulerOS Virtualization for ARM 64 3.0.6.0.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROSVIRTARM64-3.0.6.0\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"git\", rpm:\"git~2.19.1~1.h5.eulerosv2r8\", rls:\"EULEROSVIRTARM64-3.0.6.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"git-core\", rpm:\"git-core~2.19.1~1.h5.eulerosv2r8\", rls:\"EULEROSVIRTARM64-3.0.6.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"git-core-doc\", rpm:\"git-core-doc~2.19.1~1.h5.eulerosv2r8\", rls:\"EULEROSVIRTARM64-3.0.6.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"perl-Git\", rpm:\"perl-Git~2.19.1~1.h5.eulerosv2r8\", rls:\"EULEROSVIRTARM64-3.0.6.0\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-02-26T16:52:13", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-02-24T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for git (EulerOS-SA-2020-1101)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1387", "CVE-2019-1350", "CVE-2019-1351", "CVE-2019-1349", "CVE-2019-1353", "CVE-2019-19604", "CVE-2019-1348", "CVE-2019-1354", "CVE-2019-1352"], "modified": "2020-02-24T00:00:00", "id": "OPENVAS:1361412562311220201101", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220201101", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2020.1101\");\n script_version(\"2020-02-24T09:04:43+0000\");\n script_cve_id(\"CVE-2019-1348\", \"CVE-2019-1349\", \"CVE-2019-1350\", \"CVE-2019-1351\", \"CVE-2019-1352\", \"CVE-2019-1353\", \"CVE-2019-1354\", \"CVE-2019-1387\", \"CVE-2019-19604\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-02-24 09:04:43 +0000 (Mon, 24 Feb 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-02-24 09:04:43 +0000 (Mon, 24 Feb 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for git (EulerOS-SA-2020-1101)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP5\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2020-1101\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-1101\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'git' package(s) announced via the EulerOS-SA-2020-1101 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"A remote code execution vulnerability exists when Git for Visual Studio improperly sanitizes input, aka 'Git for Visual Studio Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1349, CVE-2019-1350, CVE-2019-1352, CVE-2019-1387.(CVE-2019-1354)\n\nA remote code execution vulnerability exists when Git for Visual Studio improperly sanitizes input, aka 'Git for Visual Studio Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1349, CVE-2019-1350, CVE-2019-1354, CVE-2019-1387.(CVE-2019-1352)\n\nA remote code execution vulnerability exists when Git for Visual Studio improperly sanitizes input, aka 'Git for Visual Studio Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1350, CVE-2019-1352, CVE-2019-1354, CVE-2019-1387.(CVE-2019-1349)\n\nAn issue was found in Git before v2.24.1, v2.23.1, v2.22.2, v2.21.1, v2.20.2, v2.19.3, v2.18.2, v2.17.3, v2.16.6, v2.15.4, and v2.14.6. Recursive clones are currently affected by a vulnerability that is caused by too-lax validation of submodule names, allowing very targeted attacks via remote code execution in recursive clones.(CVE-2019-1387)\n\nAn issue was found in Git before v2.24.1, v2.23.1, v2.22.2, v2.21.1, v2.20.2, v2.19.3, v2.18.2, v2.17.3, v2.16.6, v2.15.4, and v2.14.6. The --export-marks option of git fast-import is exposed also via the in-stream command feature export-marks=... and it allows overwriting arbitrary paths.(CVE-2019-1348)\n\nArbitrary command execution is possible in Git before 2.20.2, 2.21.x before 2.21.1, 2.22.x before 2.22.2, 2.23.x before 2.23.1, and 2.24.x before 2.24.1 because a 'git submodule update' operation can run commands found in the .gitmodules file of a malicious repository.(CVE-2019-19604)\n\nA remote code execution vulnerability exists when Git for Visual Studio improperly sanitizes input, aka 'Git for Visual Studio Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1349, CVE-2019-1352, CVE-2019-1354, CVE-2019-1387.(CVE-2019-1350)\n\nA tampering vulnerability exists when Git for Visual Studio improperly handles virtual drive paths, aka 'Git for Visual Studio Tampering Vulnerability'.(CVE-2019-1351)\n\nAn issue was found in Git before v2.24.1, v2.23.1, v2.22.2, v2.21.1, v2.20.2, v2.19.3, v2.18.2, v2.17.3, v2.16.6, v2.15.4, and v2.14.6. When running Git in the Windows Subsystem for Linux (also known as 'WSL') while accessing a working directory on a regular Windows drive, none of the NTFS protections were active.(CVE-2019-1353)\");\n\n script_tag(name:\"affected\", value:\"'git' package(s) on Huawei EulerOS V2.0SP5.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP5\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"git\", rpm:\"git~2.23.0~1.h4.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"git-core\", rpm:\"git-core~2.23.0~1.h4.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"git-core-doc\", rpm:\"git-core-doc~2.23.0~1.h4.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"perl-Git\", rpm:\"perl-Git~2.23.0~1.h4.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-02-10T15:26:45", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-12-11T00:00:00", "type": "openvas", "title": "Ubuntu Update for git USN-4220-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1387", "CVE-2019-1350", "CVE-2019-1351", "CVE-2019-1349", "CVE-2019-1353", "CVE-2019-19604", "CVE-2019-1348", "CVE-2019-1354", "CVE-2019-1352"], "modified": "2020-02-10T00:00:00", "id": "OPENVAS:1361412562310844267", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310844267", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.844267\");\n script_version(\"2020-02-10T07:58:04+0000\");\n script_cve_id(\"CVE-2019-1348\", \"CVE-2019-1349\", \"CVE-2019-1350\", \"CVE-2019-1351\", \"CVE-2019-1352\", \"CVE-2019-1353\", \"CVE-2019-1354\", \"CVE-2019-1387\", \"CVE-2019-19604\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-02-10 07:58:04 +0000 (Mon, 10 Feb 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-12-11 03:01:23 +0000 (Wed, 11 Dec 2019)\");\n script_name(\"Ubuntu Update for git USN-4220-1\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=(UBUNTU18\\.04 LTS|UBUNTU19\\.10|UBUNTU19\\.04|UBUNTU16\\.04 LTS)\");\n\n script_xref(name:\"USN\", value:\"4220-1\");\n script_xref(name:\"URL\", value:\"https://lists.ubuntu.com/archives/ubuntu-security-announce/2019-December/005244.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'git'\n package(s) announced via the USN-4220-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Joern Schneeweisz and Nicolas Joly discovered that Git contained various\nsecurity flaws. An attacker could possibly use these issues to overwrite\narbitrary paths, execute arbitrary code, and overwrite files in the .git\ndirectory.\");\n\n script_tag(name:\"affected\", value:\"'git' package(s) on Ubuntu 19.10, Ubuntu 19.04, Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"UBUNTU18.04 LTS\") {\n\n if(!isnull(res = isdpkgvuln(pkg:\"git\", ver:\"1:2.17.1-1ubuntu0.5\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nif(release == \"UBUNTU19.10\") {\n\n if(!isnull(res = isdpkgvuln(pkg:\"git\", ver:\"1:2.20.1-2ubuntu1.19.10.1\", rls:\"UBUNTU19.10\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nif(release == \"UBUNTU19.04\") {\n\n if(!isnull(res = isdpkgvuln(pkg:\"git\", ver:\"1:2.20.1-2ubuntu1.19.04.1\", rls:\"UBUNTU19.04\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nif(release == \"UBUNTU16.04 LTS\") {\n\n if(!isnull(res = isdpkgvuln(pkg:\"git\", ver:\"1:2.7.4-0ubuntu1.7\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-02-10T14:35:49", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2020-01-09T00:00:00", "type": "openvas", "title": "Fedora Update for libgit2 FEDORA-2019-9c3d054f39", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1387", "CVE-2019-1350", "CVE-2019-1351", "CVE-2019-1349", "CVE-2019-1353", "CVE-2019-1348", "CVE-2019-1354", "CVE-2019-1352"], "modified": "2020-02-10T00:00:00", "id": "OPENVAS:1361412562310877307", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310877307", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.877307\");\n script_version(\"2020-02-10T07:58:04+0000\");\n script_cve_id(\"CVE-2019-1348\", \"CVE-2019-1349\", \"CVE-2019-1350\", \"CVE-2019-1351\", \"CVE-2019-1352\", \"CVE-2019-1353\", \"CVE-2019-1354\", \"CVE-2019-1387\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-02-10 07:58:04 +0000 (Mon, 10 Feb 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-09 07:37:17 +0000 (Thu, 09 Jan 2020)\");\n script_name(\"Fedora Update for libgit2 FEDORA-2019-9c3d054f39\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC31\");\n\n script_xref(name:\"FEDORA\", value:\"2019-9c3d054f39\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5NL3V3X6CPW4BWZZELZS3XO6Z4QA2TJO\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'libgit2'\n package(s) announced via the FEDORA-2019-9c3d054f39 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"libgit2 is a portable, pure C implementation of the Git core methods\nprovided as a re-entrant linkable library with a solid API, allowing\nyou to write native speed custom Git applications in any language\nwith bindings.\");\n\n script_tag(name:\"affected\", value:\"'libgit2' package(s) on Fedora 31.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC31\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"libgit2\", rpm:\"libgit2~0.28.4~1.fc31\", rls:\"FC31\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-05-06T01:07:05", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-04-30T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for git (EulerOS-SA-2020-1537)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1387", "CVE-2019-1350", "CVE-2019-1351", "CVE-2019-1349", "CVE-2020-5260", "CVE-2019-1353", "CVE-2019-19604", "CVE-2019-1348", "CVE-2019-1354", "CVE-2019-1352"], "modified": "2020-04-30T00:00:00", "id": "OPENVAS:1361412562311220201537", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220201537", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2020.1537\");\n script_version(\"2020-04-30T12:12:50+0000\");\n script_cve_id(\"CVE-2019-1348\", \"CVE-2019-1349\", \"CVE-2019-1350\", \"CVE-2019-1351\", \"CVE-2019-1352\", \"CVE-2019-1353\", \"CVE-2019-1354\", \"CVE-2019-1387\", \"CVE-2019-19604\", \"CVE-2020-5260\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-04-30 12:12:50 +0000 (Thu, 30 Apr 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-04-30 12:12:50 +0000 (Thu, 30 Apr 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for git (EulerOS-SA-2020-1537)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROSVIRTARM64-3\\.0\\.2\\.0\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2020-1537\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-1537\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'git' package(s) announced via the EulerOS-SA-2020-1537 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Arbitrary command execution is possible in Git before 2.20.2, 2.21.x before 2.21.1, 2.22.x before 2.22.2, 2.23.x before 2.23.1, and 2.24.x before 2.24.1 because a 'git submodule update' operation can run commands found in the .gitmodules file of a malicious repository.(CVE-2019-19604)\n\nAn issue was found in Git before v2.24.1, v2.23.1, v2.22.2, v2.21.1, v2.20.2, v2.19.3, v2.18.2, v2.17.3, v2.16.6, v2.15.4, and v2.14.6. Recursive clones are currently affected by a vulnerability that is caused by too-lax validation of submodule names, allowing very targeted attacks via remote code execution in recursive clones.(CVE-2019-1387)\n\nA remote code execution vulnerability exists when Git for Visual Studio improperly sanitizes input, aka 'Git for Visual Studio Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1349, CVE-2019-1350, CVE-2019-1352, CVE-2019-1387.(CVE-2019-1354)\n\nAn issue was found in Git before v2.24.1, v2.23.1, v2.22.2, v2.21.1, v2.20.2, v2.19.3, v2.18.2, v2.17.3, v2.16.6, v2.15.4, and v2.14.6. When running Git in the Windows Subsystem for Linux (also known as 'WSL') while accessing a working directory on a regular Windows drive, none of the NTFS protections were active.(CVE-2019-1353)\n\nA remote code execution vulnerability exists when Git for Visual Studio improperly sanitizes input, aka 'Git for Visual Studio Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1349, CVE-2019-1350, CVE-2019-1354, CVE-2019-1387.(CVE-2019-1352)\n\nA tampering vulnerability exists when Git for Visual Studio improperly handles virtual drive paths, aka 'Git for Visual Studio Tampering Vulnerability'.(CVE-2019-1351)\n\nA remote code execution vulnerability exists when Git for Visual Studio improperly sanitizes input, aka 'Git for Visual Studio Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1349, CVE-2019-1352, CVE-2019-1354, CVE-2019-1387.(CVE-2019-1350)\n\nA remote code execution vulnerability exists when Git for Visual Studio improperly sanitizes input, aka 'Git for Visual Studio Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1350, CVE-2019-1352, CVE-2019-1354, CVE-2019-1387.(CVE-2019-1349)\n\nAn issue was found in Git before v2.24.1, v2.23.1, v2.22.2, v2.21.1, v2.20.2, v2.19.3, v2.18.2, v2.17.3, v2.16.6, v2.15.4, and v2.14.6. The --export-marks option of git fast-import is exposed also via the in-stream command feature export-marks=... and it allows overwriting arbitrary paths.(CVE-2019-1348)\n\nAffected versions of Git have a vulnerability whereby Git can be tricked into sending private credent ...\n\n Description truncated. Please see the references for more information.\");\n\n script_tag(name:\"affected\", value:\"'git' package(s) on Huawei EulerOS Virtualization for ARM 64 3.0.2.0.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROSVIRTARM64-3.0.2.0\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"git\", rpm:\"git~2.19.1~1.h8\", rls:\"EULEROSVIRTARM64-3.0.2.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"git-core\", rpm:\"git-core~2.19.1~1.h8\", rls:\"EULEROSVIRTARM64-3.0.2.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"git-core-doc\", rpm:\"git-core-doc~2.19.1~1.h8\", rls:\"EULEROSVIRTARM64-3.0.2.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"perl-Git\", rpm:\"perl-Git~2.19.1~1.h8\", rls:\"EULEROSVIRTARM64-3.0.2.0\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-02-10T15:29:20", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-12-11T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 4581-1 (git - security update)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1387", "CVE-2019-1349", "CVE-2019-1353", "CVE-2019-19604", "CVE-2019-1348", "CVE-2019-1352"], "modified": "2020-02-10T00:00:00", "id": "OPENVAS:1361412562310704581", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310704581", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.704581\");\n script_version(\"2020-02-10T07:58:04+0000\");\n script_cve_id(\"CVE-2019-1348\", \"CVE-2019-1349\", \"CVE-2019-1352\", \"CVE-2019-1353\", \"CVE-2019-1387\", \"CVE-2019-19604\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-02-10 07:58:04 +0000 (Mon, 10 Feb 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-12-11 03:00:08 +0000 (Wed, 11 Dec 2019)\");\n script_name(\"Debian Security Advisory DSA 4581-1 (git - security update)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB(10|9)\");\n\n script_xref(name:\"URL\", value:\"https://www.debian.org/security/2019/dsa-4581.html\");\n script_xref(name:\"URL\", value:\"https://security-tracker.debian.org/tracker/DSA-4581-1\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'git'\n package(s) announced via the DSA-4581-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Several vulnerabilities have been discovered in git, a fast, scalable,\ndistributed revision control system.\n\nCVE-2019-1348\nIt was reported that the --export-marks option of git fast-import is\nexposed also via the in-stream command feature export-marks=...,\nallowing to overwrite arbitrary paths.\n\nCVE-2019-1387\nIt was discovered that submodule names are not validated strictly\nenough, allowing very targeted attacks via remote code execution\nwhen performing recursive clones.\n\nCVE-2019-19604\nJoern Schneeweisz reported a vulnerability, where a recursive clone\nfollowed by a submodule update could execute code contained within\nthe repository without the user explicitly having asked for that. It\nis now disallowed for `.gitmodules` to have entries that set\n`submodule..update=!command`.\n\nIn addition this update addresses a number of security issues which are\nonly an issue if git is operating on an NTFS filesystem (CVE-2019-1349,\nCVE-2019-1352 and CVE-2019-1353\n).\");\n\n script_tag(name:\"affected\", value:\"'git' package(s) on Debian Linux.\");\n\n script_tag(name:\"solution\", value:\"For the oldstable distribution (stretch), these problems have been fixed\nin version 1:2.11.0-3+deb9u5.\n\nFor the stable distribution (buster), these problems have been fixed in\nversion 1:2.20.1-2+deb10u1.\n\nWe recommend that you upgrade your git packages.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif(!isnull(res = isdpkgvuln(pkg:\"git\", ver:\"1:2.20.1-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"git-all\", ver:\"1:2.20.1-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"git-cvs\", ver:\"1:2.20.1-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"git-daemon-run\", ver:\"1:2.20.1-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"git-daemon-sysvinit\", ver:\"1:2.20.1-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"git-doc\", ver:\"1:2.20.1-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"git-el\", ver:\"1:2.20.1-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"git-email\", ver:\"1:2.20.1-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"git-gui\", ver:\"1:2.20.1-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"git-man\", ver:\"1:2.20.1-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"git-mediawiki\", ver:\"1:2.20.1-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"git-svn\", ver:\"1:2.20.1-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"gitk\", ver:\"1:2.20.1-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"gitweb\", ver:\"1:2.20.1-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"git\", ver:\"1:2.11.0-3+deb9u5\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"git-all\", ver:\"1:2.11.0-3+deb9u5\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"git-arch\", ver:\"1:2.11.0-3+deb9u5\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"git-core\", ver:\"1:2.11.0-3+deb9u5\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"git-cvs\", ver:\"1:2.11.0-3+deb9u5\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"git-daemon-run\", ver:\"1:2.11.0-3+deb9u5\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"git-daemon-sysvinit\", ver:\"1:2.11.0-3+deb9u5\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"git-doc\", ver:\"1:2.11.0-3+deb9u5\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"git-el\", ver:\"1:2.11.0-3+deb9u5\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"git-email\", ver:\"1:2.11.0-3+deb9u5\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"git-gui\", ver:\"1:2.11.0-3+deb9u5\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"git-man\", ver:\"1:2.11.0-3+deb9u5\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"git-mediawiki\", ver:\"1:2.11.0-3+deb9u5\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"git-svn\", ver:\"1:2.11.0-3+deb9u5\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"gitk\", ver:\"1:2.11.0-3+deb9u5\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"gitweb\", ver:\"1:2.11.0-3+deb9u5\", rls:\"DEB9\"))) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}\n\nexit(0);", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-02-10T14:46:53", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2020-01-24T00:00:00", "type": "openvas", "title": "Debian LTS: Security Advisory for git (DLA-2059-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1387", "CVE-2019-1349", "CVE-2019-1353", "CVE-2019-1348", "CVE-2019-1352"], "modified": "2020-02-10T00:00:00", "id": "OPENVAS:1361412562310892059", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310892059", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.892059\");\n script_version(\"2020-02-10T07:58:04+0000\");\n script_cve_id(\"CVE-2019-1348\", \"CVE-2019-1349\", \"CVE-2019-1352\", \"CVE-2019-1353\", \"CVE-2019-1387\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-02-10 07:58:04 +0000 (Mon, 10 Feb 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-24 04:00:08 +0000 (Fri, 24 Jan 2020)\");\n script_name(\"Debian LTS: Security Advisory for git (DLA-2059-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB8\");\n\n script_xref(name:\"URL\", value:\"https://lists.debian.org/debian-lts-announce/2020/01/msg00019.html\");\n script_xref(name:\"URL\", value:\"https://security-tracker.debian.org/tracker/DLA-2059-1\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'git'\n package(s) announced via the DLA-2059-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Several vulnerabilities have been discovered in git, a fast, scalable,\ndistributed revision control system.\n\nCVE-2019-1348\n\nIt was reported that the --export-marks option of git fast-import is\nexposed also via the in-stream command feature export-marks=...,\nallowing to overwrite arbitrary paths.\n\nCVE-2019-1387\n\nIt was discovered that submodule names are not validated strictly\nenough, allowing very targeted attacks via remote code execution\nwhen performing recursive clones.\n\nIn addition this update addresses a number of security issues which are\nonly an issue if git is operating on an NTFS filesystem (CVE-2019-1349,\nCVE-2019-1352 and CVE-2019-1353).\");\n\n script_tag(name:\"affected\", value:\"'git' package(s) on Debian Linux.\");\n\n script_tag(name:\"solution\", value:\"For Debian 8 'Jessie', these problems have been fixed in version\n1:2.1.4-2.1+deb8u8.\n\nWe recommend that you upgrade your git packages.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif(!isnull(res = isdpkgvuln(pkg:\"git\", ver:\"1:2.1.4-2.1+deb8u8\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"git-all\", ver:\"1:2.1.4-2.1+deb8u8\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"git-arch\", ver:\"1:2.1.4-2.1+deb8u8\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"git-core\", ver:\"1:2.1.4-2.1+deb8u8\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"git-cvs\", ver:\"1:2.1.4-2.1+deb8u8\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"git-daemon-run\", ver:\"1:2.1.4-2.1+deb8u8\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"git-daemon-sysvinit\", ver:\"1:2.1.4-2.1+deb8u8\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"git-doc\", ver:\"1:2.1.4-2.1+deb8u8\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"git-el\", ver:\"1:2.1.4-2.1+deb8u8\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"git-email\", ver:\"1:2.1.4-2.1+deb8u8\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"git-gui\", ver:\"1:2.1.4-2.1+deb8u8\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"git-man\", ver:\"1:2.1.4-2.1+deb8u8\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"git-mediawiki\", ver:\"1:2.1.4-2.1+deb8u8\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"git-svn\", ver:\"1:2.1.4-2.1+deb8u8\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"gitk\", ver:\"1:2.1.4-2.1+deb8u8\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"gitweb\", ver:\"1:2.1.4-2.1+deb8u8\", rls:\"DEB8\"))) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}\n\nexit(0);\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-05-08T16:44:24", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2020-05-02T00:00:00", "type": "openvas", "title": "openSUSE: Security Advisory for git (openSUSE-SU-2020:0598-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1387", "CVE-2019-1350", "CVE-2019-1351", "CVE-2018-11235", "CVE-2018-17456", "CVE-2019-1349", "CVE-2017-15298", "CVE-2020-5260", "CVE-2020-11008", "CVE-2018-11233", "CVE-2019-1353", "CVE-2019-19604", "CVE-2019-1348", "CVE-2019-1354", "CVE-2019-1352"], "modified": "2020-05-07T00:00:00", "id": "OPENVAS:1361412562310853136", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310853136", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.853136\");\n script_version(\"2020-05-07T07:41:43+0000\");\n script_cve_id(\"CVE-2017-15298\", \"CVE-2018-11233\", \"CVE-2018-11235\", \"CVE-2018-17456\", \"CVE-2019-1348\", \"CVE-2019-1349\", \"CVE-2019-1350\", \"CVE-2019-1351\", \"CVE-2019-1352\", \"CVE-2019-1353\", \"CVE-2019-1354\", \"CVE-2019-1387\", \"CVE-2019-19604\", \"CVE-2020-11008\", \"CVE-2020-5260\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-05-07 07:41:43 +0000 (Thu, 07 May 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-05-02 03:00:59 +0000 (Sat, 02 May 2020)\");\n script_name(\"openSUSE: Security Advisory for git (openSUSE-SU-2020:0598-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSELeap15\\.1\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2020:0598-1\");\n script_xref(name:\"URL\", value:\"http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00003.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'git'\n package(s) announced via the openSUSE-SU-2020:0598-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This update for git fixes the following issues:\n\n Security issues fixed:\n\n * CVE-2020-11008: Specially crafted URLs may have tricked the credentials\n helper to providing credential information that is not appropriate for\n the protocol in use and host being contacted (bsc#1169936)\n\n git was updated to 2.26.1 (bsc#1169786, jsc#ECO-1628, bsc#1149792)\n\n - Fix git-daemon not starting after conversion from sysvinit to systemd\n service (bsc#1169605).\n\n * CVE-2020-5260: Specially crafted URLs with newline characters could have\n been used to make the Git client to send credential information for a\n wrong host to the attacker's site bsc#1168930\n\n git 2.26.0 (bsc#1167890, jsc#SLE-11608):\n\n * 'git rebase' now uses a different backend that is based on the 'merge'\n machinery by default. The 'rebase.backend' configuration variable\n reverts to old behaviour when set to 'apply'\n\n * Improved handling of sparse checkouts\n\n * Improvements to many commands and internal features\n\n git 2.25.2:\n\n * bug fixes to various subcommands in specific operations\n\n git 2.25.1:\n\n * 'git commit' now honors advise.statusHints\n\n * various updates, bug fixes and documentation updates\n\n git 2.25.0\n\n * The branch description ('git branch --edit-description') has been used\n to fill the body of the cover letters by the format-patch command, this\n has been enhanced so that the subject can also be filled.\n\n * A few commands learned to take the pathspec from the standard input\n or a named file, instead of taking it as the command line arguments,\n with the '--pathspec-from-file' option.\n\n * Test updates to prepare for SHA-2 transition continues.\n\n * Redo 'git name-rev' to avoid recursive calls.\n\n * When all files from some subdirectory were renamed to the root\n directory, the directory rename heuristics would fail to detect that as\n a rename/merge of the subdirectory to the root directory, which has been\n corrected.\n\n * HTTP transport had possible allocator/deallocator mismatch, which has\n been corrected.\n\n git 2.24.1:\n\n * CVE-2019-1348: The --export-marks option of fast-import is exposed also\n via the in-stream command feature export-marks=... and it allows\n overwriting arbitrary paths (bsc#1158785)\n\n * CVE-2019-1349: on Windows, when submodules are cloned recursively, under\n certain circumstances Git could be fooled into using the same Git\n directory twice (bsc#1158787)\n\n * CVE-2019-1350: Incorrect quoting of command-line arguments allowed\n remote code execution during a recursive clone in conjunction with SSH\n URLs (bsc#1158788)\n\n * CVE-2019-1351: on Windows mistakes drive letters outside of the\n ...\n\n Description truncated. Please see the references for more information.\");\n\n script_tag(name:\"affected\", value:\"'git' package(s) on openSUSE Leap 15.1.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSELeap15.1\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"git\", rpm:\"git~2.26.1~lp151.4.9.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"git-arch\", rpm:\"git-arch~2.26.1~lp151.4.9.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"git-core\", rpm:\"git-core~2.26.1~lp151.4.9.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"git-core-debuginfo\", rpm:\"git-core-debuginfo~2.26.1~lp151.4.9.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"git-credential-gnome-keyring\", rpm:\"git-credential-gnome-keyring~2.26.1~lp151.4.9.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"git-credential-gnome-keyring-debuginfo\", rpm:\"git-credential-gnome-keyring-debuginfo~2.26.1~lp151.4.9.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"git-credential-libsecret\", rpm:\"git-credential-libsecret~2.26.1~lp151.4.9.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"git-credential-libsecret-debuginfo\", rpm:\"git-credential-libsecret-debuginfo~2.26.1~lp151.4.9.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"git-cvs\", rpm:\"git-cvs~2.26.1~lp151.4.9.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"git-daemon\", rpm:\"git-daemon~2.26.1~lp151.4.9.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"git-daemon-debuginfo\", rpm:\"git-daemon-debuginfo~2.26.1~lp151.4.9.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"git-debuginfo\", rpm:\"git-debuginfo~2.26.1~lp151.4.9.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"git-debugsource\", rpm:\"git-debugsource~2.26.1~lp151.4.9.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"git-email\", rpm:\"git-email~2.26.1~lp151.4.9.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"git-gui\", rpm:\"git-gui~2.26.1~lp151.4.9.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"git-p4\", rpm:\"git-p4~2.26.1~lp151.4.9.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"git-svn\", rpm:\"git-svn~2.26.1~lp151.4.9.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"git-svn-debuginfo\", rpm:\"git-svn-debuginfo~2.26.1~lp151.4.9.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"git-web\", rpm:\"git-web~2.26.1~lp151.4.9.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"gitk\", rpm:\"gitk~2.26.1~lp151.4.9.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"git-doc\", rpm:\"git-doc~2.26.1~lp151.4.9.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-01-23T16:33:14", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2020-01-19T00:00:00", "type": "openvas", "title": "CentOS Update for emacs-git CESA-2020:0124 centos7", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1387"], "modified": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562310883166", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310883166", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.883166\");\n script_version(\"2020-01-23T07:59:05+0000\");\n script_cve_id(\"CVE-2019-1387\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 07:59:05 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-19 04:01:41 +0000 (Sun, 19 Jan 2020)\");\n script_name(\"CentOS Update for emacs-git CESA-2020:0124 centos7\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS7\");\n\n script_xref(name:\"CESA\", value:\"2020:0124\");\n script_xref(name:\"URL\", value:\"https://lists.centos.org/pipermail/centos-announce/2020-January/035606.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'emacs-git'\n package(s) announced via the CESA-2020:0124 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Git is a distributed revision control system with a decentralized\narchitecture. As opposed to centralized version control systems with a\nclient-server model, Git ensures that each working copy of a Git repository\nis an exact copy with complete revision history. This not only allows the\nuser to work on and contribute to projects without the need to have\npermission to push the changes to their official repositories, but also\nmakes it possible for the user to work with no network connection.\n\nSecurity Fix(es):\n\n * git: Remote code execution in recursive clones with nested submodules\n(CVE-2019-1387)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage(s) listed in the References section.\");\n\n script_tag(name:\"affected\", value:\"'emacs-git' package(s) on CentOS 7.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"CentOS7\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"emacs-git\", rpm:\"emacs-git~1.8.3.1~21.el7_7\", rls:\"CentOS7\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"emacs-git-el\", rpm:\"emacs-git-el~1.8.3.1~21.el7_7\", rls:\"CentOS7\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"git\", rpm:\"git~1.8.3.1~21.el7_7\", rls:\"CentOS7\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"git-all\", rpm:\"git-all~1.8.3.1~21.el7_7\", rls:\"CentOS7\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"git-bzr\", rpm:\"git-bzr~1.8.3.1~21.el7_7\", rls:\"CentOS7\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"git-cvs\", rpm:\"git-cvs~1.8.3.1~21.el7_7\", rls:\"CentOS7\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"git-daemon\", rpm:\"git-daemon~1.8.3.1~21.el7_7\", rls:\"CentOS7\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"git-email\", rpm:\"git-email~1.8.3.1~21.el7_7\", rls:\"CentOS7\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"git-gnome-keyring\", rpm:\"git-gnome-keyring~1.8.3.1~21.el7_7\", rls:\"CentOS7\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"git-gui\", rpm:\"git-gui~1.8.3.1~21.el7_7\", rls:\"CentOS7\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"git-hg\", rpm:\"git-hg~1.8.3.1~21.el7_7\", rls:\"CentOS7\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"git-instaweb\", rpm:\"git-instaweb~1.8.3.1~21.el7_7\", rls:\"CentOS7\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"gitk\", rpm:\"gitk~1.8.3.1~21.el7_7\", rls:\"CentOS7\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"git-p4\", rpm:\"git-p4~1.8.3.1~21.el7_7\", rls:\"CentOS7\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"git-svn\", rpm:\"git-svn~1.8.3.1~21.el7_7\", rls:\"CentOS7\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"gitweb\", rpm:\"gitweb~1.8.3.1~21.el7_7\", rls:\"CentOS7\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"perl-Git\", rpm:\"perl-Git~1.8.3.1~21.el7_7\", rls:\"CentOS7\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"perl-Git-SVN\", rpm:\"perl-Git-SVN~1.8.3.1~21.el7_7\", rls:\"CentOS7\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-04-17T16:56:53", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-04-16T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for git (EulerOS-SA-2020-1386)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1387"], "modified": "2020-04-16T00:00:00", "id": "OPENVAS:1361412562311220201386", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220201386", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from the referenced\n# advisories, and are Copyright (C) by the respective right holder(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2020.1386\");\n script_version(\"2020-04-16T05:46:04+0000\");\n script_cve_id(\"CVE-2019-1387\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-04-16 05:46:04 +0000 (Thu, 16 Apr 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-04-16 05:46:04 +0000 (Thu, 16 Apr 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for git (EulerOS-SA-2020-1386)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP3\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2020-1386\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-1386\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'git' package(s) announced via the EulerOS-SA-2020-1386 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"An issue was found in Git before v2.24.1, v2.23.1, v2.22.2, v2.21.1, v2.20.2, v2.19.3, v2.18.2, v2.17.3, v2.16.6, v2.15.4, and v2.14.6. Recursive clones are currently affected by a vulnerability that is caused by too-lax validation of submodule names, allowing very targeted attacks via remote code execution in recursive clones.(CVE-2019-1387)\");\n\n script_tag(name:\"affected\", value:\"'git' package(s) on Huawei EulerOS V2.0SP3.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP3\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"git\", rpm:\"git~1.8.3.1~20.h3\", rls:\"EULEROS-2.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"perl-Git\", rpm:\"perl-Git~1.8.3.1~20.h3\", rls:\"EULEROS-2.0SP3\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "suse": [{"lastseen": "2022-04-18T12:41:31", "description": "An update that solves 9 vulnerabilities and has two fixes\n is now available.\n\nDescription:\n\n This update for git fixes the following issues:\n\n Security issues fixed:\n\n - CVE-2019-1349: Fixed issue on Windows, when submodules are cloned\n recursively, under certain circumstances Git could be fooled into using\n the same Git directory twice (bsc#1158787).\n - CVE-2019-19604: Fixed a recursive clone followed by a submodule update\n could execute code contained within the repository without the user\n explicitly having asked for that (bsc#1158795).\n - CVE-2019-1387: Fixed recursive clones that are currently affected by a\n vulnerability that is caused by too-lax validation of submodule names,\n allowing very targeted attacks via remote code execution in recursive\n clones (bsc#1158793).\n - CVE-2019-1354: Fixed issue on Windows that refuses to write tracked\n files with filenames that contain backslashes (bsc#1158792).\n - CVE-2019-1353: Fixed issue when run in the Windows Subsystem for Linux\n while accessing a working directory on a regular Windows drive, none of\n the NTFS protections were active (bsc#1158791).\n - CVE-2019-1352: Fixed issue on Windows was unaware of NTFS Alternate Data\n Streams (bsc#1158790).\n - CVE-2019-1351: Fixed issue on Windows mistakes drive letters outside of\n the US-English alphabet as relative paths (bsc#1158789).\n - CVE-2019-1350: Fixed incorrect quoting of command-line arguments allowed\n remote code execution during a recursive clone in conjunction with SSH\n URLs (bsc#1158788).\n - CVE-2019-1348: Fixed the --export-marks option of fast-import is exposed\n also via the in-stream command feature export-marks=... and it allows\n overwriting arbitrary paths (bsc#1158785).\n - Fixes an issue where git send-email failed to authenticate with SMTP\n server (bsc#1082023)\n\n Bug fixes:\n\n - Add zlib dependency, which used to be provided by openssl-devel, so that\n package can compile successfully after openssl upgrade to 1.1.1.\n (bsc#1149792).\n\n This update was imported from the SUSE:SLE-15:Update update project.\n\n\nPatch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended installation methods\n like YaST online_update or \"zypper patch\".\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 15.1:\n\n zypper in -t patch openSUSE-2020-123=1", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-01-29T00:00:00", "type": "suse", "title": "Security update for git (important)", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1348", "CVE-2019-1349", "CVE-2019-1350", "CVE-2019-1351", "CVE-2019-1352", "CVE-2019-1353", "CVE-2019-1354", "CVE-2019-1387", "CVE-2019-19604"], "modified": "2020-01-29T00:00:00", "id": "OPENSUSE-SU-2020:0123-1", "href": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/MGTC3VP4MCFQ5HPSFYOHMPVGOI32A7EM/", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-05-24T18:51:03", "description": "An update that solves 15 vulnerabilities and has 8 fixes is\n now available.\n\nDescription:\n\n This update for git fixes the following issues:\n\n Security issues fixed:\n\n * CVE-2020-11008: Specially crafted URLs may have tricked the credentials\n helper to providing credential information that is not appropriate for\n the protocol in use and host being contacted (bsc#1169936)\n\n git was updated to 2.26.1 (bsc#1169786, jsc#ECO-1628, bsc#1149792)\n\n - Fix git-daemon not starting after conversion from sysvinit to systemd\n service (bsc#1169605).\n\n * CVE-2020-5260: Specially crafted URLs with newline characters could have\n been used to make the Git client to send credential information for a\n wrong host to the attacker's site bsc#1168930\n\n git 2.26.0 (bsc#1167890, jsc#SLE-11608):\n\n * \"git rebase\" now uses a different backend that is based on the 'merge'\n machinery by default. The 'rebase.backend' configuration variable\n reverts to old behaviour when set to 'apply'\n * Improved handling of sparse checkouts\n * Improvements to many commands and internal features\n\n git 2.25.2:\n\n * bug fixes to various subcommands in specific operations\n\n git 2.25.1:\n\n * \"git commit\" now honors advise.statusHints\n * various updates, bug fixes and documentation updates\n\n git 2.25.0\n\n * The branch description (\"git branch --edit-description\") has been used\n to fill the body of the cover letters by the format-patch command; this\n has been enhanced so that the subject can also be filled.\n * A few commands learned to take the pathspec from the standard input\n or a named file, instead of taking it as the command line arguments,\n with the \"--pathspec-from-file\" option.\n * Test updates to prepare for SHA-2 transition continues.\n * Redo \"git name-rev\" to avoid recursive calls.\n * When all files from some subdirectory were renamed to the root\n directory, the directory rename heuristics would fail to detect that as\n a rename/merge of the subdirectory to the root directory, which has been\n corrected.\n * HTTP transport had possible allocator/deallocator mismatch, which has\n been corrected.\n\n git 2.24.1:\n\n * CVE-2019-1348: The --export-marks option of fast-import is exposed also\n via the in-stream command feature export-marks=... and it allows\n overwriting arbitrary paths (bsc#1158785)\n * CVE-2019-1349: on Windows, when submodules are cloned recursively, under\n certain circumstances Git could be fooled into using the same Git\n directory twice (bsc#1158787)\n * CVE-2019-1350: Incorrect quoting of command-line arguments allowed\n remote code execution during a recursive clone in conjunction with SSH\n URLs (bsc#1158788)\n * CVE-2019-1351: on Windows mistakes drive letters outside of the\n US-English alphabet as relative paths (bsc#1158789)\n * CVE-2019-1352: on Windows was unaware of NTFS Alternate Data Streams\n (bsc#1158790)\n * CVE-2019-1353: when run in the Windows Subsystem for Linux while\n accessing a working directory on a regular Windows drive, none of the\n NTFS protections were active (bsc#1158791)\n * CVE-2019-1354: on Windows refuses to write tracked files with filenames\n that contain backslashes (bsc#1158792)\n * CVE-2019-1387: Recursive clones vulnerability that is caused by too-lax\n validation of submodule names, allowing very targeted attacks via remote\n code execution in recursive clones (bsc#1158793)\n * CVE-2019-19604: a recursive clone followed by a submodule update could\n execute code contained within the repository without the user explicitly\n having asked for that (bsc#1158795)\n\n git 2.24.0\n\n * The command line parser learned \"--end-of-options\" notation.\n * A mechanism to affect the default setting for a (related) group of\n configuration variables is introduced.\n * \"git fetch\" learned \"--set-upstream\" option to help those who first\n clone from their private fork they intend to push to, add the true\n upstream via \"git remote add\" and then \"git fetch\" from it.\n * fixes and improvements to UI, workflow and features, bash completion\n fixes\n\n git 2.23.0:\n\n * The \"--base\" option of \"format-patch\" computed the patch-ids for\n prerequisite patches in an unstable way, which has been updated to\n compute in a way that is compatible with \"git patch-id\n --stable\".\n * The \"git log\" command by default behaves as if the --mailmap\n option was given.\n * fixes and improvements to UI, workflow and features\n\n git 2.22.1\n\n * A relative pathname given to \"git init --template=<path> <repo>\"\n ought to be relative to the directory \"git init\" gets invoked in, but it\n instead was made relative to the repository, which has been corrected.\n * \"git worktree add\" used to fail when another worktree connected to the\n same repository was corrupt, which has been corrected.\n * \"git am -i --resolved\" segfaulted after trying to see a commit as if it\n were a tree, which has been corrected.\n * \"git merge --squash\" is designed to update the working tree and the\n index without creating the commit, and this cannot be countermanded by\n adding the \"--commit\" option; the command now refuses to work when both\n options are given.\n * Update to Unicode 12.1 width table.\n * \"git request-pull\" learned to warn when the ref we ask them to pull from\n in the local repository and in the published repository are different.\n * \"git fetch\" into a lazy clone forgot to fetch base objects that are\n necessary to complete delta in a thin packfile, which has been corrected.\n * The URL decoding code has been updated to avoid going past the end\n of the string while parsing %-<hex>-<hex> sequence.\n * \"git clean\" silently skipped a path when it cannot lstat() it; now it\n gives a warning.\n * \"git rm\" to resolve a conflicted path leaked an internal message \"needs\n merge\" before actually removing the path, which was confusing. This has\n been corrected.\n * Many more bugfixes and code cleanups.\n\n - removal of SuSEfirewall2 service, since SuSEfirewall2 has been replaced\n by firewalld.\n\n - partial fix for git instaweb giving 500 error (bsc#1112230)\n\n git 2.22.0\n\n * The filter specification \"--filter=sparse:path=<path>\" used to create a\n lazy/partial clone has been removed. Using a blob that is part of the\n project as sparse specification is still supported with the\n \"--filter=sparse:oid=<blob>\" option\n * \"git checkout --no-overlay\" can be used to trigger a new mode of\n checking out paths out of the tree-ish, that allows paths that match the\n pathspec that are in the current index and working tree and are not in\n the tree-ish.\n * Four new configuration variables {author,committer}.{name,email} have\n been introduced to override user.{name,email} in more specific cases.\n * \"git branch\" learned a new subcommand \"--show-current\".\n * The command line completion (in contrib/) has been taught to complete\n more subcommand parameters.\n * The completion helper code now pays attention to repository-local\n configuration (when available), which allows --list-cmds to honour a\n repository specific setting of completion.commands, for example.\n * The list of conflicted paths shown in the editor while concluding a\n conflicted merge was shown above the scissors line when the clean-up\n mode is set to \"scissors\", even though it was commented\n out just like the list of updated paths and other information to help\n the user explain the merge better.\n * \"git rebase\" that was reimplemented in C did not set ORIG_HEAD\n correctly, which has been corrected.\n * \"git worktree add\" used to do a \"find an available name with stat and\n then mkdir\", which is race-prone. This has been fixed by using mkdir and\n reacting to EEXIST in a loop.\n\n - Move to DocBook 5.x. Asciidoctor 2.x no longer supports the legacy\n DocBook 4.5 format.\n\n - update git-web AppArmor profile for bash and tar usrMerge (bsc#1132350)\n\n git 2.21.0\n\n * Historically, the \"-m\" (mainline) option can only be used for \"git\n cherry-pick\" and \"git revert\" when working with a merge commit. This\n version of Git no longer warns or errors out when working with a\n single-parent commit, as long as the argument to the \"-m\" option is 1\n (i.e. it has only one parent, and the request is to pick or revert\n relative to that first parent). Scripts that relied on the behaviour may\n get broken with this change.\n * Small fixes and features for fast-export and fast-import.\n * The \"http.version\" configuration variable can be used with recent enough\n versions of cURL library to force the version of HTTP used to talk when\n fetching and pushing.\n * \"git push $there $src:$dst\" rejects when $dst is not a fully qualified\n refname and it is not clear what the end user meant.\n * Update \"git multimail\" from the upstream.\n * A new date format \"--date=human\" that morphs its output depending\n on how far the time is from the current time has been introduced.\n \"--date=auto:human\" can be used to use this new format (or any existing\n format) when the output is going to the pager or to the terminal, and\n otherwise the default format.\n\n - Fix worktree creation race (bsc#1114225).\n - add shadow build dependency to the -daemon subpackage.\n\n\n git 2.20.1:\n\n * portability fixes\n * \"git help -a\" did not work well when an overly long alias was defined\n * no longer squelched an error message when the run_command API failed to\n run a missing command\n\n git 2.20.0\n\n * \"git help -a\" now gives verbose output (same as \"git help -av\"). Those\n who want the old output may say \"git help --no-verbose -a\"..\n * \"git send-email\" learned to grab address-looking string on any trailer\n whose name ends with \"-by\".\n * \"git format-patch\" learned new \"--interdiff\" and \"--range-diff\"\n options to explain the difference between this version and the previous\n attempt in the cover letter (or after the three-dashes as a comment).\n * Developer builds now use -Wunused-function compilation option.\n * Fix a bug in which the same path could be registered under multiple\n worktree entries if the path was missing (for instance, was removed\n manually). Also, as a convenience, expand the number of cases in which\n --force is applicable.\n * The overly large Documentation/config.txt file have been split into\n million little pieces. This potentially allows each individual piece to\n be included into the manual page of the command it affects more easily.\n * Malformed or crafted data in packstream can make our code attempt to\n read or write past the allocated buffer and abort, instead of reporting\n an error, which has been fixed.\n * Fix for a long-standing bug that leaves the index file corrupt when it\n shrinks during a partial commit.\n * \"git merge\" and \"git pull\" that merges into an unborn branch used to\n completely ignore \"--verify-signatures\", which has been corrected.\n * ...and much more features and fixes\n\n git 2.19.2:\n\n * various bug fixes for multiple subcommands and operations\n\n git 2.19.1:\n\n * CVE-2018-17456: Specially crafted .gitmodules files may have allowed\n arbitrary code execution when the repository is cloned with\n --recurse-submodules (bsc#1110949)\n\n git 2.19.0:\n\n * \"git diff\" compares the index and the working tree. For paths added\n with intent-to-add bit, the command shows the full contents\n of them as added, but the paths themselves were not marked as new\n files. They are now shown as new by default.\n * \"git apply\" learned the \"--intent-to-add\" option so that an\n otherwise working-tree-only application of a patch will add new paths to\n the index marked with the \"intent-to-add\" bit.\n * \"git grep\" learned the \"--column\" option that gives not just the line\n number but the column number of the hit.\n * The \"-l\" option in \"git branch -l\" is an unfortunate short-hand for\n \"--create-reflog\", but many users, both old and new, somehow expect it\n to be something else, perhaps \"--list\". This step warns when \"-l\" is\n used as a short-hand for \"--create-reflog\" and warns about the future\n repurposing of the it when it is used.\n * The userdiff pattern for .php has been updated.\n * The content-transfer-encoding of the message \"git send-email\" sends\n out by default was 8bit, which can cause trouble when there is an\n overlong line to bust RFC 5322/2822 limit. A new option 'auto' to\n automatically switch to quoted-printable when there is such a line in\n the payload has been introduced and is made the default.\n * \"git checkout\" and \"git worktree add\" learned to honor\n checkout.defaultRemote when auto-vivifying a local branch out of a\n remote tracking branch in a repository with multiple remotes that have\n tracking branches that share the same names. (merge 8d7b558bae\n ab/checkout-default-remote later to maint).\n * \"git grep\" learned the \"--only-matching\" option.\n * \"git rebase --rebase-merges\" mode now handles octopus merges as well.\n * Add a server-side knob to skip commits in exponential/fibbonacci stride\n in an attempt to cover wider swath of history with a smaller number of\n iterations, potentially accepting a larger packfile transfer, instead of\n going back one commit a time during common ancestor discovery during the\n \"git fetch\" transaction. (merge 42cc7485a2 jt/fetch-negotiator-skipping\n later to maint).\n * A new configuration variable core.usereplacerefs has been added,\n primarily to help server installations that want to ignore the replace\n mechanism altogether.\n * Teach \"git tag -s\" etc. a few configuration variables (gpg.format that\n can be set to \"openpgp\" or \"x509\", and gpg.<format>.program that is used\n to specify what program to use to deal with the format) to allow x.509\n certs with CMS via \"gpgsm\" to be used instead of\n openpgp via \"gnupg\".\n * Many more strings are prepared for l10n.\n * \"git p4 submit\" learns to ask its own pre-submit hook if it should\n continue with submitting.\n * The test performed at the receiving end of \"git push\" to prevent bad\n objects from entering repository can be customized via receive.fsck.*\n configuration variables; we now have gained a counterpart to do the same\n on the \"git fetch\" side, with fetch.fsck.* configuration variables.\n * \"git pull --rebase=interactive\" learned \"i\" as a short-hand for\n \"interactive\".\n * \"git instaweb\" has been adjusted to run better with newer Apache on\n RedHat based distros.\n * \"git range-diff\" is a reimplementation of \"git tbdiff\" that lets us\n compare individual patches in two iterations of a topic.\n * The sideband code learned to optionally paint selected keywords at the\n beginning of incoming lines on the receiving end.\n * \"git branch --list\" learned to take the default sort order from the\n 'branch.sort' configuration variable, just like \"git tag --list\" pays\n attention to 'tag.sort'.\n * \"git worktree\" command learned \"--quiet\" option to make it less verbose.\n\n git 2.18.0:\n\n * improvements to rename detection logic\n * When built with more recent cURL, GIT_SSL_VERSION can now specify\n \"tlsv1.3\" as its value.\n * \"git mergetools\" learned talking to guiffy.\n * various other workflow improvements and fixes\n * performance improvements and other developer visible fixes\n\n git 2.17.1\n\n * Submodule \"names\" come from the untrusted .gitmodules file, but we\n blindly append them to $GIT_DIR/modules to create our on-disk repo\n paths. This means you can do bad things by putting \"../\" into the name.\n We now enforce some rules for submodule names which will cause Git to\n ignore these malicious names (CVE-2018-11235, bsc#1095219)\n * It was possible to trick the code that sanity-checks paths on NTFS into\n reading random piece of memory (CVE-2018-11233, bsc#1095218)\n * Support on the server side to reject pushes to repositories that attempt\n to create such problematic .gitmodules file etc. as tracked contents, to\n help hosting sites protect their customers by preventing malicious\n contents from spreading.\n\n git 2.17.0:\n\n * \"diff\" family of commands learned \"--find-object=<object-id>\" option to\n limit the findings to changes that involve the named object.\n * \"git format-patch\" learned to give 72-cols to diffstat, which is\n consistent with other line length limits the subcommand uses for its\n output meant for e-mails.\n * The log from \"git daemon\" can be redirected with a new option; one\n relevant use case is to send the log to standard error (instead of\n syslog) when running it from inetd.\n * \"git rebase\" learned to take \"--allow-empty-message\" option.\n * \"git am\" has learned the \"--quit\" option, in addition to the existing\n \"--abort\" option; having the pair mirrors a few other commands like\n \"rebase\" and \"cherry-pick\".\n * \"git worktree add\" learned to run the post-checkout hook, just like \"git\n clone\" runs it upon the initial checkout.\n * \"git tag\" learned an explicit \"--edit\" option that allows the message\n given via \"-m\" and \"-F\" to be further edited.\n * \"git fetch --prune-tags\" may be used as a handy short-hand for getting\n rid of stale tags that are locally held.\n * The new \"--show-current-patch\" option gives an end-user facing way to\n get the diff being applied when \"git rebase\" (and \"git am\") stops with a\n conflict.\n * \"git add -p\" used to offer \"/\" (look for a matching hunk) as a choice,\n even there was only one hunk, which has been corrected. Also the\n single-key help is now given only for keys that are enabled (e.g. help\n for '/' won't be shown when there is only one hunk).\n * Since Git 1.7.9, \"git merge\" defaulted to --no-ff (i.e. even when the\n side branch being merged is a descendant of the current commit, create a\n merge commit instead of fast-forwarding) when merging a tag object.\n This was appropriate default for integrators who pull signed tags from\n their downstream contributors, but caused an unnecessary merges when\n used by downstream contributors who habitually \"catch up\" their topic\n branches with tagged releases from the upstream. Update \"git merge\" to\n default to --no-ff only when merging a tag object that does *not* sit at\n its usual place in refs/tags/ hierarchy, and allow fast-forwarding\n otherwise, to mitigate the problem.\n * \"git status\" can spend a lot of cycles to compute the relation between\n the current branch and its upstream, which can now be disabled with\n \"--no-ahead-behind\" option.\n * \"git diff\" and friends learned funcname patterns for Go language source\n files.\n * \"git send-email\" learned \"--reply-to=<address>\" option.\n * Funcname pattern used for C# now recognizes \"async\" keyword.\n * In a way similar to how \"git tag\" learned to honor the pager setting\n only in the list mode, \"git config\" learned to ignore the pager setting\n when it is used for setting values (i.e. when the purpose of the\n operation is not to \"show\").\n\n This update was imported from the SUSE:SLE-15:Update update project.\n\n\nPatch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended installation methods\n like YaST online_update or \"zypper patch\".\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 15.1:\n\n zypper in -t patch openSUSE-2020-598=1", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-05-01T00:00:00", "type": "suse", "title": "Security update for git (moderate)", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-15298", "CVE-2018-11233", "CVE-2018-11235", "CVE-2018-17456", "CVE-2019-1348", "CVE-2019-1349", "CVE-2019-1350", "CVE-2019-1351", "CVE-2019-1352", "CVE-2019-1353", "CVE-2019-1354", "CVE-2019-1387", "CVE-2019-19604", "CVE-2020-11008", "CVE-2020-5260"], "modified": "2020-05-01T00:00:00", "id": "OPENSUSE-SU-2020:0598-1", "href": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/VP5YOKSRLMTVAPQKPHEDGCOIZL5JKJW5/", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "nessus": [{"lastseen": "2022-05-19T17:16:35", "description": "Per the upstream release announcement¹, this release fixes 'various security flaws, which allowed an attacker to overwrite arbitrary paths, remotely execute code, and/or overwrite files in the .git/ directory etc. See the release notes attached for the list for their descriptions and CVE identifiers.'\n\nRefer to the 2.14.6 release notes² for details on these vulnerabilities and the 2.24.0 release notes³ for details on other improvements and fixes since 2.23.0.\n\n¹\nhttps://lore.kernel.org/git/xmqqr21cqcn9.fsf@gitster-ct.c.googlers.com / ²\nhttps://www.kernel.org/pub/software/scm/git/docs/RelNotes/2.14.6.txt ³\nhttps://www.kernel.org/pub/software/scm/git/docs/RelNotes/2.24.0.txt\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2019-12-18T00:00:00", "type": "nessus", "title": "Fedora 31 : git (2019-c841bcc3b9)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1348", "CVE-2019-1349", "CVE-2019-1350", "CVE-2019-1351", "CVE-2019-1352", "CVE-2019-1353", "CVE-2019-1354", "CVE-2019-1387", "CVE-2019-19604"], "modified": "2022-05-18T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:git", "cpe:/o:fedoraproject:fedora:31"], "id": "FEDORA_2019-C841BCC3B9.NASL", "href": "https://www.tenable.com/plugins/nessus/132119", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2019-c841bcc3b9.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(132119);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/18\");\n\n script_cve_id(\"CVE-2019-1348\", \"CVE-2019-1349\", \"CVE-2019-1350\", \"CVE-2019-1351\", \"CVE-2019-1352\", \"CVE-2019-1353\", \"CVE-2019-1354\", \"CVE-2019-1387\", \"CVE-2019-19604\");\n script_xref(name:\"FEDORA\", value:\"2019-c841bcc3b9\");\n\n script_name(english:\"Fedora 31 : git (2019-c841bcc3b9)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Per the upstream release announcement¹, this release fixes\n'various security flaws, which allowed an attacker to overwrite\narbitrary paths, remotely execute code, and/or overwrite files in the\n.git/ directory etc. See the release notes attached for the list for\ntheir descriptions and CVE identifiers.'\n\nRefer to the 2.14.6 release notes² for details on these\nvulnerabilities and the 2.24.0 release notes³ for details on\nother improvements and fixes since 2.23.0.\n\n¹\nhttps://lore.kernel.org/git/xmqqr21cqcn9.fsf@gitster-ct.c.googlers.com\n/ ²\nhttps://www.kernel.org/pub/software/scm/git/docs/RelNotes/2.14.6.txt\n³\nhttps://www.kernel.org/pub/software/scm/git/docs/RelNotes/2.24.0.txt\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2019-c841bcc3b9\"\n );\n # https://lore.kernel.org/git/xmqqr21cqcn9.fsf@gitster-ct.c.googlers.com/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?d05d9ca8\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.kernel.org/pub/software/scm/git/docs/RelNotes/2.14.6.txt\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected git package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-19604\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:git\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:31\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/12/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/12/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/12/18\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^31([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 31\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC31\", reference:\"git-2.24.1-1.fc31\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"git\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-05-19T17:15:43", "description": "Git mistakes some paths for relative paths allowing writing outside of the worktree while cloning (CVE-2019-1351)\n\nNTFS protections inactive when running Git in the Windows Subsystem for Linux (CVE-2019-1353)\n\nremote code execution in recursive clones with nested submodules (CVE-2019-1387)\n\nArbitrary path overwriting via export-marks command option (CVE-2019-1348)\n\nFiles inside the .git directory may be overwritten during cloning via NTFS Alternate Data Streams (CVE-2019-1352)\n\nrecursive submodule cloning allows using git directory twice with synonymous directory name written in .git/ (CVE-2019-1349)\n\nIncorrect quoting of command-line arguments allowed remote code execution during a recursive clone (CVE-2019-1350)\n\nGit does not refuse to write out tracked files with backlashes in filenames (CVE-2019-1354)\n\nRecursive clone followed by a submodule update could execute code contained within repository without the user explicitly consent Arbitrary command execution is possible in Git before 2.20.2, 2.21.x before 2.21.1, 2.22.x before 2.22.2, 2.23.x before 2.23.1, and 2.24.x before 2.24.1 because a 'git submodule update' operation can run commands found in the .gitmodules file of a malicious repository.(CVE-2019-19604)", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2019-12-19T00:00:00", "type": "nessus", "title": "Amazon Linux 2 : git (ALAS-2019-1371)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1348", "CVE-2019-1349", "CVE-2019-1350", "CVE-2019-1351", "CVE-2019-1352", "CVE-2019-1353", "CVE-2019-1354", "CVE-2019-1387", "CVE-2019-19604"], "modified": "2022-05-18T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:git", "p-cpe:/a:amazon:linux:git-all", "p-cpe:/a:amazon:linux:git-core", "p-cpe:/a:amazon:linux:git-core-doc", "p-cpe:/a:amazon:linux:git-cvs", "p-cpe:/a:amazon:linux:git-daemon", "p-cpe:/a:amazon:linux:git-debuginfo", "p-cpe:/a:amazon:linux:git-email", "p-cpe:/a:amazon:linux:git-gui", "p-cpe:/a:amazon:linux:git-instaweb", "p-cpe:/a:amazon:linux:git-p4", "p-cpe:/a:amazon:linux:git-subtree", "p-cpe:/a:amazon:linux:git-svn", "p-cpe:/a:amazon:linux:gitk", "p-cpe:/a:amazon:linux:gitweb", "p-cpe:/a:amazon:linux:perl-Git", "p-cpe:/a:amazon:linux:perl-Git-SVN", "cpe:/o:amazon:linux:2"], "id": "AL2_ALAS-2019-1371.NASL", "href": "https://www.tenable.com/plugins/nessus/132259", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux 2 Security Advisory ALAS-2019-1371.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(132259);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/18\");\n\n script_cve_id(\"CVE-2019-1348\", \"CVE-2019-1349\", \"CVE-2019-1350\", \"CVE-2019-1351\", \"CVE-2019-1352\", \"CVE-2019-1353\", \"CVE-2019-1354\", \"CVE-2019-1387\", \"CVE-2019-19604\");\n script_xref(name:\"ALAS\", value:\"2019-1371\");\n\n script_name(english:\"Amazon Linux 2 : git (ALAS-2019-1371)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Amazon Linux 2 host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Git mistakes some paths for relative paths allowing writing outside of\nthe worktree while cloning (CVE-2019-1351)\n\nNTFS protections inactive when running Git in the Windows Subsystem\nfor Linux (CVE-2019-1353)\n\nremote code execution in recursive clones with nested submodules\n(CVE-2019-1387)\n\nArbitrary path overwriting via export-marks command option\n(CVE-2019-1348)\n\nFiles inside the .git directory may be overwritten during cloning via\nNTFS Alternate Data Streams (CVE-2019-1352)\n\nrecursive submodule cloning allows using git directory twice with\nsynonymous directory name written in .git/ (CVE-2019-1349)\n\nIncorrect quoting of command-line arguments allowed remote code\nexecution during a recursive clone (CVE-2019-1350)\n\nGit does not refuse to write out tracked files with backlashes in\nfilenames (CVE-2019-1354)\n\nRecursive clone followed by a submodule update could execute code\ncontained within repository without the user explicitly consent\nArbitrary command execution is possible in Git before 2.20.2, 2.21.x\nbefore 2.21.1, 2.22.x before 2.22.2, 2.23.x before 2.23.1, and 2.24.x\nbefore 2.24.1 because a 'git submodule update' operation can run\ncommands found in the .gitmodules file of a malicious\nrepository.(CVE-2019-19604)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/AL2/ALAS-2019-1371.html\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Run 'yum update git' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-19604\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:git\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:git-all\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:git-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:git-core-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:git-cvs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:git-daemon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:git-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:git-email\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:git-gui\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:git-instaweb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:git-p4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:git-subtree\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:git-svn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:gitk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:gitweb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:perl-Git\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:perl-Git-SVN\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux:2\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/12/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/12/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/12/19\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"2\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux 2\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"AL2\", reference:\"git-2.23.1-1.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"git-all-2.23.1-1.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"git-core-2.23.1-1.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"git-core-doc-2.23.1-1.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"git-cvs-2.23.1-1.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"git-daemon-2.23.1-1.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"git-debuginfo-2.23.1-1.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"git-email-2.23.1-1.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"git-gui-2.23.1-1.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"git-instaweb-2.23.1-1.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"git-p4-2.23.1-1.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"git-subtree-2.23.1-1.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"git-svn-2.23.1-1.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"gitk-2.23.1-1.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"gitweb-2.23.1-1.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"perl-Git-2.23.1-1.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"perl-Git-SVN-2.23.1-1.amzn2.0.1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"git / git-all / git-core / git-core-doc / git-cvs / git-daemon / etc\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-05-19T17:14:01", "description": "This update for git fixes the following issues :\n\nSecurity issues fixed :\n\nCVE-2019-1349: Fixed issue on Windows, when submodules are cloned recursively, under certain circumstances Git could be fooled into using the same Git directory twice (bsc#1158787).\n\nCVE-2019-19604: Fixed a recursive clone followed by a submodule update could execute code contained within the repository without the user explicitly having asked for that (bsc#1158795).\n\nCVE-2019-1387: Fixed recursive clones that are currently affected by a vulnerability that is caused by too-lax validation of submodule names, allowing very targeted attacks via remote code execution in recursive clones (bsc#1158793).\n\nCVE-2019-1354: Fixed issue on Windows that refuses to write tracked files with filenames that contain backslashes (bsc#1158792).\n\nCVE-2019-1353: Fixed issue when run in the Windows Subsystem for Linux while accessing a working directory on a regular Windows drive, none of the NTFS protections were active (bsc#1158791).\n\nCVE-2019-1352: Fixed issue on Windows was unaware of NTFS Alternate Data Streams (bsc#1158790).\n\nCVE-2019-1351: Fixed issue on Windows mistakes drive letters outside of the US-English alphabet as relative paths (bsc#1158789).\n\nCVE-2019-1350: Fixed incorrect quoting of command-line arguments allowed remote code execution during a recursive clone in conjunction with SSH URLs (bsc#1158788).\n\nCVE-2019-1348: Fixed the --export-marks option of fast-import is exposed also via the in-stream command feature export-marks=... and it allows overwriting arbitrary paths (bsc#1158785).\n\nFixed an issue where git send-email fails to authenticate with SMTP server (bsc#1082023)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2019-12-17T00:00:00", "type": "nessus", "title": "SUSE SLES12 Security Update : git (SUSE-SU-2019:3311-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1348", "CVE-2019-1349", "CVE-2019-1350", "CVE-2019-1351", "CVE-2019-1352", "CVE-2019-1353", "CVE-2019-1354", "CVE-2019-1387", "CVE-2019-19604"], "modified": "2022-05-18T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:git-core", "p-cpe:/a:novell:suse_linux:git-core-debuginfo", "p-cpe:/a:novell:suse_linux:git-debugsource", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2019-3311-1.NASL", "href": "https://www.tenable.com/plugins/nessus/132093", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2019:3311-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(132093);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/18\");\n\n script_cve_id(\n \"CVE-2019-1348\",\n \"CVE-2019-1349\",\n \"CVE-2019-1350\",\n \"CVE-2019-1351\",\n \"CVE-2019-1352\",\n \"CVE-2019-1353\",\n \"CVE-2019-1354\",\n \"CVE-2019-1387\",\n \"CVE-2019-19604\"\n );\n\n script_name(english:\"SUSE SLES12 Security Update : git (SUSE-SU-2019:3311-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"This update for git fixes the following issues :\n\nSecurity issues fixed :\n\nCVE-2019-1349: Fixed issue on Windows, when submodules are cloned\nrecursively, under certain circumstances Git could be fooled into\nusing the same Git directory twice (bsc#1158787).\n\nCVE-2019-19604: Fixed a recursive clone followed by a submodule update\ncould execute code contained within the repository without the user\nexplicitly having asked for that (bsc#1158795).\n\nCVE-2019-1387: Fixed recursive clones that are currently affected by a\nvulnerability that is caused by too-lax validation of submodule names,\nallowing very targeted attacks via remote code execution in recursive\nclones (bsc#1158793).\n\nCVE-2019-1354: Fixed issue on Windows that refuses to write tracked\nfiles with filenames that contain backslashes (bsc#1158792).\n\nCVE-2019-1353: Fixed issue when run in the Windows Subsystem for Linux\nwhile accessing a working directory on a regular Windows drive, none\nof the NTFS protections were active (bsc#1158791).\n\nCVE-2019-1352: Fixed issue on Windows was unaware of NTFS Alternate\nData Streams (bsc#1158790).\n\nCVE-2019-1351: Fixed issue on Windows mistakes drive letters outside\nof the US-English alphabet as relative paths (bsc#1158789).\n\nCVE-2019-1350: Fixed incorrect quoting of command-line arguments\nallowed remote code execution during a recursive clone in conjunction\nwith SSH URLs (bsc#1158788).\n\nCVE-2019-1348: Fixed the --export-marks option of fast-import is\nexposed also via the in-stream command feature export-marks=... and it\nallows overwriting arbitrary paths (bsc#1158785).\n\nFixed an issue where git send-email fails to authenticate with SMTP\nserver (bsc#1082023)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1082023\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1158785\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1158787\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1158788\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1158789\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1158790\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1158791\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1158792\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1158793\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1158795\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-1348/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-1349/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-1350/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-1351/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-1352/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-1353/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-1354/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-1387/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-19604/\");\n # https://www.suse.com/support/update/announcement/2019/suse-su-20193311-1/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?38eca510\");\n script_set_attribute(attribute:\"solution\", value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE OpenStack Cloud 8:zypper in -t patch\nSUSE-OpenStack-Cloud-8-2019-3311=1\n\nSUSE OpenStack Cloud 7:zypper in -t patch\nSUSE-OpenStack-Cloud-7-2019-3311=1\n\nSUSE Linux Enterprise Software Development Kit 12-SP5:zypper in -t\npatch SUSE-SLE-SDK-12-SP5-2019-3311=1\n\nSUSE Linux Enterprise Software Development Kit 12-SP4:zypper in -t\npatch SUSE-SLE-SDK-12-SP4-2019-3311=1\n\nSUSE Linux Enterprise Server for SAP 12-SP3:zypper in -t patch\nSUSE-SLE-SAP-12-SP3-2019-3311=1\n\nSUSE Linux Enterprise Server for SAP 12-SP2:zypper in -t patch\nSUSE-SLE-SAP-12-SP2-2019-3311=1\n\nSUSE Linux Enterprise Server 12-SP5:zypper in -t patch\nSUSE-SLE-SERVER-12-SP5-2019-3311=1\n\nSUSE Linux Enterprise Server 12-SP4:zypper in -t patch\nSUSE-SLE-SERVER-12-SP4-2019-3311=1\n\nSUSE Linux Enterprise Server 12-SP3-LTSS:zypper in -t patch\nSUSE-SLE-SERVER-12-SP3-2019-3311=1\n\nSUSE Linux Enterprise Server 12-SP3-BCL:zypper in -t patch\nSUSE-SLE-SERVER-12-SP3-BCL-2019-3311=1\n\nSUSE Linux Enterprise Server 12-SP2-LTSS:zypper in -t patch\nSUSE-SLE-SERVER-12-SP2-2019-3311=1\n\nSUSE Linux Enterprise Server 12-SP2-BCL:zypper in -t patch\nSUSE-SLE-SERVER-12-SP2-BCL-2019-3311=1\n\nSUSE Linux Enterprise Server 12-SP1-LTSS:zypper in -t patch\nSUSE-SLE-SERVER-12-SP1-2019-3311=1\n\nSUSE Enterprise Storage 5:zypper in -t patch\nSUSE-Storage-5-2019-3311=1\n\nSUSE CaaS Platform 3.0 :\n\nTo install this update, use the SUSE CaaS Platform Velum dashboard. It\nwill inform you if it detects new updates and let you then trigger\nupdating of the complete cluster in a controlled way.\n\nHPE Helion Openstack 8:zypper in -t patch\nHPE-Helion-OpenStack-8-2019-3311=1\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-19604\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2019-1353\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/12/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/12/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/12/17\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:git-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:git-core-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:git-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(1|2|3|4|5)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP1/2/3/4/5\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"git-core-2.12.3-27.22.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"git-core-debuginfo-2.12.3-27.22.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"git-debugsource-2.12.3-27.22.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"git-core-2.12.3-27.22.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"git-core-debuginfo-2.12.3-27.22.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"git-debugsource-2.12.3-27.22.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"git-core-2.12.3-27.22.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"git-core-debuginfo-2.12.3-27.22.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"git-debugsource-2.12.3-27.22.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"git-core-2.12.3-27.22.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"git-core-debuginfo-2.12.3-27.22.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"git-debugsource-2.12.3-27.22.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"git-core-2.12.3-27.22.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"git-core-debuginfo-2.12.3-27.22.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"git-debugsource-2.12.3-27.22.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"git\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-05-19T15:12:00", "description": "The remote host is affected by the vulnerability described in GLSA-202003-30 (Git: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in Git. Please review the CVE identifiers referenced below for details.\n Impact :\n\n An attacker could possibly overwrite arbitrary paths, execute arbitrary code, and overwrite files in the .git directory.\n Workaround :\n\n There is no known workaround at this time.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2020-03-16T00:00:00", "type": "nessus", "title": "GLSA-202003-30 : Git: Multiple vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1348", "CVE-2019-1349", "CVE-2019-1350", "CVE-2019-1351", "CVE-2019-1352", "CVE-2019-1353", "CVE-2019-1354", "CVE-2019-1387", "CVE-2019-19604"], "modified": "2022-05-18T00:00:00", "cpe": ["p-cpe:/a:gentoo:linux:git", "cpe:/o:gentoo:linux"], "id": "GENTOO_GLSA-202003-30.NASL", "href": "https://www.tenable.com/plugins/nessus/134607", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 202003-30.\n#\n# The advisory text is Copyright (C) 2001-2022 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(134607);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/18\");\n\n script_cve_id(\"CVE-2019-1348\", \"CVE-2019-1349\", \"CVE-2019-1350\", \"CVE-2019-1351\", \"CVE-2019-1352\", \"CVE-2019-1353\", \"CVE-2019-1354\", \"CVE-2019-1387\", \"CVE-2019-19604\");\n script_xref(name:\"GLSA\", value:\"202003-30\");\n\n script_name(english:\"GLSA-202003-30 : Git: Multiple vulnerabilities\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"The remote host is affected by the vulnerability described in GLSA-202003-30\n(Git: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in Git. Please review the\n CVE identifiers referenced below for details.\n \nImpact :\n\n An attacker could possibly overwrite arbitrary paths, execute arbitrary\n code, and overwrite files in the .git directory.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/202003-30\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"All Git 2.21.x users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=dev-vcs/git-2.21.1'\n All Git 2.23.x users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=dev-vcs/git-2.23.1-r1'\n All Git 2.24.x users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=dev-vcs/git-2.24.1'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-19604\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:git\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/12/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/03/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/03/16\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"dev-vcs/git\", unaffected:make_list(\"rge 2.21.1\", \"rge 2.23.1-r1\", \"rge 2.24.1\"), vulnerable:make_list(\"lt 2.24.1\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"Git\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-05-19T15:10:52", "description": "According to the versions of the git packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - A remote code execution vulnerability exists when Git for Visual Studio improperly sanitizes input, aka 'Git for Visual Studio Remote Code Execution Vulnerability'.\n This CVE ID is unique from CVE-2019-1349, CVE-2019-1350, CVE-2019-1352, CVE-2019-1387.(CVE-2019-1354)\n\n - A remote code execution vulnerability exists when Git for Visual Studio improperly sanitizes input, aka 'Git for Visual Studio Remote Code Execution Vulnerability'.\n This CVE ID is unique from CVE-2019-1349, CVE-2019-1350, CVE-2019-1354, CVE-2019-1387.(CVE-2019-1352)\n\n - A remote code execution vulnerability exists when Git for Visual Studio improperly sanitizes input, aka 'Git for Visual Studio Remote Code Execution Vulnerability'.\n This CVE ID is unique from CVE-2019-1350, CVE-2019-1352, CVE-2019-1354, CVE-2019-1387.(CVE-2019-1349)\n\n - An issue was found in Git before v2.24.1, v2.23.1, v2.22.2, v2.21.1, v2.20.2, v2.19.3, v2.18.2, v2.17.3, v2.16.6, v2.15.4, and v2.14.6. Recursive clones are currently affected by a vulnerability that is caused by too-lax validation of submodule names, allowing very targeted attacks via remote code execution in recursive clones.(CVE-2019-1387)\n\n - An issue was found in Git before v2.24.1, v2.23.1, v2.22.2, v2.21.1, v2.20.2, v2.19.3, v2.18.2, v2.17.3, v2.16.6, v2.15.4, and v2.14.6. The --export-marks option of git fast-import is exposed also via the in-stream command feature export-marks=... and it allows overwriting arbitrary paths.(CVE-2019-1348)\n\n - Arbitrary command execution is possible in Git before 2.20.2, 2.21.x before 2.21.1, 2.22.x before 2.22.2, 2.23.x before 2.23.1, and 2.24.x before 2.24.1 because a 'git submodule update' operation can run commands found in the .gitmodules file of a malicious repository.(CVE-2019-19604)\n\n - A remote code execution vulnerability exists when Git for Visual Studio improperly sanitizes input, aka 'Git for Visual Studio Remote Code Execution Vulnerability'.\n This CVE ID is unique from CVE-2019-1349, CVE-2019-1352, CVE-2019-1354, CVE-2019-1387.(CVE-2019-1350)\n\n - A tampering vulnerability exists when Git for Visual Studio improperly handles virtual drive paths, aka 'Git for Visual Studio Tampering Vulnerability'.(CVE-2019-1351)\n\n - An issue was found in Git before v2.24.1, v2.23.1, v2.22.2, v2.21.1, v2.20.2, v2.19.3, v2.18.2, v2.17.3, v2.16.6, v2.15.4, and v2.14.6. When running Git in the Windows Subsystem for Linux (also known as 'WSL') while accessing a working directory on a regular Windows drive, none of the NTFS protections were active.(CVE-2019-1353)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2020-02-24T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP5 : git (EulerOS-SA-2020-1101)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1348", "CVE-2019-1349", "CVE-2019-1350", "CVE-2019-1351", "CVE-2019-1352", "CVE-2019-1353", "CVE-2019-1354", "CVE-2019-1387", "CVE-2019-19604"], "modified": "2022-05-18T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:git", "p-cpe:/a:huawei:euleros:git-core", "p-cpe:/a:huawei:euleros:git-core-doc", "p-cpe:/a:huawei:euleros:perl-Git", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2020-1101.NASL", "href": "https://www.tenable.com/plugins/nessus/133902", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(133902);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/18\");\n\n script_cve_id(\n \"CVE-2019-1348\",\n \"CVE-2019-1349\",\n \"CVE-2019-1350\",\n \"CVE-2019-1351\",\n \"CVE-2019-1352\",\n \"CVE-2019-1353\",\n \"CVE-2019-1354\",\n \"CVE-2019-1387\",\n \"CVE-2019-19604\"\n );\n\n script_name(english:\"EulerOS 2.0 SP5 : git (EulerOS-SA-2020-1101)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the git packages installed, the EulerOS\ninstallation on the remote host is affected by the following\nvulnerabilities :\n\n - A remote code execution vulnerability exists when Git\n for Visual Studio improperly sanitizes input, aka 'Git\n for Visual Studio Remote Code Execution Vulnerability'.\n This CVE ID is unique from CVE-2019-1349,\n CVE-2019-1350, CVE-2019-1352,\n CVE-2019-1387.(CVE-2019-1354)\n\n - A remote code execution vulnerability exists when Git\n for Visual Studio improperly sanitizes input, aka 'Git\n for Visual Studio Remote Code Execution Vulnerability'.\n This CVE ID is unique from CVE-2019-1349,\n CVE-2019-1350, CVE-2019-1354,\n CVE-2019-1387.(CVE-2019-1352)\n\n - A remote code execution vulnerability exists when Git\n for Visual Studio improperly sanitizes input, aka 'Git\n for Visual Studio Remote Code Execution Vulnerability'.\n This CVE ID is unique from CVE-2019-1350,\n CVE-2019-1352, CVE-2019-1354,\n CVE-2019-1387.(CVE-2019-1349)\n\n - An issue was found in Git before v2.24.1, v2.23.1,\n v2.22.2, v2.21.1, v2.20.2, v2.19.3, v2.18.2, v2.17.3,\n v2.16.6, v2.15.4, and v2.14.6. Recursive clones are\n currently affected by a vulnerability that is caused by\n too-lax validation of submodule names, allowing very\n targeted attacks via remote code execution in recursive\n clones.(CVE-2019-1387)\n\n - An issue was found in Git before v2.24.1, v2.23.1,\n v2.22.2, v2.21.1, v2.20.2, v2.19.3, v2.18.2, v2.17.3,\n v2.16.6, v2.15.4, and v2.14.6. The --export-marks\n option of git fast-import is exposed also via the\n in-stream command feature export-marks=... and it\n allows overwriting arbitrary paths.(CVE-2019-1348)\n\n - Arbitrary command execution is possible in Git before\n 2.20.2, 2.21.x before 2.21.1, 2.22.x before 2.22.2,\n 2.23.x before 2.23.1, and 2.24.x before 2.24.1 because\n a 'git submodule update' operation can run commands\n found in the .gitmodules file of a malicious\n repository.(CVE-2019-19604)\n\n - A remote code execution vulnerability exists when Git\n for Visual Studio improperly sanitizes input, aka 'Git\n for Visual Studio Remote Code Execution Vulnerability'.\n This CVE ID is unique from CVE-2019-1349,\n CVE-2019-1352, CVE-2019-1354,\n CVE-2019-1387.(CVE-2019-1350)\n\n - A tampering vulnerability exists when Git for Visual\n Studio improperly handles virtual drive paths, aka 'Git\n for Visual Studio Tampering\n Vulnerability'.(CVE-2019-1351)\n\n - An issue was found in Git before v2.24.1, v2.23.1,\n v2.22.2, v2.21.1, v2.20.2, v2.19.3, v2.18.2, v2.17.3,\n v2.16.6, v2.15.4, and v2.14.6. When running Git in the\n Windows Subsystem for Linux (also known as 'WSL') while\n accessing a working directory on a regular Windows\n drive, none of the NTFS protections were\n active.(CVE-2019-1353)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-1101\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?ee0cf314\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected git packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-19604\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2019-1353\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/02/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/02/24\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:git\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:git-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:git-core-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:perl-Git\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(5)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP5\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP5\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"git-2.23.0-1.h4.eulerosv2r7\",\n \"git-core-2.23.0-1.h4.eulerosv2r7\",\n \"git-core-doc-2.23.0-1.h4.eulerosv2r7\",\n \"perl-Git-2.23.0-1.h4.eulerosv2r7\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"5\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"git\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-05-19T15:07:25", "description": "This update for git fixes the following issues :\n\nSecurity issues fixed :\n\n - CVE-2019-1349: Fixed issue on Windows, when submodules are cloned recursively, under certain circumstances Git could be fooled into using the same Git directory twice (bsc#1158787).\n\n - CVE-2019-19604: Fixed a recursive clone followed by a submodule update could execute code contained within the repository without the user explicitly having asked for that (bsc#1158795).\n\n - CVE-2019-1387: Fixed recursive clones that are currently affected by a vulnerability that is caused by too-lax validation of submodule names, allowing very targeted attacks via remote code execution in recursive clones (bsc#1158793).\n\n - CVE-2019-1354: Fixed issue on Windows that refuses to write tracked files with filenames that contain backslashes (bsc#1158792).\n\n - CVE-2019-1353: Fixed issue when run in the Windows Subsystem for Linux while accessing a working directory on a regular Windows drive, none of the NTFS protections were active (bsc#1158791).\n\n - CVE-2019-1352: Fixed issue on Windows was unaware of NTFS Alternate Data Streams (bsc#1158790).\n\n - CVE-2019-1351: Fixed issue on Windows mistakes drive letters outside of the US-English alphabet as relative paths (bsc#1158789).\n\n - CVE-2019-1350: Fixed incorrect quoting of command-line arguments allowed remote code execution during a recursive clone in conjunction with SSH URLs (bsc#1158788).\n\n - CVE-2019-1348: Fixed the --export-marks option of fast-import is exposed also via the in-stream command feature export-marks=... and it allows overwriting arbitrary paths (bsc#1158785).\n\n - Fixes an issue where git send-email failed to authenticate with SMTP server (bsc#1082023)\n\nBug fixes :\n\n - Add zlib dependency, which used to be provided by openssl-devel, so that package can compile successfully after openssl upgrade to 1.1.1. (bsc#1149792).\n\nThis update was imported from the SUSE:SLE-15:Update update project.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2020-01-30T00:00:00", "type": "nessus", "title": "openSUSE Security Update : git (openSUSE-2020-123)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1348", "CVE-2019-1349", "CVE-2019-1350", "CVE-2019-1351", "CVE-2019-1352", "CVE-2019-1353", "CVE-2019-1354", "CVE-2019-1387", "CVE-2019-19604"], "modified": "2022-05-18T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:git", "p-cpe:/a:novell:opensuse:git-arch", "p-cpe:/a:novell:opensuse:git-core", "p-cpe:/a:novell:opensuse:git-core-debuginfo", "p-cpe:/a:novell:opensuse:git-credential-gnome-keyring", "p-cpe:/a:novell:opensuse:git-credential-gnome-keyring-debuginfo", "p-cpe:/a:novell:opensuse:git-credential-libsecret", "p-cpe:/a:novell:opensuse:git-credential-libsecret-debuginfo", "p-cpe:/a:novell:opensuse:git-cvs", "p-cpe:/a:novell:opensuse:git-daemon", "p-cpe:/a:novell:opensuse:git-daemon-debuginfo", "p-cpe:/a:novell:opensuse:git-debuginfo", "p-cpe:/a:novell:opensuse:git-debugsource", "p-cpe:/a:novell:opensuse:git-email", "p-cpe:/a:novell:opensuse:git-gui", "p-cpe:/a:novell:opensuse:git-p4", "p-cpe:/a:novell:opensuse:git-svn", "p-cpe:/a:novell:opensuse:git-svn-debuginfo", "p-cpe:/a:novell:opensuse:git-web", "p-cpe:/a:novell:opensuse:gitk", "p-cpe:/a:novell:opensuse:perl-Authen-SASL", "p-cpe:/a:novell:opensuse:perl-Net-SMTP-SSL", "cpe:/o:novell:opensuse:15.1"], "id": "OPENSUSE-2020-123.NASL", "href": "https://www.tenable.com/plugins/nessus/133344", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2020-123.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(133344);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/18\");\n\n script_cve_id(\"CVE-2019-1348\", \"CVE-2019-1349\", \"CVE-2019-1350\", \"CVE-2019-1351\", \"CVE-2019-1352\", \"CVE-2019-1353\", \"CVE-2019-1354\", \"CVE-2019-1387\", \"CVE-2019-19604\");\n\n script_name(english:\"openSUSE Security Update : git (openSUSE-2020-123)\");\n script_summary(english:\"Check for the openSUSE-2020-123 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for git fixes the following issues :\n\nSecurity issues fixed :\n\n - CVE-2019-1349: Fixed issue on Windows, when submodules\n are cloned recursively, under certain circumstances Git\n could be fooled into using the same Git directory twice\n (bsc#1158787).\n\n - CVE-2019-19604: Fixed a recursive clone followed by a\n submodule update could execute code contained within the\n repository without the user explicitly having asked for\n that (bsc#1158795).\n\n - CVE-2019-1387: Fixed recursive clones that are currently\n affected by a vulnerability that is caused by too-lax\n validation of submodule names, allowing very targeted\n attacks via remote code execution in recursive clones\n (bsc#1158793).\n\n - CVE-2019-1354: Fixed issue on Windows that refuses to\n write tracked files with filenames that contain\n backslashes (bsc#1158792).\n\n - CVE-2019-1353: Fixed issue when run in the Windows\n Subsystem for Linux while accessing a working directory\n on a regular Windows drive, none of the NTFS protections\n were active (bsc#1158791).\n\n - CVE-2019-1352: Fixed issue on Windows was unaware of\n NTFS Alternate Data Streams (bsc#1158790).\n\n - CVE-2019-1351: Fixed issue on Windows mistakes drive\n letters outside of the US-English alphabet as relative\n paths (bsc#1158789).\n\n - CVE-2019-1350: Fixed incorrect quoting of command-line\n arguments allowed remote code execution during a\n recursive clone in conjunction with SSH URLs\n (bsc#1158788).\n\n - CVE-2019-1348: Fixed the --export-marks option of\n fast-import is exposed also via the in-stream command\n feature export-marks=... and it allows overwriting\n arbitrary paths (bsc#1158785).\n\n - Fixes an issue where git send-email failed to\n authenticate with SMTP server (bsc#1082023)\n\nBug fixes :\n\n - Add zlib dependency, which used to be provided by\n openssl-devel, so that package can compile successfully\n after openssl upgrade to 1.1.1. (bsc#1149792).\n\nThis update was imported from the SUSE:SLE-15:Update update project.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1082023\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1149792\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1158785\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1158787\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1158788\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1158789\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1158790\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1158791\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1158792\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1158793\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1158795\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected git packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-19604\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:git\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:git-arch\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:git-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:git-core-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:git-credential-gnome-keyring\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:git-credential-gnome-keyring-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:git-credential-libsecret\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:git-credential-libsecret-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:git-cvs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:git-daemon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:git-daemon-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:git-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:git-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:git-email\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:git-gui\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:git-p4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:git-svn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:git-svn-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:git-web\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:gitk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:perl-Authen-SASL\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:perl-Net-SMTP-SSL\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.1\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/12/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/01/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/01/30\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE15\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"15.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE15.1\", reference:\"git-2.16.4-lp151.4.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"git-arch-2.16.4-lp151.4.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"git-core-2.16.4-lp151.4.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"git-core-debuginfo-2.16.4-lp151.4.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"git-credential-gnome-keyring-2.16.4-lp151.4.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"git-credential-gnome-keyring-debuginfo-2.16.4-lp151.4.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"git-credential-libsecret-2.16.4-lp151.4.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"git-credential-libsecret-debuginfo-2.16.4-lp151.4.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"git-cvs-2.16.4-lp151.4.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"git-daemon-2.16.4-lp151.4.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"git-daemon-debuginfo-2.16.4-lp151.4.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"git-debuginfo-2.16.4-lp151.4.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"git-debugsource-2.16.4-lp151.4.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"git-email-2.16.4-lp151.4.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"git-gui-2.16.4-lp151.4.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"git-p4-2.16.4-lp151.4.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"git-svn-2.16.4-lp151.4.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"git-svn-debuginfo-2.16.4-lp151.4.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"git-web-2.16.4-lp151.4.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"gitk-2.16.4-lp151.4.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"perl-Authen-SASL-2.16-lp151.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"perl-Net-SMTP-SSL-1.04-lp151.3.3.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"git / git-arch / git-core / git-core-debuginfo / etc\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-05-19T15:08:16", "description": "This update for git fixes the following issues :\n\nSecurity issues fixed :\n\nCVE-2019-1349: Fixed issue on Windows, when submodules are cloned recursively, under certain circumstances Git could be fooled into using the same Git directory twice (bsc#1158787).\n\nCVE-2019-19604: Fixed a recursive clone followed by a submodule update could execute code contained within the repository without the user explicitly having asked for that (bsc#1158795).\n\nCVE-2019-1387: Fixed recursive clones that are currently affected by a vulnerability that is caused by too-lax validation of submodule names, allowing very targeted attacks via remote code execution in recursive clones (bsc#1158793).\n\nCVE-2019-1354: Fixed issue on Windows that refuses to write tracked files with filenames that contain backslashes (bsc#1158792).\n\nCVE-2019-1353: Fixed issue when run in the Windows Subsystem for Linux while accessing a working directory on a regular Windows drive, none of the NTFS protections were active (bsc#1158791).\n\nCVE-2019-1352: Fixed issue on Windows was unaware of NTFS Alternate Data Streams (bsc#1158790).\n\nCVE-2019-1351: Fixed issue on Windows mistakes drive letters outside of the US-English alphabet as relative paths (bsc#1158789).\n\nCVE-2019-1350: Fixed incorrect quoting of command-line arguments allowed remote code execution during a recursive clone in conjunction with SSH URLs (bsc#1158788).\n\nCVE-2019-1348: Fixed the --export-marks option of fast-import is exposed also via the in-stream command feature export-marks=... and it allows overwriting arbitrary paths (bsc#1158785).\n\nFixes an issue where git send-email failed to authenticate with SMTP server (bsc#1082023)\n\nBug fixes: Add zlib dependency, which used to be provided by openssl-devel, so that package can compile successfully after openssl upgrade to 1.1.1. (bsc#1149792).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2020-01-09T00:00:00", "type": "nessus", "title": "SUSE SLED15 / SLES15 Security Update : git (SUSE-SU-2020:0045-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1348", "CVE-2019-1349", "CVE-2019-1350", "CVE-2019-1351", "CVE-2019-1352", "CVE-2019-1353", "CVE-2019-1354", "CVE-2019-1387", "CVE-2019-19604"], "modified": "2022-05-18T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:git", "p-cpe:/a:novell:suse_linux:git-arch", "p-cpe:/a:novell:suse_linux:git-core", "p-cpe:/a:novell:suse_linux:git-core-debuginfo", "p-cpe:/a:novell:suse_linux:git-credential-gnome-keyring", "p-cpe:/a:novell:suse_linux:git-credential-gnome-keyring-debuginfo", "p-cpe:/a:novell:suse_linux:git-credential-libsecret", "p-cpe:/a:novell:suse_linux:git-credential-libsecret-debuginfo", "p-cpe:/a:novell:suse_linux:git-cvs", "p-cpe:/a:novell:suse_linux:git-daemon", "p-cpe:/a:novell:suse_linux:git-daemon-debuginfo", "p-cpe:/a:novell:suse_linux:git-debuginfo", "p-cpe:/a:novell:suse_linux:git-debugsource", "p-cpe:/a:novell:suse_linux:git-email", "p-cpe:/a:novell:suse_linux:git-gui", "p-cpe:/a:novell:suse_linux:git-p4", "p-cpe:/a:novell:suse_linux:git-svn", "p-cpe:/a:novell:suse_linux:git-svn-debuginfo", "p-cpe:/a:novell:suse_linux:git-web", "p-cpe:/a:novell:suse_linux:gitk", "cpe:/o:novell:suse_linux:15"], "id": "SUSE_SU-2020-0045-1.NASL", "href": "https://www.tenable.com/plugins/nessus/132745", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2020:0045-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(132745);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/18\");\n\n script_cve_id(\n \"CVE-2019-1348\",\n \"CVE-2019-1349\",\n \"CVE-2019-1350\",\n \"CVE-2019-1351\",\n \"CVE-2019-1352\",\n \"CVE-2019-1353\",\n \"CVE-2019-1354\",\n \"CVE-2019-1387\",\n \"CVE-2019-19604\"\n );\n\n script_name(english:\"SUSE SLED15 / SLES15 Security Update : git (SUSE-SU-2020:0045-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"This update for git fixes the following issues :\n\nSecurity issues fixed :\n\nCVE-2019-1349: Fixed issue on Windows, when submodules are cloned\nrecursively, under certain circumstances Git could be fooled into\nusing the same Git directory twice (bsc#1158787).\n\nCVE-2019-19604: Fixed a recursive clone followed by a submodule update\ncould execute code contained within the repository without the user\nexplicitly having asked for that (bsc#1158795).\n\nCVE-2019-1387: Fixed recursive clones that are currently affected by a\nvulnerability that is caused by too-lax validation of submodule names,\nallowing very targeted attacks via remote code execution in recursive\nclones (bsc#1158793).\n\nCVE-2019-1354: Fixed issue on Windows that refuses to write tracked\nfiles with filenames that contain backslashes (bsc#1158792).\n\nCVE-2019-1353: Fixed issue when run in the Windows Subsystem for Linux\nwhile accessing a working directory on a regular Windows drive, none\nof the NTFS protections were active (bsc#1158791).\n\nCVE-2019-1352: Fixed issue on Windows was unaware of NTFS Alternate\nData Streams (bsc#1158790).\n\nCVE-2019-1351: Fixed issue on Windows mistakes drive letters outside\nof the US-English alphabet as relative paths (bsc#1158789).\n\nCVE-2019-1350: Fixed incorrect quoting of command-line arguments\nallowed remote code execution during a recursive clone in conjunction\nwith SSH URLs (bsc#1158788).\n\nCVE-2019-1348: Fixed the --export-marks option of fast-import is\nexposed also via the in-stream command feature export-marks=... and it\nallows overwriting arbitrary paths (bsc#1158785).\n\nFixes an issue where git send-email failed to authenticate with SMTP\nserver (bsc#1082023)\n\nBug fixes: Add zlib dependency, which used to be provided by\nopenssl-devel, so that package can compile successfully after openssl\nupgrade to 1.1.1. (bsc#1149792).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1082023\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1149792\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1158785\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1158787\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1158788\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1158789\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1158790\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1158791\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1158792\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1158793\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1158795\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-1348/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-1349/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-1350/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-1351/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-1352/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-1353/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-1354/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-1387/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-19604/\");\n # https://www.suse.com/support/update/announcement/2020/suse-su-20200045-1/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?e867966f\");\n script_set_attribute(attribute:\"solution\", value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Module for Open Buildservice Development Tools\n15-SP1:zypper in -t patch\nSUSE-SLE-Module-Development-Tools-OBS-15-SP1-2020-45=1\n\nSUSE Linux Enterprise Module for Open Buildservice Development Tools\n15:zypper in -t patch\nSUSE-SLE-Module-Development-Tools-OBS-15-2020-45=1\n\nSUSE Linux Enterprise Module for Development Tools 15-SP1:zypper in -t\npatch SUSE-SLE-Module-Development-Tools-15-SP1-2020-45=1\n\nSUSE Linux Enterprise Module for Development Tools 15:zypper in -t\npatch SUSE-SLE-Module-Development-Tools-15-2020-45=1\n\nSUSE Linux Enterprise Module for Basesystem 15-SP1:zypper in -t patch\nSUSE-SLE-Module-Basesystem-15-SP1-2020-45=1\n\nSUSE Linux Enterprise Module for Basesystem 15:zypper in -t patch\nSUSE-SLE-Module-Basesystem-15-2020-45=1\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-19604\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2019-1353\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/12/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/01/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/01/09\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:git\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:git-arch\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:git-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:git-core-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:git-credential-gnome-keyring\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:git-credential-gnome-keyring-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:git-credential-libsecret\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:git-credential-libsecret-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:git-cvs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:git-daemon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:git-daemon-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:git-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:git-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:git-email\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:git-gui\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:git-p4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:git-svn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:git-svn-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:git-web\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:gitk\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED15|SLES15)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED15 / SLES15\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(0|1)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES15 SP0/1\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED15\" && (! preg(pattern:\"^(0|1)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED15 SP0/1\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"git-2.16.4-3.17.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"git-arch-2.16.4-3.17.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"git-core-2.16.4-3.17.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"git-core-debuginfo-2.16.4-3.17.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"git-credential-gnome-keyring-2.16.4-3.17.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"git-credential-gnome-keyring-debuginfo-2.16.4-3.17.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"git-credential-libsecret-2.16.4-3.17.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"git-credential-libsecret-debuginfo-2.16.4-3.17.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"git-cvs-2.16.4-3.17.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"git-daemon-2.16.4-3.17.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"git-daemon-debuginfo-2.16.4-3.17.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"git-debuginfo-2.16.4-3.17.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"git-debugsource-2.16.4-3.17.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"git-email-2.16.4-3.17.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"git-gui-2.16.4-3.17.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"git-p4-2.16.4-3.17.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"git-svn-2.16.4-3.17.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"git-svn-debuginfo-2.16.4-3.17.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"git-web-2.16.4-3.17.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"gitk-2.16.4-3.17.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"git-2.16.4-3.17.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"git-arch-2.16.4-3.17.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"git-core-2.16.4-3.17.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"git-core-debuginfo-2.16.4-3.17.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"git-credential-gnome-keyring-2.16.4-3.17.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"git-credential-gnome-keyring-debuginfo-2.16.4-3.17.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"git-credential-libsecret-2.16.4-3.17.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"git-credential-libsecret-debuginfo-2.16.4-3.17.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"git-cvs-2.16.4-3.17.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"git-daemon-2.16.4-3.17.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"git-daemon-debuginfo-2.16.4-3.17.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"git-debuginfo-2.16.4-3.17.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"git-debugsource-2.16.4-3.17.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"git-email-2.16.4-3.17.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"git-gui-2.16.4-3.17.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"git-p4-2.16.4-3.17.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"git-svn-2.16.4-3.17.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"git-svn-debuginfo-2.16.4-3.17.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"git-web-2.16.4-3.17.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"gitk-2.16.4-3.17.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"git-2.16.4-3.17.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"git-arch-2.16.4-3.17.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"git-core-2.16.4-3.17.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"git-core-debuginfo-2.16.4-3.17.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"git-credential-gnome-keyring-2.16.4-3.17.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"git-credential-gnome-keyring-debuginfo-2.16.4-3.17.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"git-credential-libsecret-2.16.4-3.17.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"git-credential-libsecret-debuginfo-2.16.4-3.17.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"git-cvs-2.16.4-3.17.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"git-daemon-2.16.4-3.17.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"git-daemon-debuginfo-2.16.4-3.17.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"git-debuginfo-2.16.4-3.17.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"git-debugsource-2.16.4-3.17.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"git-email-2.16.4-3.17.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"git-gui-2.16.4-3.17.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"git-p4-2.16.4-3.17.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"git-svn-2.16.4-3.17.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"git-svn-debuginfo-2.16.4-3.17.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"git-web-2.16.4-3.17.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"gitk-2.16.4-3.17.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"git-2.16.4-3.17.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"git-arch-2.16.4-3.17.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"git-core-2.16.4-3.17.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"git-core-debuginfo-2.16.4-3.17.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"git-credential-gnome-keyring-2.16.4-3.17.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"git-credential-gnome-keyring-debuginfo-2.16.4-3.17.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"git-credential-libsecret-2.16.4-3.17.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"git-credential-libsecret-debuginfo-2.16.4-3.17.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"git-cvs-2.16.4-3.17.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"git-daemon-2.16.4-3.17.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"git-daemon-debuginfo-2.16.4-3.17.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"git-debuginfo-2.16.4-3.17.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"git-debugsource-2.16.4-3.17.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"git-email-2.16.4-3.17.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"git-gui-2.16.4-3.17.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"git-p4-2.16.4-3.17.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"git-svn-2.16.4-3.17.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"git-svn-debuginfo-2.16.4-3.17.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"git-web-2.16.4-3.17.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"gitk-2.16.4-3.17.2\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"git\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-05-19T15:09:46", "description": "According to the versions of the git packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - An issue was found in Git before v2.24.1, v2.23.1, v2.22.2, v2.21.1, v2.20.2, v2.19.3, v2.18.2, v2.17.3, v2.16.6, v2.15.4, and v2.14.6. The --export-marks option of git fast-import is exposed also via the in-stream command feature export-marks=... and it allows overwriting arbitrary paths.(CVE-2019-1348)\n\n - A remote code execution vulnerability exists when Git for Visual Studio improperly sanitizes input, aka 'Git for Visual Studio Remote Code Execution Vulnerability'.\n This CVE ID is unique from CVE-2019-1350, CVE-2019-1352, CVE-2019-1354, CVE-2019-1387.(CVE-2019-1349)\n\n - A remote code execution vulnerability exists when Git for Visual Studio improperly sanitizes input, aka 'Git for Visual Studio Remote Code Execution Vulnerability'.\n This CVE ID is unique from CVE-2019-1349, CVE-2019-1352, CVE-2019-1354, CVE-2019-1387.(CVE-2019-1350)\n\n - A tampering vulnerability exists when Git for Visual Studio improperly handles virtual drive paths, aka 'Git for Visual Studio Tampering Vulnerability'.(CVE-2019-1351)\n\n - A remote code execution vulnerability exists when Git for Visual Studio improperly sanitizes input, aka 'Git for Visual Studio Remote Code Execution Vulnerability'.\n This CVE ID is unique from CVE-2019-1349, CVE-2019-1350, CVE-2019-1354, CVE-2019-1387.(CVE-2019-1352)\n\n - An issue was found in Git before v2.24.1, v2.23.1, v2.22.2, v2.21.1, v2.20.2, v2.19.3, v2.18.2, v2.17.3, v2.16.6, v2.15.4, and v2.14.6. When running Git in the Windows Subsystem for Linux (also known as 'WSL') while accessing a working directory on a regular Windows drive, none of the NTFS protections were active.(CVE-2019-1353)\n\n - A remote code execution vulnerability exists when Git for Visual Studio improperly sanitizes input, aka 'Git for Visual Studio Remote Code Execution Vulnerability'.\n This CVE ID is unique from CVE-2019-1349, CVE-2019-1350, CVE-2019-1352, CVE-2019-1387.(CVE-2019-1354)\n\n - An issue was found in Git before v2.24.1, v2.23.1, v2.22.2, v2.21.1, v2.20.2, v2.19.3, v2.18.2, v2.17.3, v2.16.6, v2.15.4, and v2.14.6. Recursive clones are currently affected by a vulnerability that is caused by too-lax validation of submodule names, allowing very targeted attacks via remote code execution in recursive clones.(CVE-2019-1387)\n\n - Arbitrary command execution is possible in Git before 2.20.2, 2.21.x before 2.21.1, 2.22.x before 2.22.2, 2.23.x before 2.23.1, and 2.24.x before 2.24.1 because a 'git submodule update' operation can run commands found in the .gitmodules file of a malicious repository.(CVE-2019-19604)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2020-02-25T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP8 : git (EulerOS-SA-2020-1151)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1348", "CVE-2019-1349", "CVE-2019-1350", "CVE-2019-1351", "CVE-2019-1352", "CVE-2019-1353", "CVE-2019-1354", "CVE-2019-1387", "CVE-2019-19604"], "modified": "2022-05-18T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:git", "p-cpe:/a:huawei:euleros:git-core", "p-cpe:/a:huawei:euleros:git-core-doc", "p-cpe:/a:huawei:euleros:perl-Git", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2020-1151.NASL", "href": "https://www.tenable.com/plugins/nessus/133985", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(133985);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/18\");\n\n script_cve_id(\n \"CVE-2019-1348\",\n \"CVE-2019-1349\",\n \"CVE-2019-1350\",\n \"CVE-2019-1351\",\n \"CVE-2019-1352\",\n \"CVE-2019-1353\",\n \"CVE-2019-1354\",\n \"CVE-2019-1387\",\n \"CVE-2019-19604\"\n );\n\n script_name(english:\"EulerOS 2.0 SP8 : git (EulerOS-SA-2020-1151)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the git packages installed, the EulerOS\ninstallation on the remote host is affected by the following\nvulnerabilities :\n\n - An issue was found in Git before v2.24.1, v2.23.1,\n v2.22.2, v2.21.1, v2.20.2, v2.19.3, v2.18.2, v2.17.3,\n v2.16.6, v2.15.4, and v2.14.6. The --export-marks\n option of git fast-import is exposed also via the\n in-stream command feature export-marks=... and it\n allows overwriting arbitrary paths.(CVE-2019-1348)\n\n - A remote code execution vulnerability exists when Git\n for Visual Studio improperly sanitizes input, aka 'Git\n for Visual Studio Remote Code Execution Vulnerability'.\n This CVE ID is unique from CVE-2019-1350,\n CVE-2019-1352, CVE-2019-1354,\n CVE-2019-1387.(CVE-2019-1349)\n\n - A remote code execution vulnerability exists when Git\n for Visual Studio improperly sanitizes input, aka 'Git\n for Visual Studio Remote Code Execution Vulnerability'.\n This CVE ID is unique from CVE-2019-1349,\n CVE-2019-1352, CVE-2019-1354,\n CVE-2019-1387.(CVE-2019-1350)\n\n - A tampering vulnerability exists when Git for Visual\n Studio improperly handles virtual drive paths, aka 'Git\n for Visual Studio Tampering\n Vulnerability'.(CVE-2019-1351)\n\n - A remote code execution vulnerability exists when Git\n for Visual Studio improperly sanitizes input, aka 'Git\n for Visual Studio Remote Code Execution Vulnerability'.\n This CVE ID is unique from CVE-2019-1349,\n CVE-2019-1350, CVE-2019-1354,\n CVE-2019-1387.(CVE-2019-1352)\n\n - An issue was found in Git before v2.24.1, v2.23.1,\n v2.22.2, v2.21.1, v2.20.2, v2.19.3, v2.18.2, v2.17.3,\n v2.16.6, v2.15.4, and v2.14.6. When running Git in the\n Windows Subsystem for Linux (also known as 'WSL') while\n accessing a working directory on a regular Windows\n drive, none of the NTFS protections were\n active.(CVE-2019-1353)\n\n - A remote code execution vulnerability exists when Git\n for Visual Studio improperly sanitizes input, aka 'Git\n for Visual Studio Remote Code Execution Vulnerability'.\n This CVE ID is unique from CVE-2019-1349,\n CVE-2019-1350, CVE-2019-1352,\n CVE-2019-1387.(CVE-2019-1354)\n\n - An issue was found in Git before v2.24.1, v2.23.1,\n v2.22.2, v2.21.1, v2.20.2, v2.19.3, v2.18.2, v2.17.3,\n v2.16.6, v2.15.4, and v2.14.6. Recursive clones are\n currently affected by a vulnerability that is caused by\n too-lax validation of submodule names, allowing very\n targeted attacks via remote code execution in recursive\n clones.(CVE-2019-1387)\n\n - Arbitrary command execution is possible in Git before\n 2.20.2, 2.21.x before 2.21.1, 2.22.x before 2.22.2,\n 2.23.x before 2.23.1, and 2.24.x before 2.24.1 because\n a 'git submodule update' operation can run commands\n found in the .gitmodules file of a malicious\n repository.(CVE-2019-19604)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-1151\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?6f8a663c\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected git packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-19604\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2019-1353\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/02/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/02/25\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:git\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:git-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:git-core-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:perl-Git\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(8)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP8\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP8\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nflag = 0;\n\npkgs = [\"git-2.19.1-1.h5.eulerosv2r8\",\n \"git-core-2.19.1-1.h5.eulerosv2r8\",\n \"git-core-doc-2.19.1-1.h5.eulerosv2r8\",\n \"perl-Git-2.19.1-1.h5.eulerosv2r8\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"8\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"git\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-05-19T15:08:49", "description": "Per the upstream release announcement¹, this release fixes 'various security flaws, which allowed an attacker to overwrite arbitrary paths, remotely execute code, and/or overwrite files in the .git/ directory etc. See the release notes attached for the list for their descriptions and CVE identifiers.'\n\nRefer to the 2.14.6 release notes² for details on these vulnerabilities.\n\n¹\nhttps://lore.kernel.org/git/xmqqr21cqcn9.fsf@gitster-ct.c.googlers.com / ²\nhttps://www.kernel.org/pub/software/scm/git/docs/RelNotes/2.14.6.txt\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2020-01-06T00:00:00", "type": "nessus", "title": "Fedora 30 : git (2019-1cec196e20)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1348", "CVE-2019-1349", "CVE-2019-1350", "CVE-2019-1351", "CVE-2019-1352", "CVE-2019-1353", "CVE-2019-1354", "CVE-2019-1387", "CVE-2019-19604"], "modified": "2022-05-18T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:git", "cpe:/o:fedoraproject:fedora:30"], "id": "FEDORA_2019-1CEC196E20.NASL", "href": "https://www.tenable.com/plugins/nessus/132639", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2019-1cec196e20.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(132639);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/18\");\n\n script_cve_id(\"CVE-2019-1348\", \"CVE-2019-1349\", \"CVE-2019-1350\", \"CVE-2019-1351\", \"CVE-2019-1352\", \"CVE-2019-1353\", \"CVE-2019-1354\", \"CVE-2019-1387\", \"CVE-2019-19604\");\n script_xref(name:\"FEDORA\", value:\"2019-1cec196e20\");\n\n script_name(english:\"Fedora 30 : git (2019-1cec196e20)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Per the upstream release announcement¹, this release fixes\n'various security flaws, which allowed an attacker to overwrite\narbitrary paths, remotely execute code, and/or overwrite files in the\n.git/ directory etc. See the release notes attached for the list for\ntheir descriptions and CVE identifiers.'\n\nRefer to the 2.14.6 release notes² for details on these\nvulnerabilities.\n\n¹\nhttps://lore.kernel.org/git/xmqqr21cqcn9.fsf@gitster-ct.c.googlers.com\n/ ²\nhttps://www.kernel.org/pub/software/scm/git/docs/RelNotes/2.14.6.txt\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2019-1cec196e20\"\n );\n # https://lore.kernel.org/git/xmqqr21cqcn9.fsf@gitster-ct.c.googlers.com/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?d05d9ca8\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected git package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-19604\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:git\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:30\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/12/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/01/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/01/06\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^30([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 30\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC30\", reference:\"git-2.21.1-1.fc30\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"git\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-05-15T13:47:26", "description": "According to the versions of the git packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities :\n\n - Arbitrary command execution is possible in Git before 2.20.2, 2.21.x before 2.21.1, 2.22.x before 2.22.2, 2.23.x before 2.23.1, and 2.24.x before 2.24.1 because a 'git submodule update' operation can run commands found in the .gitmodules file of a malicious repository.(CVE-2019-19604)\n\n - An issue was found in Git before v2.24.1, v2.23.1, v2.22.2, v2.21.1, v2.20.2, v2.19.3, v2.18.2, v2.17.3, v2.16.6, v2.15.4, and v2.14.6. Recursive clones are currently affected by a vulnerability that is caused by too-lax validation of submodule names, allowing very targeted attacks via remote code execution in recursive clones.(CVE-2019-1387)\n\n - A remote code execution vulnerability exists when Git for Visual Studio improperly sanitizes input, aka 'Git for Visual Studio Remote Code Execution Vulnerability'.\n This CVE ID is unique from CVE-2019-1349, CVE-2019-1350, CVE-2019-1352, CVE-2019-1387.(CVE-2019-1354)\n\n - An issue was found in Git before v2.24.1, v2.23.1, v2.22.2, v2.21.1, v2.20.2, v2.19.3, v2.18.2, v2.17.3, v2.16.6, v2.15.4, and v2.14.6. When running Git in the Windows Subsystem for Linux (also known as 'WSL') while accessing a working directory on a regular Windows drive, none of the NTFS protections were active.(CVE-2019-1353)\n\n - A remote code execution vulnerability exists when Git for Visual Studio improperly sanitizes input, aka 'Git for Visual Studio Remote Code Execution Vulnerability'.\n This CVE ID is unique from CVE-2019-1349, CVE-2019-1350, CVE-2019-1354, CVE-2019-1387.(CVE-2019-1352)\n\n - A tampering vulnerability exists when Git for Visual Studio improperly handles virtual drive paths, aka 'Git for Visual Studio Tampering Vulnerability'.(CVE-2019-1351)\n\n - A remote code execution vulnerability exists when Git for Visual Studio improperly sanitizes input, aka 'Git for Visual Studio Remote Code Execution Vulnerability'.\n This CVE ID is unique from CVE-2019-1349, CVE-2019-1352, CVE-2019-1354, CVE-2019-1387.(CVE-2019-1350)\n\n - A remote code execution vulnerability exists when Git for Visual Studio improperly sanitizes input, aka 'Git for Visual Studio Remote Code Execution Vulnerability'.\n This CVE ID is unique from CVE-2019-1350, CVE-2019-1352, CVE-2019-1354, CVE-2019-1387.(CVE-2019-1349)\n\n - An issue was found in Git before v2.24.1, v2.23.1, v2.22.2, v2.21.1, v2.20.2, v2.19.3, v2.18.2, v2.17.3, v2.16.6, v2.15.4, and v2.14.6. The --export-marks option of git fast-import is exposed also via the in-stream command feature export-marks=... and it allows overwriting arbitrary paths.(CVE-2019-1348)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2020-04-02T00:00:00", "type": "nessus", "title": "EulerOS Virtualization for ARM 64 3.0.6.0 : git (EulerOS-SA-2020-1361)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1348", "CVE-2019-1349", "CVE-2019-1350", "CVE-2019-1351", "CVE-2019-1352", "CVE-2019-1353", "CVE-2019-1354", "CVE-2019-1387", "CVE-2019-19604"], "modified": "2022-05-13T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:git", "p-cpe:/a:huawei:euleros:git-core", "p-cpe:/a:huawei:euleros:git-core-doc", "p-cpe:/a:huawei:euleros:perl-Git", "cpe:/o:huawei:euleros:uvp:3.0.6.0"], "id": "EULEROS_SA-2020-1361.NASL", "href": "https://www.tenable.com/plugins/nessus/135148", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(135148);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/13\");\n\n script_cve_id(\n \"CVE-2019-1348\",\n \"CVE-2019-1349\",\n \"CVE-2019-1350\",\n \"CVE-2019-1351\",\n \"CVE-2019-1352\",\n \"CVE-2019-1353\",\n \"CVE-2019-1354\",\n \"CVE-2019-1387\",\n \"CVE-2019-19604\"\n );\n\n script_name(english:\"EulerOS Virtualization for ARM 64 3.0.6.0 : git (EulerOS-SA-2020-1361)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization for ARM 64 host is missing multiple security\nupdates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the git packages installed, the EulerOS\nVirtualization for ARM 64 installation on the remote host is affected\nby the following vulnerabilities :\n\n - Arbitrary command execution is possible in Git before\n 2.20.2, 2.21.x before 2.21.1, 2.22.x before 2.22.2,\n 2.23.x before 2.23.1, and 2.24.x before 2.24.1 because\n a 'git submodule update' operation can run commands\n found in the .gitmodules file of a malicious\n repository.(CVE-2019-19604)\n\n - An issue was found in Git before v2.24.1, v2.23.1,\n v2.22.2, v2.21.1, v2.20.2, v2.19.3, v2.18.2, v2.17.3,\n v2.16.6, v2.15.4, and v2.14.6. Recursive clones are\n currently affected by a vulnerability that is caused by\n too-lax validation of submodule names, allowing very\n targeted attacks via remote code execution in recursive\n clones.(CVE-2019-1387)\n\n - A remote code execution vulnerability exists when Git\n for Visual Studio improperly sanitizes input, aka 'Git\n for Visual Studio Remote Code Execution Vulnerability'.\n This CVE ID is unique from CVE-2019-1349,\n CVE-2019-1350, CVE-2019-1352,\n CVE-2019-1387.(CVE-2019-1354)\n\n - An issue was found in Git before v2.24.1, v2.23.1,\n v2.22.2, v2.21.1, v2.20.2, v2.19.3, v2.18.2, v2.17.3,\n v2.16.6, v2.15.4, and v2.14.6. When running Git in the\n Windows Subsystem for Linux (also known as 'WSL') while\n accessing a working directory on a regular Windows\n drive, none of the NTFS protections were\n active.(CVE-2019-1353)\n\n - A remote code execution vulnerability exists when Git\n for Visual Studio improperly sanitizes input, aka 'Git\n for Visual Studio Remote Code Execution Vulnerability'.\n This CVE ID is unique from CVE-2019-1349,\n CVE-2019-1350, CVE-2019-1354,\n CVE-2019-1387.(CVE-2019-1352)\n\n - A tampering vulnerability exists when Git for Visual\n Studio improperly handles virtual drive paths, aka 'Git\n for Visual Studio Tampering\n Vulnerability'.(CVE-2019-1351)\n\n - A remote code execution vulnerability exists when Git\n for Visual Studio improperly sanitizes input, aka 'Git\n for Visual Studio Remote Code Execution Vulnerability'.\n This CVE ID is unique from CVE-2019-1349,\n CVE-2019-1352, CVE-2019-1354,\n CVE-2019-1387.(CVE-2019-1350)\n\n - A remote code execution vulnerability exists when Git\n for Visual Studio improperly sanitizes input, aka 'Git\n for Visual Studio Remote Code Execution Vulnerability'.\n This CVE ID is unique from CVE-2019-1350,\n CVE-2019-1352, CVE-2019-1354,\n CVE-2019-1387.(CVE-2019-1349)\n\n - An issue was found in Git before v2.24.1, v2.23.1,\n v2.22.2, v2.21.1, v2.20.2, v2.19.3, v2.18.2, v2.17.3,\n v2.16.6, v2.15.4, and v2.14.6. The --export-marks\n option of git fast-import is exposed also via the\n in-stream command feature export-marks=... and it\n allows overwriting arbitrary paths.(CVE-2019-1348)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-1361\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?9b0c1065\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected git packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-19604\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2019-1353\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/04/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/04/02\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:git\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:git-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:git-core-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:perl-Git\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:3.0.6.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"3.0.6.0\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 3.0.6.0\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nflag = 0;\n\npkgs = [\"git-2.19.1-1.h5.eulerosv2r8\",\n \"git-core-2.19.1-1.h5.eulerosv2r8\",\n \"git-core-doc-2.19.1-1.h5.eulerosv2r8\",\n \"perl-Git-2.19.1-1.h5.eulerosv2r8\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"git\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-05-19T17:17:28", "description": "This is a security release fixing the following issues :\n\n - CVE-2019-1348: the fast-import stream command 'feature export-marks=path' allows writing to arbitrary file paths. As libgit2 does not offer any interface for fast-import, it is not susceptible to this vulnerability.\n\n - CVE-2019-1349: by using NTFS 8.3 short names, backslashes or alternate filesystreams, it is possible to cause submodules to be written into pre-existing directories during a recursive clone using git. As libgit2 rejects cloning into non-empty directories by default, it is not susceptible to this vulnerability.\n\n - CVE-2019-1350: recursive clones may lead to arbitrary remote code executing due to improper quoting of command line arguments. As libgit2 uses libssh2, which does not require us to perform command line parsing, it is not susceptible to this vulnerability.\n\n - CVE-2019-1351: Windows provides the ability to substitute drive letters with arbitrary letters, including multi-byte Unicode letters. To fix any potential issues arising from interpreting such paths as relative paths, we have extended detection of DOS drive prefixes to accomodate for such cases.\n\n - CVE-2019-1352: by using NTFS-style alternative file streams for the '.git' directory, it is possible to overwrite parts of the repository. While this has been fixed in the past for Windows, the same vulnerability may also exist on other systems that write to NTFS filesystems. We now reject any paths starting with '.git:' on all systems.\n\n - CVE-2019-1353: by using NTFS-style 8.3 short names, it was possible to write to the '.git' directory and thus overwrite parts of the repository, leading to possible remote code execution. While this problem was already fixed in the past for Windows, other systems accessing NTFS filesystems are vulnerable to this issue too. We now enable NTFS protecions by default on all systems to fix this attack vector.\n\n - CVE-2019-1354: on Windows, backslashes are not a valid part of a filename but are instead interpreted as directory separators. As other platforms allowed to use such paths, it was possible to write such invalid entries into a Git repository and was thus an attack vector to write into the '.git' dierctory. We now reject any entries starting with '.git' on all systems.\n\n - CVE-2019-1387: it is possible to let a submodule's git directory point into a sibling's submodule directory, which may result in overwriting parts of the Git repository and thus lead to arbitrary command execution.\n As libgit2 doesn't provide any way to do submodule clones natively, it is not susceptible to this vulnerability. Users of libgit2 that have implemented recursive submodule clones manually are encouraged to review their implementation for this vulnerability.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2019-12-17T00:00:00", "type": "nessus", "title": "Fedora 31 : libgit2 (2019-9c3d054f39)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1348", "CVE-2019-1349", "CVE-2019-1350", "CVE-2019-1351", "CVE-2019-1352", "CVE-2019-1353", "CVE-2019-1354", "CVE-2019-1387"], "modified": "2022-05-18T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:libgit2", "cpe:/o:fedoraproject:fedora:31"], "id": "FEDORA_2019-9C3D054F39.NASL", "href": "https://www.tenable.com/plugins/nessus/132084", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2019-9c3d054f39.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(132084);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/18\");\n\n script_cve_id(\"CVE-2019-1348\", \"CVE-2019-1349\", \"CVE-2019-1350\", \"CVE-2019-1351\", \"CVE-2019-1352\", \"CVE-2019-1353\", \"CVE-2019-1354\", \"CVE-2019-1387\");\n script_xref(name:\"FEDORA\", value:\"2019-9c3d054f39\");\n\n script_name(english:\"Fedora 31 : libgit2 (2019-9c3d054f39)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This is a security release fixing the following issues :\n\n - CVE-2019-1348: the fast-import stream command 'feature\n export-marks=path' allows writing to arbitrary file\n paths. As libgit2 does not offer any interface for\n fast-import, it is not susceptible to this\n vulnerability.\n\n - CVE-2019-1349: by using NTFS 8.3 short names,\n backslashes or alternate filesystreams, it is possible\n to cause submodules to be written into pre-existing\n directories during a recursive clone using git. As\n libgit2 rejects cloning into non-empty directories by\n default, it is not susceptible to this vulnerability.\n\n - CVE-2019-1350: recursive clones may lead to arbitrary\n remote code executing due to improper quoting of command\n line arguments. As libgit2 uses libssh2, which does not\n require us to perform command line parsing, it is not\n susceptible to this vulnerability.\n\n - CVE-2019-1351: Windows provides the ability to\n substitute drive letters with arbitrary letters,\n including multi-byte Unicode letters. To fix any\n potential issues arising from interpreting such paths as\n relative paths, we have extended detection of DOS drive\n prefixes to accomodate for such cases.\n\n - CVE-2019-1352: by using NTFS-style alternative file\n streams for the '.git' directory, it is possible to\n overwrite parts of the repository. While this has been\n fixed in the past for Windows, the same vulnerability\n may also exist on other systems that write to NTFS\n filesystems. We now reject any paths starting with\n '.git:' on all systems.\n\n - CVE-2019-1353: by using NTFS-style 8.3 short names, it\n was possible to write to the '.git' directory and thus\n overwrite parts of the repository, leading to possible\n remote code execution. While this problem was already\n fixed in the past for Windows, other systems accessing\n NTFS filesystems are vulnerable to this issue too. We\n now enable NTFS protecions by default on all systems to\n fix this attack vector.\n\n - CVE-2019-1354: on Windows, backslashes are not a valid\n part of a filename but are instead interpreted as\n directory separators. As other platforms allowed to use\n such paths, it was possible to write such invalid\n entries into a Git repository and was thus an attack\n vector to write into the '.git' dierctory. We now reject\n any entries starting with '.git' on all systems.\n\n - CVE-2019-1387: it is possible to let a submodule's git\n directory point into a sibling's submodule directory,\n which may result in overwriting parts of the Git\n repository and thus lead to arbitrary command execution.\n As libgit2 doesn't provide any way to do submodule\n clones natively, it is not susceptible to this\n vulnerability. Users of libgit2 that have implemented\n recursive submodule clones manually are encouraged to\n review their implementation for this vulnerability.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2019-9c3d054f39\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Update the affected libgit2 package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-1354\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:libgit2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:31\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/12/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/12/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/12/17\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^31([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 31\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC31\", reference:\"libgit2-0.28.4-1.fc31\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libgit2\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-05-15T13:45:44", "description": "According to the versions of the git packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities :\n\n - Arbitrary command execution is possible in Git before 2.20.2, 2.21.x before 2.21.1, 2.22.x before 2.22.2, 2.23.x before 2.23.1, and 2.24.x before 2.24.1 because a 'git submodule update' operation can run commands found in the .gitmodules file of a malicious repository.(CVE-2019-19604)\n\n - An issue was found in Git before v2.24.1, v2.23.1, v2.22.2, v2.21.1, v2.20.2, v2.19.3, v2.18.2, v2.17.3, v2.16.6, v2.15.4, and v2.14.6. Recursive clones are currently affected by a vulnerability that is caused by too-lax validation of submodule names, allowing very targeted attacks via remote code execution in recursive clones.(CVE-2019-1387)\n\n - A remote code execution vulnerability exists when Git for Visual Studio improperly sanitizes input, aka 'Git for Visual Studio Remote Code Execution Vulnerability'.\n This CVE ID is unique from CVE-2019-1349, CVE-2019-1350, CVE-2019-1352, CVE-2019-1387.(CVE-2019-1354)\n\n - An issue was found in Git before v2.24.1, v2.23.1, v2.22.2, v2.21.1, v2.20.2, v2.19.3, v2.18.2, v2.17.3, v2.16.6, v2.15.4, and v2.14.6. When running Git in the Windows Subsystem for Linux (also known as 'WSL') while accessing a working directory on a regular Windows drive, none of the NTFS protections were active.(CVE-2019-1353)\n\n - A remote code execution vulnerability exists when Git for Visual Studio improperly sanitizes input, aka 'Git for Visual Studio Remote Code Execution Vulnerability'.\n This CVE ID is unique from CVE-2019-1349, CVE-2019-1350, CVE-2019-1354, CVE-2019-1387.(CVE-2019-1352)\n\n - A tampering vulnerability exists when Git for Visual Studio improperly handles virtual drive paths, aka 'Git for Visual Studio Tampering Vulnerability'.(CVE-2019-1351)\n\n - A remote code execution vulnerability exists when Git for Visual Studio improperly sanitizes input, aka 'Git for Visual Studio Remote Code Execution Vulnerability'.\n This CVE ID is unique from CVE-2019-1349, CVE-2019-1352, CVE-2019-1354, CVE-2019-1387.(CVE-2019-1350)\n\n - A remote code execution vulnerability exists when Git for Visual Studio improperly sanitizes input, aka 'Git for Visual Studio Remote Code Execution Vulnerability'.\n This CVE ID is unique from CVE-2019-1350, CVE-2019-1352, CVE-2019-1354, CVE-2019-1387.(CVE-2019-1349)\n\n - An issue was found in Git before v2.24.1, v2.23.1, v2.22.2, v2.21.1, v2.20.2, v2.19.3, v2.18.2, v2.17.3, v2.16.6, v2.15.4, and v2.14.6. The --export-marks option of git fast-import is exposed also via the in-stream command feature export-marks=... and it allows overwriting arbitrary paths.(CVE-2019-1348)\n\n - Affected versions of Git have a vulnerability whereby Git can be tricked into sending private credentials to a host controlled by an attacker. Git uses external 'credential helper' programs to store and retrieve passwords or other credentials from secure storage provided by the operating system. Specially-crafted URLs that contain an encoded newline can inject unintended values into the credential helper protocol stream, causing the credential helper to retrieve the password for one server (e.g., good.example.com) for an HTTP request being made to another server (e.g., evil.example.com), resulting in credentials for the former being sent to the latter. There are no restrictions on the relationship between the two, meaning that an attacker can craft a URL that will present stored credentials for any host to a host of their choosing. The vulnerability can be triggered by feeding a malicious URL to git clone. However, the affected URLs look rather suspicious the likely vector would be through systems which automatically clone URLs not visible to the user, such as Git submodules, or package systems built around Git. The problem has been patched in the versions published on April 14th, 2020, going back to v2.17.x. Anyone wishing to backport the change further can do so by applying commit 9a6bbee (the full release includes extra checks for git fsck, but that commit is sufficient to protect clients against the vulnerability). The patched versions are:\n 2.17.4, 2.18.3, 2.19.4, 2.20.3, 2.21.2, 2.22.3, 2.23.2, 2.24.2, 2.25.3, 2.26.1.(CVE-2020-5260)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2020-05-01T00:00:00", "type": "nessus", "title": "EulerOS Virtualization for ARM 64 3.0.2.0 : git (EulerOS-SA-2020-1537)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1348", "CVE-2019-1349", "CVE-2019-1350", "CVE-2019-1351", "CVE-2019-1352", "CVE-2019-1353", "CVE-2019-1354", "CVE-2019-1387", "CVE-2019-19604", "CVE-2020-5260"], "modified": "2022-05-13T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:git", "p-cpe:/a:huawei:euleros:git-core", "p-cpe:/a:huawei:euleros:git-core-doc", "p-cpe:/a:huawei:euleros:perl-Git", "cpe:/o:huawei:euleros:uvp:3.0.2.0"], "id": "EULEROS_SA-2020-1537.NASL", "href": "https://www.tenable.com/plugins/nessus/136240", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(136240);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/13\");\n\n script_cve_id(\n \"CVE-2019-1348\",\n \"CVE-2019-1349\",\n \"CVE-2019-1350\",\n \"CVE-2019-1351\",\n \"CVE-2019-1352\",\n \"CVE-2019-1353\",\n \"CVE-2019-1354\",\n \"CVE-2019-1387\",\n \"CVE-2019-19604\",\n \"CVE-2020-5260\"\n );\n\n script_name(english:\"EulerOS Virtualization for ARM 64 3.0.2.0 : git (EulerOS-SA-2020-1537)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization for ARM 64 host is missing multiple security\nupdates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the git packages installed, the EulerOS\nVirtualization for ARM 64 installation on the remote host is affected\nby the following vulnerabilities :\n\n - Arbitrary command execution is possible in Git before\n 2.20.2, 2.21.x before 2.21.1, 2.22.x before 2.22.2,\n 2.23.x before 2.23.1, and 2.24.x before 2.24.1 because\n a 'git submodule update' operation can run commands\n found in the .gitmodules file of a malicious\n repository.(CVE-2019-19604)\n\n - An issue was found in Git before v2.24.1, v2.23.1,\n v2.22.2, v2.21.1, v2.20.2, v2.19.3, v2.18.2, v2.17.3,\n v2.16.6, v2.15.4, and v2.14.6. Recursive clones are\n currently affected by a vulnerability that is caused by\n too-lax validation of submodule names, allowing very\n targeted attacks via remote code execution in recursive\n clones.(CVE-2019-1387)\n\n - A remote code execution vulnerability exists when Git\n for Visual Studio improperly sanitizes input, aka 'Git\n for Visual Studio Remote Code Execution Vulnerability'.\n This CVE ID is unique from CVE-2019-1349,\n CVE-2019-1350, CVE-2019-1352,\n CVE-2019-1387.(CVE-2019-1354)\n\n - An issue was found in Git before v2.24.1, v2.23.1,\n v2.22.2, v2.21.1, v2.20.2, v2.19.3, v2.18.2, v2.17.3,\n v2.16.6, v2.15.4, and v2.14.6. When running Git in the\n Windows Subsystem for Linux (also known as 'WSL') while\n accessing a working directory on a regular Windows\n drive, none of the NTFS protections were\n active.(CVE-2019-1353)\n\n - A remote code execution vulnerability exists when Git\n for Visual Studio improperly sanitizes input, aka 'Git\n for Visual Studio Remote Code Execution Vulnerability'.\n This CVE ID is unique from CVE-2019-1349,\n CVE-2019-1350, CVE-2019-1354,\n CVE-2019-1387.(CVE-2019-1352)\n\n - A tampering vulnerability exists when Git for Visual\n Studio improperly handles virtual drive paths, aka 'Git\n for Visual Studio Tampering\n Vulnerability'.(CVE-2019-1351)\n\n - A remote code execution vulnerability exists when Git\n for Visual Studio improperly sanitizes input, aka 'Git\n for Visual Studio Remote Code Execution Vulnerability'.\n This CVE ID is unique from CVE-2019-1349,\n CVE-2019-1352, CVE-2019-1354,\n CVE-2019-1387.(CVE-2019-1350)\n\n - A remote code execution vulnerability exists when Git\n for Visual Studio improperly sanitizes input, aka 'Git\n for Visual Studio Remote Code Execution Vulnerability'.\n This CVE ID is unique from CVE-2019-1350,\n CVE-2019-1352, CVE-2019-1354,\n CVE-2019-1387.(CVE-2019-1349)\n\n - An issue was found in Git before v2.24.1, v2.23.1,\n v2.22.2, v2.21.1, v2.20.2, v2.19.3, v2.18.2, v2.17.3,\n v2.16.6, v2.15.4, and v2.14.6. The --export-marks\n option of git fast-import is exposed also via the\n in-stream command feature export-marks=... and it\n allows overwriting arbitrary paths.(CVE-2019-1348)\n\n - Affected versions of Git have a vulnerability whereby\n Git can be tricked into sending private credentials to\n a host controlled by an attacker. Git uses external\n 'credential helper' programs to store and retrieve\n passwords or other credentials from secure storage\n provided by the operating system. Specially-crafted\n URLs that contain an encoded newline can inject\n unintended values into the credential helper protocol\n stream, causing the credential helper to retrieve the\n password for one server (e.g., good.example.com) for an\n HTTP request being made to another server (e.g.,\n evil.example.com), resulting in credentials for the\n former being sent to the latter. There are no\n restrictions on the relationship between the two,\n meaning that an attacker can craft a URL that will\n present stored credentials for any host to a host of\n their choosing. The vulnerability can be triggered by\n feeding a malicious URL to git clone. However, the\n affected URLs look rather suspicious the likely vector\n would be through systems which automatically clone URLs\n not visible to the user, such as Git submodules, or\n package systems built around Git. The problem has been\n patched in the versions published on April 14th, 2020,\n going back to v2.17.x. Anyone wishing to backport the\n change further can do so by applying commit 9a6bbee\n (the full release includes extra checks for git fsck,\n but that commit is sufficient to protect clients\n against the vulnerability). The patched versions are:\n 2.17.4, 2.18.3, 2.19.4, 2.20.3, 2.21.2, 2.22.3, 2.23.2,\n 2.24.2, 2.25.3, 2.26.1.(CVE-2020-5260)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-1537\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?b998afa8\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected git packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-19604\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2019-1353\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/04/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/05/01\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:git\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:git-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:git-core-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:perl-Git\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:3.0.2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"3.0.2.0\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 3.0.2.0\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nflag = 0;\n\npkgs = [\"git-2.19.1-1.h8\",\n \"git-core-2.19.1-1.h8\",\n \"git-core-doc-2.19.1-1.h8\",\n \"perl-Git-2.19.1-1.h8\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"git\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-05-19T17:15:43", "description": "The --export-marks option of git fast-import is exposed also via the in-stream command feature export-marks=... and it allows overwriting arbitrary paths.(CVE-2019-1348)\n\nWhen submodules are cloned recursively, under certain circumstances Git could be fooled into using the same Git directory twice. We now require the directory to be empty.(CVE-2019-1349)\n\nIncorrect quoting of command-line arguments allowed remote code execution during a recursive clone in conjunction with SSH URLs.\n(CVE-2019-1350)\n\nWhile the only permitted drive letters for physical drives on Windows are letters of the US-English alphabet, this restriction does not apply to virtual drives . Git mistook such paths for relative paths, allowing writing outside of the worktree while cloning.\n(CVE-2019-13510)\n\nGit was unaware of NTFS Alternate Data Streams, allowing files inside the .git/ directory to be overwritten during a clone.(CVE-2019-1352)\n\nWhen running Git in the Windows Subsystem for Linux (also known as 'WSL') while accessing a working directory on a regular Windows drive, none of the NTFS protections were active. (CVE-2019-1353)\n\nFilenames on Linux/Unix can contain backslashes. On Windows, backslashes are directory separators. Git did not use to refuse to write out tracked files with such filenames.(CVE-2019-1354)\n\nRecursive clones are currently affected by a vulnerability that is caused by too-lax validation of submodule names, allowing very targeted attacks via remote code execution in recursive clones.(CVE-2019-1387)", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2019-12-13T00:00:00", "type": "nessus", "title": "Amazon Linux AMI : git (ALAS-2019-1325)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1348", "CVE-2019-1349", "CVE-2019-1350", "CVE-2019-1351", "CVE-2019-13510", "CVE-2019-1352", "CVE-2019-1353", "CVE-2019-1354", "CVE-2019-1387"], "modified": "2022-05-18T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:emacs-git", "p-cpe:/a:amazon:linux:emacs-git-el", "p-cpe:/a:amazon:linux:git", "p-cpe:/a:amazon:linux:git-all", "p-cpe:/a:amazon:linux:git-bzr", "p-cpe:/a:amazon:linux:git-cvs", "p-cpe:/a:amazon:linux:git-daemon", "p-cpe:/a:amazon:linux:git-debuginfo", "p-cpe:/a:amazon:linux:git-email", "p-cpe:/a:amazon:linux:git-hg", "p-cpe:/a:amazon:linux:git-p4", "p-cpe:/a:amazon:linux:git-svn", "p-cpe:/a:amazon:linux:gitweb", "p-cpe:/a:amazon:linux:perl-Git", "p-cpe:/a:amazon:linux:perl-Git-SVN", "cpe:/o:amazon:linux"], "id": "ALA_ALAS-2019-1325.NASL", "href": "https://www.tenable.com/plugins/nessus/132026", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2019-1325.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(132026);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/18\");\n\n script_cve_id(\"CVE-2019-1348\", \"CVE-2019-1349\", \"CVE-2019-1350\", \"CVE-2019-1351\", \"CVE-2019-1352\", \"CVE-2019-1353\", \"CVE-2019-1354\", \"CVE-2019-1387\");\n script_xref(name:\"ALAS\", value:\"2019-1325\");\n\n script_name(english:\"Amazon Linux AMI : git (ALAS-2019-1325)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Amazon Linux AMI host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"The --export-marks option of git fast-import is exposed also via the\nin-stream command feature export-marks=... and it allows overwriting\narbitrary paths.(CVE-2019-1348)\n\nWhen submodules are cloned recursively, under certain circumstances\nGit could be fooled into using the same Git directory twice. We now\nrequire the directory to be empty.(CVE-2019-1349)\n\nIncorrect quoting of command-line arguments allowed remote code\nexecution during a recursive clone in conjunction with SSH URLs.\n(CVE-2019-1350)\n\nWhile the only permitted drive letters for physical drives on Windows\nare letters of the US-English alphabet, this restriction does not\napply to virtual drives . Git mistook such paths for relative paths,\nallowing writing outside of the worktree while cloning.\n(CVE-2019-13510)\n\nGit was unaware of NTFS Alternate Data Streams, allowing files inside\nthe .git/ directory to be overwritten during a clone.(CVE-2019-1352)\n\nWhen running Git in the Windows Subsystem for Linux (also known as\n'WSL') while accessing a working directory on a regular Windows drive,\nnone of the NTFS protections were active. (CVE-2019-1353)\n\nFilenames on Linux/Unix can contain backslashes. On Windows,\nbackslashes are directory separators. Git did not use to refuse to\nwrite out tracked files with such filenames.(CVE-2019-1354)\n\nRecursive clones are currently affected by a vulnerability that is\ncaused by too-lax validation of submodule names, allowing very\ntargeted attacks via remote code execution in recursive\nclones.(CVE-2019-1387)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/ALAS-2019-1325.html\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Run 'yum update git' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-1354\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:emacs-git\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:emacs-git-el\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:git\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:git-all\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:git-bzr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:git-cvs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:git-daemon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:git-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:git-email\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:git-hg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:git-p4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:git-svn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:gitweb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:perl-Git\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:perl-Git-SVN\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/12/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/12/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/12/13\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", reference:\"emacs-git-2.14.6-1.61.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"emacs-git-el-2.14.6-1.61.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"git-2.14.6-1.61.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"git-all-2.14.6-1.61.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"git-bzr-2.14.6-1.61.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"git-cvs-2.14.6-1.61.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"git-daemon-2.14.6-1.61.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"git-debuginfo-2.14.6-1.61.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"git-email-2.14.6-1.61.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"git-hg-2.14.6-1.61.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"git-p4-2.14.6-1.61.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"git-svn-2.14.6-1.61.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"gitweb-2.14.6-1.61.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"perl-Git-2.14.6-1.61.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"perl-Git-SVN-2.14.6-1.61.amzn1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"emacs-git / emacs-git-el / git / git-all / git-bzr / git-cvs / etc\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-05-19T17:17:28", "description": "Several vulnerabilities have been discovered in git, a fast, scalable, distributed revision control system.\n\n - CVE-2019-1348 It was reported that the --export-marks option of git fast-import is exposed also via the in-stream command feature export-marks=..., allowing to overwrite arbitrary paths.\n\n - CVE-2019-1387 It was discovered that submodule names are not validated strictly enough, allowing very targeted attacks via remote code execution when performing recursive clones.\n\n - CVE-2019-19604 Joern Schneeweisz reported a vulnerability, where a recursive clone followed by a submodule update could execute code contained within the repository without the user explicitly having asked for that. It is now disallowed for `.gitmodules` to have entries that set `submodule.<name>.update=!command`.\n\nIn addition this update addresses a number of security issues which are only an issue if git is operating on an NTFS filesystem (CVE-2019-1349, CVE-2019-1352 and CVE-2019-1353 ).", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2019-12-12T00:00:00", "type": "nessus", "title": "Debian DSA-4581-1 : git - security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1348", "CVE-2019-1349", "CVE-2019-1352", "CVE-2019-1353", "CVE-2019-1387", "CVE-2019-19604"], "modified": "2022-05-18T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:git", "cpe:/o:debian:debian_linux:10.0", "cpe:/o:debian:debian_linux:9.0"], "id": "DEBIAN_DSA-4581.NASL", "href": "https://www.tenable.com/plugins/nessus/131966", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-4581. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(131966);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/18\");\n\n script_cve_id(\"CVE-2019-1348\", \"CVE-2019-1349\", \"CVE-2019-1352\", \"CVE-2019-1353\", \"CVE-2019-1387\", \"CVE-2019-19604\");\n script_xref(name:\"DSA\", value:\"4581\");\n\n script_name(english:\"Debian DSA-4581-1 : git - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Several vulnerabilities have been discovered in git, a fast, scalable,\ndistributed revision control system.\n\n - CVE-2019-1348\n It was reported that the --export-marks option of git\n fast-import is exposed also via the in-stream command\n feature export-marks=..., allowing to overwrite\n arbitrary paths.\n\n - CVE-2019-1387\n It was discovered that submodule names are not validated\n strictly enough, allowing very targeted attacks via\n remote code execution when performing recursive clones.\n\n - CVE-2019-19604\n Joern Schneeweisz reported a vulnerability, where a\n recursive clone followed by a submodule update could\n execute code contained within the repository without the\n user explicitly having asked for that. It is now\n disallowed for `.gitmodules` to have entries that set\n `submodule.<name>.update=!command`.\n\nIn addition this update addresses a number of security issues which\nare only an issue if git is operating on an NTFS filesystem\n(CVE-2019-1349, CVE-2019-1352 and CVE-2019-1353 ).\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2019-1348\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2019-1387\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2019-19604\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2019-1349\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2019-1352\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2019-1353\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/source-package/git\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/stretch/git\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/buster/git\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2019/dsa-4581\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"Upgrade the git packages.\n\nFor the oldstable distribution (stretch), these problems have been\nfixed in version 1:2.11.0-3+deb9u5.\n\nFor the stable distribution (buster), these problems have been fixed\nin version 1:2.20.1-2+deb10u1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-19604\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:git\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:10.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:9.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/12/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/12/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/12/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"10.0\", prefix:\"git\", reference:\"1:2.20.1-2+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"git-all\", reference:\"1:2.20.1-2+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"git-cvs\", reference:\"1:2.20.1-2+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"git-daemon-run\", reference:\"1:2.20.1-2+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"git-daemon-sysvinit\", reference:\"1:2.20.1-2+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"git-doc\", reference:\"1:2.20.1-2+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"git-el\", reference:\"1:2.20.1-2+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"git-email\", reference:\"1:2.20.1-2+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"git-gui\", reference:\"1:2.20.1-2+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"git-man\", reference:\"1:2.20.1-2+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"git-mediawiki\", reference:\"1:2.20.1-2+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"git-svn\", reference:\"1:2.20.1-2+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"gitk\", reference:\"1:2.20.1-2+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"gitweb\", reference:\"1:2.20.1-2+deb10u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"git\", reference:\"1:2.11.0-3+deb9u5\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"git-all\", reference:\"1:2.11.0-3+deb9u5\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"git-arch\", reference:\"1:2.11.0-3+deb9u5\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"git-core\", reference:\"1:2.11.0-3+deb9u5\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"git-cvs\", reference:\"1:2.11.0-3+deb9u5\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"git-daemon-run\", reference:\"1:2.11.0-3+deb9u5\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"git-daemon-sysvinit\", reference:\"1:2.11.0-3+deb9u5\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"git-doc\", reference:\"1:2.11.0-3+deb9u5\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"git-el\", reference:\"1:2.11.0-3+deb9u5\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"git-email\", reference:\"1:2.11.0-3+deb9u5\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"git-gui\", reference:\"1:2.11.0-3+deb9u5\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"git-man\", reference:\"1:2.11.0-3+deb9u5\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"git-mediawiki\", reference:\"1:2.11.0-3+deb9u5\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"git-svn\", reference:\"1:2.11.0-3+deb9u5\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"gitk\", reference:\"1:2.11.0-3+deb9u5\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"gitweb\", reference:\"1:2.11.0-3+deb9u5\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-02-19T13:06:33", "description": "Several vulnerabilities have been discovered in git, a fast, scalable, distributed revision control system.\n\nCVE-2019-1348\n\nIt was reported that the --export-marks option of git fast-import is exposed also via the in-stream command feature export-marks=..., allowing to overwrite arbitrary paths.\n\nCVE-2019-1387\n\nIt was discovered that submodule names are not validated strictly enough, allowing very targeted attacks via remote code execution when performing recursive clones.\n\nIn addition this update addresses a number of security issues which are only an issue if git is operating on an NTFS filesystem (CVE-2019-1349, CVE-2019-1352 and CVE-2019-1353).\n\nFor Debian 8 'Jessie', these problems have been fixed in version 1:2.1.4-2.1+deb8u8.\n\nWe recommend that you upgrade your git packages.\n\nNOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2020-01-24T00:00:00", "type": "nessus", "title": "Debian DLA-2059-1 : git security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1348", "CVE-2019-1349", "CVE-2019-1352", "CVE-2019-1353", "CVE-2019-1387"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:git", "p-cpe:/a:debian:debian_linux:git-all", "p-cpe:/a:debian:debian_linux:git-arch", "p-cpe:/a:debian:debian_linux:git-core", "p-cpe:/a:debian:debian_linux:git-cvs", "p-cpe:/a:debian:debian_linux:git-daemon-run", "p-cpe:/a:debian:debian_linux:git-daemon-sysvinit", "p-cpe:/a:debian:debian_linux:git-doc", "p-cpe:/a:debian:debian_linux:git-el", "p-cpe:/a:debian:debian_linux:git-email", "p-cpe:/a:debian:debian_linux:git-gui", "p-cpe:/a:debian:debian_linux:git-man", "p-cpe:/a:debian:debian_linux:git-mediawiki", "p-cpe:/a:debian:debian_linux:git-svn", "p-cpe:/a:debian:debian_linux:gitk", "p-cpe:/a:debian:debian_linux:gitweb", "cpe:/o:debian:debian_linux:8.0"], "id": "DEBIAN_DLA-2059.NASL", "href": "https://www.tenable.com/plugins/nessus/133218", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-2059-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(133218);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2019-1348\", \"CVE-2019-1349\", \"CVE-2019-1352\", \"CVE-2019-1353\", \"CVE-2019-1387\");\n\n script_name(english:\"Debian DLA-2059-1 : git security update\");\n script_summary(english:\"Checks dpkg output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several vulnerabilities have been discovered in git, a fast, scalable,\ndistributed revision control system.\n\nCVE-2019-1348\n\nIt was reported that the --export-marks option of git fast-import is\nexposed also via the in-stream command feature export-marks=...,\nallowing to overwrite arbitrary paths.\n\nCVE-2019-1387\n\nIt was discovered that submodule names are not validated strictly\nenough, allowing very targeted attacks via remote code execution when\nperforming recursive clones.\n\nIn addition this update addresses a number of security issues which\nare only an issue if git is operating on an NTFS filesystem\n(CVE-2019-1349, CVE-2019-1352 and CVE-2019-1353).\n\nFor Debian 8 'Jessie', these problems have been fixed in version\n1:2.1.4-2.1+deb8u8.\n\nWe recommend that you upgrade your git packages.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-lts-announce/2020/01/msg00019.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/jessie/git\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:git\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:git-all\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:git-arch\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:git-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:git-cvs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:git-daemon-run\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:git-daemon-sysvinit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:git-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:git-el\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:git-email\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:git-gui\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:git-man\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:git-mediawiki\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:git-svn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:gitk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:gitweb\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:8.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/12/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/01/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/01/24\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"8.0\", prefix:\"git\", reference:\"1:2.1.4-2.1+deb8u8\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"git-all\", reference:\"1:2.1.4-2.1+deb8u8\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"git-arch\", reference:\"1:2.1.4-2.1+deb8u8\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"git-core\", reference:\"1:2.1.4-2.1+deb8u8\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"git-cvs\", reference:\"1:2.1.4-2.1+deb8u8\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"git-daemon-run\", reference:\"1:2.1.4-2.1+deb8u8\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"git-daemon-sysvinit\", reference:\"1:2.1.4-2.1+deb8u8\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"git-doc\", reference:\"1:2.1.4-2.1+deb8u8\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"git-el\", reference:\"1:2.1.4-2.1+deb8u8\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"git-email\", reference:\"1:2.1.4-2.1+deb8u8\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"git-gui\", reference:\"1:2.1.4-2.1+deb8u8\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"git-man\", reference:\"1:2.1.4-2.1+deb8u8\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"git-mediawiki\", reference:\"1:2.1.4-2.1+deb8u8\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"git-svn\", reference:\"1:2.1.4-2.1+deb8u8\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"gitk\", reference:\"1:2.1.4-2.1+deb8u8\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"gitweb\", reference:\"1:2.1.4-2.1+deb8u8\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-02-19T13:11:59", "description": "The Microsoft Visual Studio Products are missing security updates. It is, therefore, affected by multiple vulnerabilities :\n\n - A tampering vulnerability exists when Git for Visual Studio improperly handles virtual drive paths. An attacker who successfully exploited this vulnerability could write arbitrary files and directories to certain locations on a vulnerable system. However, an attacker would have limited control over the destination of the files and directories. (CVE-2019-1351)\n\n - A remote code execution vulnerability exists when Git for Visual Studio improperly sanitizes input. An attacker who successfully exploited this vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.\n Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.\n (CVE-2019-1349, CVE-2019-1350, CVE-2019-1352, CVE-2019-1354, CVE-2019-1387)\n\n - A spoofing vulnerability exists in Visual Studio Live Share when a guest connected to a Live Share session is redirected to an arbitrary URL specified by the session host. An attacker who successfully exploited this vulnerability could cause a connected guest's computer to open a browser and navigate to a URL without consent from the guest. (CVE-2019-1486)", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2019-12-10T00:00:00", "type": "nessus", "title": "Security Updates for Microsoft Visual Studio Products (December 2019)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1349", "CVE-2019-1350", "CVE-2019-1351", "CVE-2019-1352", "CVE-2019-1354", "CVE-2019-1387", "CVE-2019-1486"], "modified": "2020-03-13T00:00:00", "cpe": ["cpe:/a:microsoft:visual_studio"], "id": "SMB_NT_MS19_DEC_VISUAL_STUDIO.NASL", "href": "https://www.tenable.com/plugins/nessus/131939", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n# The descriptive text and package checks in this plugin were \n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(131939);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/03/13\");\n\n script_cve_id(\n \"CVE-2019-1349\",\n \"CVE-2019-1350\",\n \"CVE-2019-1351\",\n \"CVE-2019-1352\",\n \"CVE-2019-1354\",\n \"CVE-2019-1387\",\n \"CVE-2019-1486\"\n );\n\n script_name(english:\"Security Updates for Microsoft Visual Studio Products (December 2019)\");\n script_summary(english:\"Checks for Microsoft security updates.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The Microsoft Visual Studio Products are affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The Microsoft Visual Studio Products are missing security\nupdates. It is, therefore, affected by multiple\nvulnerabilities :\n\n - A tampering vulnerability exists when Git for Visual\n Studio improperly handles virtual drive paths. An\n attacker who successfully exploited this vulnerability\n could write arbitrary files and directories to certain\n locations on a vulnerable system. However, an attacker\n would have limited control over the destination of the\n files and directories. (CVE-2019-1351)\n\n - A remote code execution vulnerability exists when Git\n for Visual Studio improperly sanitizes input. An\n attacker who successfully exploited this vulnerability\n could take control of an affected system. An attacker\n could then install programs; view, change, or delete\n data; or create new accounts with full user rights.\n Users whose accounts are configured to have fewer user\n rights on the system could be less impacted than users\n who operate with administrative user rights.\n (CVE-2019-1349, CVE-2019-1350, CVE-2019-1352,\n CVE-2019-1354, CVE-2019-1387)\n\n - A spoofing vulnerability exists in Visual Studio Live\n Share when a guest connected to a Live Share session is\n redirected to an arbitrary URL specified by the session\n host. An attacker who successfully exploited this\n vulnerability could cause a connected guest's computer\n to open a browser and navigate to a URL without consent\n from the guest. (CVE-2019-1486)\");\n # https://docs.microsoft.com/en-us/visualstudio/releasenotes/vs2017-relnotes#-visual-studio-2017-version-15918-\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?12d98124\");\n # https://docs.microsoft.com/en-us/visualstudio/releases/2019/release-notes#--visual-studio-2019-version-1641-\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?08e082ad\");\n # https://docs.microsoft.com/en-us/visualstudio/releases/2019/release-notes-v16.0#--visual-studio-2019-version-16010-\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?b4bf32ac\");\n script_set_attribute(attribute:\"solution\", value:\n\"Microsoft has released Visual Studio 2017 15.9.18, Visual Studio 2019 16.0.19,\nand Visual Studio 2019 16.4.1 to address this issue.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-1354\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/12/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/12/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/12/10\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:microsoft:visual_studio\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ms_bulletin_checks_possible.nasl\", \"microsoft_visual_studio_installed.nbin\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\", \"installed_sw/Microsoft Visual Studio\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\ninclude('audit.inc');\ninclude('misc_func.inc');\ninclude('install_func.inc');\ninclude('global_settings.inc');\ninclude('smb_func.inc');\ninclude('smb_hotfixes.inc');\ninclude('smb_hotfixes_fcheck.inc');\n\nget_kb_item_or_exit('installed_sw/Microsoft Visual Studio');\n\nport = kb_smb_transport();\nappname = 'Microsoft Visual Studio';\n\ninstalls = get_installs(app_name:appname, exit_if_not_found:TRUE);\n\nreport = '';\n\nforeach install (installs[1])\n{\n version = install['version'];\n path = install['path'];\n prod = install['Product'];\n\n fix = '';\n\n # VS 2017 version 15.9\n if (prod == '2017' && version =~ '^15\\\\.[0-9]\\\\.')\n {\n fix = '15.9.28307.960';\n\n if (ver_compare(ver: version, fix: fix, strict:FALSE) < 0)\n {\n report +=\n '\\n Path : ' + path +\n '\\n Installed version : ' + version +\n '\\n Fixed version : ' + fix +\n '\\n';\n }\n }\n # VS 2019 Version 16.0\n else if (prod == '2019' && version =~ '^16\\\\.0\\\\.')\n {\n fix = '16.0.28803.631';\n if (ver_compare(ver: version, fix: fix, strict:FALSE) < 0)\n {\n report +=\n '\\n Path : ' + path +\n '\\n Installed version : ' + version +\n '\\n Fixed version : ' + fix +\n '\\n';\n }\n }\n # VS 2019 Version 16.4\n else if (prod == '2019' && version =~ '^16\\\\.[1-4]\\\\.')\n {\n fix = '16.4.29609.76';\n if (ver_compare(ver: version, fix: fix, strict:FALSE) < 0)\n {\n report +=\n '\\n Path : ' + path +\n '\\n Installed version : ' + version +\n '\\n Fixed version : ' + fix +\n '\\n';\n }\n }\n}\n\nif (empty(report))\n audit(AUDIT_INST_VER_NOT_VULN, appname);\n\nsecurity_report_v4(port:port, severity:SECURITY_HOLE, extra:report);\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-02-19T13:03:28", "description": "The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:0228 advisory.\n\n - git: Arbitrary path overwriting via export-marks in-stream command feature (CVE-2019-1348)\n\n - git: Recursive submodule cloning allows using git directory twice with synonymous directory name written in .git/ (CVE-2019-1349)\n\n - git: Files inside the .git directory may be overwritten during cloning via NTFS Alternate Data Streams (CVE-2019-1352)\n\n - git: Remote code execution in recursive clones with nested submodules (CVE-2019-1387)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2020-01-28T00:00:00", "type": "nessus", "title": "RHEL 8 : git (RHSA-2020:0228)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1348", "CVE-2019-1349", "CVE-2019-1352", "CVE-2019-1387"], "modified": "2021-10-13T00:00:00", "cpe": ["cpe:/o:redhat:rhel_e4s:8.0", "p-cpe:/a:redhat:enterprise_linux:git", "p-cpe:/a:redhat:enterprise_linux:git-all", "p-cpe:/a:redhat:enterprise_linux:git-core", "p-cpe:/a:redhat:enterprise_linux:git-core-doc", "p-cpe:/a:redhat:enterprise_linux:git-daemon", "p-cpe:/a:redhat:enterprise_linux:git-email", "p-cpe:/a:redhat:enterprise_linux:git-gui", "p-cpe:/a:redhat:enterprise_linux:git-instaweb", "p-cpe:/a:redhat:enterprise_linux:git-subtree", "p-cpe:/a:redhat:enterprise_linux:git-svn", "p-cpe:/a:redhat:enterprise_linux:gitk", "p-cpe:/a:redhat:enterprise_linux:gitweb", "p-cpe:/a:redhat:enterprise_linux:perl-Git", "p-cpe:/a:redhat:enterprise_linux:perl-Git-SVN"], "id": "REDHAT-RHSA-2020-0228.NASL", "href": "https://www.tenable.com/plugins/nessus/133281", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2020:0228. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(133281);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/10/13\");\n\n script_cve_id(\n \"CVE-2019-1348\",\n \"CVE-2019-1349\",\n \"CVE-2019-1352\",\n \"CVE-2019-1387\"\n );\n script_xref(name:\"RHSA\", value:\"2020:0228\");\n script_xref(name:\"IAVA\", value:\"2019-A-0454-S\");\n\n script_name(english:\"RHEL 8 : git (RHSA-2020:0228)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the RHSA-2020:0228 advisory.\n\n - git: Arbitrary path overwriting via export-marks in-stream command feature (CVE-2019-1348)\n\n - git: Recursive submodule cloning allows using git directory twice with synonymous directory name written\n in .git/ (CVE-2019-1349)\n\n - git: Files inside the .git directory may be overwritten during cloning via NTFS Alternate Data Streams\n (CVE-2019-1352)\n\n - git: Remote code execution in recursive clones with nested submodules (CVE-2019-1387)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/20.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/73.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-1348\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-1349\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-1352\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-1387\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2020:0228\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1781127\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1781143\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1781953\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1781963\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-1352\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(20, 73);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/12/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/01/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/01/28\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:8.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:git\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:git-all\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:git-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:git-core-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:git-daemon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:git-email\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:git-gui\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:git-instaweb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:git-subtree\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:git-svn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:gitk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:gitweb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:perl-Git\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:perl-Git-SVN\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/RedHat/release');\nif (isnull(release) || 'Red Hat' >!< release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nvar os_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '8')) audit(AUDIT_OS_NOT, 'Red Hat 8.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar repositories = {\n 'rhel_e4s_8_0_appstream': [\n 'rhel-8-for-x86_64-appstream-e4s-debug-rpms',\n 'rhel-8-for-x86_64-appstream-e4s-debug-rpms__8_DOT_0',\n 'rhel-8-for-x86_64-appstream-e4s-rpms',\n 'rhel-8-for-x86_64-appstream-e4s-rpms__8_DOT_0',\n 'rhel-8-for-x86_64-appstream-e4s-source-rpms',\n 'rhel-8-for-x86_64-appstream-e4s-source-rpms__8_DOT_0'\n ],\n 'rhel_e4s_8_0_baseos': [\n 'rhel-8-for-x86_64-baseos-e4s-debug-rpms',\n 'rhel-8-for-x86_64-baseos-e4s-debug-rpms__8_DOT_0',\n 'rhel-8-for-x86_64-baseos-e4s-rpms',\n 'rhel-8-for-x86_64-baseos-e4s-rpms__8_DOT_0',\n 'rhel-8-for-x86_64-baseos-e4s-source-rpms',\n 'rhel-8-for-x86_64-baseos-e4s-source-rpms__8_DOT_0'\n ],\n 'rhel_e4s_8_0_highavailability': [\n 'rhel-8-for-x86_64-highavailability-e4s-debug-rpms',\n 'rhel-8-for-x86_64-highavailability-e4s-debug-rpms__8_DOT_0',\n 'rhel-8-for-x86_64-highavailability-e4s-rpms',\n 'rhel-8-for-x86_64-highavailability-e4s-rpms__8_DOT_0',\n 'rhel-8-for-x86_64-highavailability-e4s-source-rpms',\n 'rhel-8-for-x86_64-highavailability-e4s-source-rpms__8_DOT_0'\n ],\n 'rhel_e4s_8_0_sap': [\n 'rhel-8-for-x86_64-sap-netweaver-e4s-debug-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-debug-rpms__8_DOT_0',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-rpms__8_DOT_0',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-source-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-source-rpms__8_DOT_0'\n ],\n 'rhel_e4s_8_0_sap_hana': [\n 'rhel-8-for-x86_64-sap-solutions-e4s-debug-rpms',\n 'rhel-8-for-x86_64-sap-solutions-e4s-debug-rpms__8_DOT_0',\n 'rhel-8-for-x86_64-sap-solutions-e4s-rpms',\n 'rhel-8-for-x86_64-sap-solutions-e4s-rpms__8_DOT_0'\n ]\n};\n\nvar repo_sets = rhel_get_valid_repo_sets(repositories:repositories);\nif(repo_sets == RHEL_REPOS_NO_OVERLAP_MESSAGE) audit(AUDIT_PACKAGE_LIST_MISSING, RHEL_REPO_AUDIT_PACKAGE_LIST_DETAILS);\n\nvar pkgs = [\n {'reference':'git-2.18.2-1.el8_0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_e4s_8_0_appstream', 'rhel_e4s_8_0_baseos', 'rhel_e4s_8_0_highavailability', 'rhel_e4s_8_0_sap', 'rhel_e4s_8_0_sap_hana']},\n {'reference':'git-all-2.18.2-1.el8_0', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_e4s_8_0_appstream', 'rhel_e4s_8_0_baseos', 'rhel_e4s_8_0_highavailability', 'rhel_e4s_8_0_sap', 'rhel_e4s_8_0_sap_hana']},\n {'reference':'git-core-2.18.2-1.el8_0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_e4s_8_0_appstream', 'rhel_e4s_8_0_baseos', 'rhel_e4s_8_0_highavailability', 'rhel_e4s_8_0_sap', 'rhel_e4s_8_0_sap_hana']},\n {'reference':'git-core-doc-2.18.2-1.el8_0', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_e4s_8_0_appstream', 'rhel_e4s_8_0_baseos', 'rhel_e4s_8_0_highavailability', 'rhel_e4s_8_0_sap', 'rhel_e4s_8_0_sap_hana']},\n {'reference':'git-daemon-2.18.2-1.el8_0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_e4s_8_0_appstream', 'rhel_e4s_8_0_baseos', 'rhel_e4s_8_0_highavailability', 'rhel_e4s_8_0_sap', 'rhel_e4s_8_0_sap_hana']},\n {'reference':'git-email-2.18.2-1.el8_0', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_e4s_8_0_appstream', 'rhel_e4s_8_0_baseos', 'rhel_e4s_8_0_highavailability', 'rhel_e4s_8_0_sap', 'rhel_e4s_8_0_sap_hana']},\n {'reference':'git-gui-2.18.2-1.el8_0', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_e4s_8_0_appstream', 'rhel_e4s_8_0_baseos', 'rhel_e4s_8_0_highavailability', 'rhel_e4s_8_0_sap', 'rhel_e4s_8_0_sap_hana']},\n {'reference':'git-instaweb-2.18.2-1.el8_0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_e4s_8_0_appstream', 'rhel_e4s_8_0_baseos', 'rhel_e4s_8_0_highavailability', 'rhel_e4s_8_0_sap', 'rhel_e4s_8_0_sap_hana']},\n {'reference':'git-subtree-2.18.2-1.el8_0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_e4s_8_0_appstream', 'rhel_e4s_8_0_baseos', 'rhel_e4s_8_0_highavailability', 'rhel_e4s_8_0_sap', 'rhel_e4s_8_0_sap_hana']},\n {'reference':'git-svn-2.18.2-1.el8_0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_e4s_8_0_appstream', 'rhel_e4s_8_0_baseos', 'rhel_e4s_8_0_highavailability', 'rhel_e4s_8_0_sap', 'rhel_e4s_8_0_sap_hana']},\n {'reference':'gitk-2.18.2-1.el8_0', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_e4s_8_0_appstream', 'rhel_e4s_8_0_baseos', 'rhel_e4s_8_0_highavailability', 'rhel_e4s_8_0_sap', 'rhel_e4s_8_0_sap_hana']},\n {'reference':'gitweb-2.18.2-1.el8_0', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_e4s_8_0_appstream', 'rhel_e4s_8_0_baseos', 'rhel_e4s_8_0_highavailability', 'rhel_e4s_8_0_sap', 'rhel_e4s_8_0_sap_hana']},\n {'reference':'perl-Git-2.18.2-1.el8_0', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_e4s_8_0_appstream', 'rhel_e4s_8_0_baseos', 'rhel_e4s_8_0_highavailability', 'rhel_e4s_8_0_sap', 'rhel_e4s_8_0_sap_hana']},\n {'reference':'perl-Git-SVN-2.18.2-1.el8_0', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_e4s_8_0_appstream', 'rhel_e4s_8_0_baseos', 'rhel_e4s_8_0_highavailability', 'rhel_e4s_8_0_sap', 'rhel_e4s_8_0_sap_hana']}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n var repo_list = NULL;\n if (!empty_or_null(package_array['repo_list'])) repo_list = package_array['repo_list'];\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'RHEL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference &&\n release &&\n (rhel_decide_repo_check(repo_list:repo_list, repo_sets:repo_sets) || (!exists_check || rpm_exists(release:release, rpm:exists_check))) &&\n rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n}\n\nif (flag)\n{\n var subscription_caveat = '\\n' +\n 'NOTE: This vulnerability check contains fixes that apply to\\n' +\n 'packages only available in the Red Hat Enterprise Linux\\n' +\n 'Update Services for SAP Solutions repository.\\n' +\n 'Access to this repository requires a paid RHEL subscription.\\n';\n var extra = NULL;\n if (empty_or_null(repo_sets)) extra = subscription_caveat + rpm_report_get() + redhat_report_repo_caveat();\n else extra = subscription_caveat + rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'git / git-all / git-core / git-core-doc / git-daemon / git-email / etc');\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-02-19T13:10:40", "description": "From Red Hat Security Advisory 2019:4356 :\n\nAn update for git is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nGit is a distributed revision control system with a decentralized architecture. As opposed to centralized version control systems with a client-server model, Git ensures that each working copy of a Git repository is an exact copy with complete revision history. This not only allows the user to work on and contribute to projects without the need to have permission to push the changes to their official repositories, but also makes it possible for the user to work with no network connection.\n\nThe following packages have been upgraded to a later upstream version:\ngit (2.18.2). (BZ#1784058)\n\nSecurity Fix(es) :\n\n* git: Remote code execution in recursive clones with nested submodules (CVE-2019-1387)\n\n* git: Arbitrary path overwriting via export-marks in-stream command feature (CVE-2019-1348)\n\n* git: Recursive submodule cloning allows using git directory twice with synonymous directory name written in .git/ (CVE-2019-1349)\n\n* git: Files inside the .git directory may be overwritten during cloning via NTFS Alternate Data Streams (CVE-2019-1352)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2019-12-23T00:00:00", "type": "nessus", "title": "Oracle Linux 8 : git (ELSA-2019-4356)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1348", "CVE-2019-1349", "CVE-2019-1352", "CVE-2019-1387"], "modified": "2020-01-30T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:git", "p-cpe:/a:oracle:linux:git-all", "p-cpe:/a:oracle:linux:git-core", "p-cpe:/a:oracle:linux:git-core-doc", "p-cpe:/a:oracle:linux:git-daemon", "p-cpe:/a:oracle:linux:git-email", "p-cpe:/a:oracle:linux:git-gui", "p-cpe:/a:oracle:linux:git-instaweb", "p-cpe:/a:oracle:linux:git-subtree", "p-cpe:/a:oracle:linux:git-svn", "p-cpe:/a:oracle:linux:gitk", "p-cpe:/a:oracle:linux:gitweb", "p-cpe:/a:oracle:linux:perl-Git", "p-cpe:/a:oracle:linux:perl-Git-SVN", "cpe:/o:oracle:linux:8"], "id": "ORACLELINUX_ELSA-2019-4356.NASL", "href": "https://www.tenable.com/plugins/nessus/132381", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2019:4356 and \n# Oracle Linux Security Advisory ELSA-2019-4356 respectively.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(132381);\n script_version(\"1.4\");\n script_cvs_date(\"Date: 2020/01/30\");\n\n script_cve_id(\"CVE-2019-1348\", \"CVE-2019-1349\", \"CVE-2019-1352\", \"CVE-2019-1387\");\n script_xref(name:\"RHSA\", value:\"2019:4356\");\n\n script_name(english:\"Oracle Linux 8 : git (ELSA-2019-4356)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2019:4356 :\n\nAn update for git is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nGit is a distributed revision control system with a decentralized\narchitecture. As opposed to centralized version control systems with a\nclient-server model, Git ensures that each working copy of a Git\nrepository is an exact copy with complete revision history. This not\nonly allows the user to work on and contribute to projects without the\nneed to have permission to push the changes to their official\nrepositories, but also makes it possible for the user to work with no\nnetwork connection.\n\nThe following packages have been upgraded to a later upstream version:\ngit (2.18.2). (BZ#1784058)\n\nSecurity Fix(es) :\n\n* git: Remote code execution in recursive clones with nested\nsubmodules (CVE-2019-1387)\n\n* git: Arbitrary path overwriting via export-marks in-stream command\nfeature (CVE-2019-1348)\n\n* git: Recursive submodule cloning allows using git directory twice\nwith synonymous directory name written in .git/ (CVE-2019-1349)\n\n* git: Files inside the .git directory may be overwritten during\ncloning via NTFS Alternate Data Streams (CVE-2019-1352)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, acknowledgments, and other related information, refer to\nthe CVE page(s) listed in the References section.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2019-December/009484.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected git packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-1352\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:git\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:git-all\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:git-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:git-core-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:git-daemon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:git-email\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:git-gui\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:git-instaweb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:git-subtree\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:git-svn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gitk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gitweb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:perl-Git\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:perl-Git-SVN\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:8\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/12/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/12/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/12/23\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 8\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\nif (\"x86_64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"git-2.18.2-1.el8_1\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"git-all-2.18.2-1.el8_1\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"git-core-2.18.2-1.el8_1\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"git-core-doc-2.18.2-1.el8_1\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"git-daemon-2.18.2-1.el8_1\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"git-email-2.18.2-1.el8_1\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"git-gui-2.18.2-1.el8_1\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"git-instaweb-2.18.2-1.el8_1\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"git-subtree-2.18.2-1.el8_1\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"git-svn-2.18.2-1.el8_1\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"gitk-2.18.2-1.el8_1\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"gitweb-2.18.2-1.el8_1\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"perl-Git-2.18.2-1.el8_1\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"perl-Git-SVN-2.18.2-1.el8_1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"git / git-all / git-core / git-core-doc / git-daemon / git-email / etc\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-02-19T13:13:22", "description": "An update for git is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nGit is a distributed revision control system with a decentralized architecture. As opposed to centralized version control systems with a client-server model, Git ensures that each working copy of a Git repository is an exact copy with complete revision history. This not only allows the user to work on and contribute to projects without the need to have permission to push the changes to their official repositories, but also makes it possible for the user to work with no network connection.\n\nThe following packages have been upgraded to a later upstream version:\ngit (2.18.2). (BZ#1784058)\n\nSecurity Fix(es) :\n\n* git: Remote code execution in recursive clones with nested submodules (CVE-2019-1387)\n\n* git: Arbitrary path overwriting via export-marks in-stream command feature (CVE-2019-1348)\n\n* git: Recursive submodule cloning allows using git directory twice with synonymous directory name written in .git/ (CVE-2019-1349)\n\n* git: Files inside the .git directory may be overwritten during cloning via NTFS Alternate Data Streams (CVE-2019-1352)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2019-12-20T00:00:00", "type": "nessus", "title": "RHEL 8 : git (RHSA-2019:4356)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1348", "CVE-2019-1349", "CVE-2019-1352", "CVE-2019-1387"], "modified": "2020-01-30T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:git", "p-cpe:/a:redhat:enterprise_linux:git-all", "p-cpe:/a:redhat:enterprise_linux:git-core", "p-cpe:/a:redhat:enterprise_linux:git-core-debuginfo", "p-cpe:/a:redhat:enterprise_linux:git-core-doc", "p-cpe:/a:redhat:enterprise_linux:git-daemon", "p-cpe:/a:redhat:enterprise_linux:git-daemon-debuginfo", "p-cpe:/a:redhat:enterprise_linux:git-debuginfo", "p-cpe:/a:redhat:enterprise_linux:git-debugsource", "p-cpe:/a:redhat:enterprise_linux:git-email", "p-cpe:/a:redhat:enterprise_linux:git-gui", "p-cpe:/a:redhat:enterprise_linux:git-instaweb", "p-cpe:/a:redhat:enterprise_linux:git-subtree", "p-cpe:/a:redhat:enterprise_linux:git-svn", "p-cpe:/a:redhat:enterprise_linux:git-svn-debuginfo", "p-cpe:/a:redhat:enterprise_linux:gitk", "p-cpe:/a:redhat:enterprise_linux:gitweb", "p-cpe:/a:redhat:enterprise_linux:perl-Git", "p-cpe:/a:redhat:enterprise_linux:perl-Git-SVN", "cpe:/o:redhat:enterprise_linux:8", "cpe:/o:redhat:enterprise_linux:8.1"], "id": "REDHAT-RHSA-2019-4356.NASL", "href": "https://www.tenable.com/plugins/nessus/132331", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2019:4356. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(132331);\n script_version(\"1.4\");\n script_cvs_date(\"Date: 2020/01/30\");\n\n script_cve_id(\"CVE-2019-1348\", \"CVE-2019-1349\", \"CVE-2019-1352\", \"CVE-2019-1387\");\n script_xref(name:\"RHSA\", value:\"2019:4356\");\n\n script_name(english:\"RHEL 8 : git (RHSA-2019:4356)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An update for git is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nGit is a distributed revision control system with a decentralized\narchitecture. As opposed to centralized version control systems with a\nclient-server model, Git ensures that each working copy of a Git\nrepository is an exact copy with complete revision history. This not\nonly allows the user to work on and contribute to projects without the\nneed to have permission to push the changes to their official\nrepositories, but also makes it possible for the user to work with no\nnetwork connection.\n\nThe following packages have been upgraded to a later upstream version:\ngit (2.18.2). (BZ#1784058)\n\nSecurity Fix(es) :\n\n* git: Remote code execution in recursive clones with nested\nsubmodules (CVE-2019-1387)\n\n* git: Arbitrary path overwriting via export-marks in-stream command\nfeature (CVE-2019-1348)\n\n* git: Recursive submodule cloning allows using git directory twice\nwith synonymous directory name written in .git/ (CVE-2019-1349)\n\n* git: Files inside the .git directory may be overwritten during\ncloning via NTFS Alternate Data Streams (CVE-2019-1352)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, acknowledgments, and other related information, refer to\nthe CVE page(s) listed in the References section.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2019:4356\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2019-1348\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2019-1349\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2019-1352\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2019-1387\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-1352\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:git\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:git-all\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:git-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:git-core-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:git-core-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:git-daemon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:git-daemon-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:git-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:git-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:git-email\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:git-gui\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:git-instaweb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:git-subtree\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:git-svn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:git-svn-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:gitk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:gitweb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:perl-Git\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:perl-Git-SVN\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:8.1\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/12/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/12/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/12/20\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 8.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2019:4356\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL8\", cpu:\"s390x\", reference:\"git-2.18.2-1.el8_1\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"git-2.18.2-1.el8_1\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", reference:\"git-all-2.18.2-1.el8_1\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"s390x\", reference:\"git-core-2.18.2-1.el8_1\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"git-core-2.18.2-1.el8_1\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"s390x\", reference:\"git-core-debuginfo-2.18.2-1.el8_1\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"git-core-debuginfo-2.18.2-1.el8_1\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", reference:\"git-core-doc-2.18.2-1.el8_1\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"s390x\", reference:\"git-daemon-2.18.2-1.el8_1\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"git-daemon-2.18.2-1.el8_1\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"s390x\", reference:\"git-daemon-debuginfo-2.18.2-1.el8_1\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"git-daemon-debuginfo-2.18.2-1.el8_1\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"s390x\", reference:\"git-debuginfo-2.18.2-1.el8_1\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"git-debuginfo-2.18.2-1.el8_1\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"s390x\", reference:\"git-debugsource-2.18.2-1.el8_1\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"git-debugsource-2.18.2-1.el8_1\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", reference:\"git-email-2.18.2-1.el8_1\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", reference:\"git-gui-2.18.2-1.el8_1\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"s390x\", reference:\"git-instaweb-2.18.2-1.el8_1\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"git-instaweb-2.18.2-1.el8_1\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"s390x\", reference:\"git-subtree-2.18.2-1.el8_1\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"git-subtree-2.18.2-1.el8_1\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"s390x\", reference:\"git-svn-2.18.2-1.el8_1\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"git-svn-2.18.2-1.el8_1\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"s390x\", reference:\"git-svn-debuginfo-2.18.2-1.el8_1\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"git-svn-debuginfo-2.18.2-1.el8_1\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", reference:\"gitk-2.18.2-1.el8_1\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", reference:\"gitweb-2.18.2-1.el8_1\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", reference:\"perl-Git-2.18.2-1.el8_1\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", reference:\"perl-Git-SVN-2.18.2-1.el8_1\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"git / git-all / git-core / git-core-debuginfo / git-core-doc / etc\");\n }\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-01-29T13:14:55", "description": "The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2019:4356 advisory.\n\n - git: Arbitrary path overwriting via export-marks in-stream command feature (CVE-2019-1348)\n\n - git: Recursive submodule cloning allows using git directory twice with synonymous directory name written in .git/ (CVE-2019-1349)\n\n - git: Files inside the .git directory may be overwritten during cloning via NTFS Alternate Data Streams (CVE-2019-1352)\n\n - git: Remote code execution in recursive clones with nested submodules (CVE-2019-1387)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2021-01-29T00:00:00", "type": "nessus", "title": "CentOS 8 : git (CESA-2019:4356)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1348", "CVE-2019-1349", "CVE-2019-1352", "CVE-2019-1387"], "modified": "2021-03-23T00:00:00", "cpe": ["cpe:/o:centos:centos:8", "p-cpe:/a:centos:centos:git", "p-cpe:/a:centos:centos:git-all", "p-cpe:/a:centos:centos:git-core", "p-cpe:/a:centos:centos:git-core-doc", "p-cpe:/a:centos:centos:git-daemon", "p-cpe:/a:centos:centos:git-email", "p-cpe:/a:centos:centos:git-gui", "p-cpe:/a:centos:centos:git-instaweb", "p-cpe:/a:centos:centos:git-subtree", "p-cpe:/a:centos:centos:git-svn", "p-cpe:/a:centos:centos:gitk", "p-cpe:/a:centos:centos:gitweb", "p-cpe:/a:centos:centos:perl-Git", "p-cpe:/a:centos:centos:perl-Git-SVN"], "id": "CENTOS8_RHSA-2019-4356.NASL", "href": "https://www.tenable.com/plugins/nessus/145577", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from\n# Red Hat Security Advisory RHSA-2019:4356. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(145577);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/03/23\");\n\n script_cve_id(\n \"CVE-2019-1348\",\n \"CVE-2019-1349\",\n \"CVE-2019-1352\",\n \"CVE-2019-1387\"\n );\n script_xref(name:\"RHSA\", value:\"2019:4356\");\n\n script_name(english:\"CentOS 8 : git (CESA-2019:4356)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote CentOS host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the\nCESA-2019:4356 advisory.\n\n - git: Arbitrary path overwriting via export-marks in-stream command feature (CVE-2019-1348)\n\n - git: Recursive submodule cloning allows using git directory twice with synonymous directory name written\n in .git/ (CVE-2019-1349)\n\n - git: Files inside the .git directory may be overwritten during cloning via NTFS Alternate Data Streams\n (CVE-2019-1352)\n\n - git: Remote code execution in recursive clones with nested submodules (CVE-2019-1387)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2019:4356\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-1352\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/12/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/12/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/01/29\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:git\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:git-all\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:git-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:git-core-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:git-daemon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:git-email\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:git-gui\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:git-instaweb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:git-subtree\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:git-svn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:gitk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:gitweb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:perl-Git\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:perl-Git-SVN\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CentOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item('Host/CentOS/release');\nif (isnull(release) || 'CentOS' >!< release) audit(AUDIT_OS_NOT, 'CentOS');\nos_ver = pregmatch(pattern: \"CentOS(?: Stream)?(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'CentOS');\nos_ver = os_ver[1];\nif ('CentOS Stream' >< release) audit(AUDIT_OS_NOT, 'CentOS 8.x', 'CentOS Stream ' + os_ver);\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '8')) audit(AUDIT_OS_NOT, 'CentOS 8.x', 'CentOS ' + os_ver);\n\nif (!get_kb_item('Host/CentOS/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'CentOS', cpu);\n\npkgs = [\n {'reference':'git-2.18.2-1.el8_1', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'git-2.18.2-1.el8_1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'git-all-2.18.2-1.el8_1', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'git-all-2.18.2-1.el8_1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'git-core-2.18.2-1.el8_1', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'git-core-2.18.2-1.el8_1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'git-core-doc-2.18.2-1.el8_1', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'git-core-doc-2.18.2-1.el8_1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'git-daemon-2.18.2-1.el8_1', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'git-daemon-2.18.2-1.el8_1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'git-email-2.18.2-1.el8_1', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'git-email-2.18.2-1.el8_1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'git-gui-2.18.2-1.el8_1', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'git-gui-2.18.2-1.el8_1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'git-instaweb-2.18.2-1.el8_1', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'git-instaweb-2.18.2-1.el8_1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'git-subtree-2.18.2-1.el8_1', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'git-subtree-2.18.2-1.el8_1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'git-svn-2.18.2-1.el8_1', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'git-svn-2.18.2-1.el8_1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gitk-2.18.2-1.el8_1', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gitk-2.18.2-1.el8_1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gitweb-2.18.2-1.el8_1', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gitweb-2.18.2-1.el8_1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perl-Git-2.18.2-1.el8_1', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perl-Git-2.18.2-1.el8_1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perl-Git-SVN-2.18.2-1.el8_1', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perl-Git-SVN-2.18.2-1.el8_1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n];\n\nflag = 0;\nforeach package_array ( pkgs ) {\n reference = NULL;\n release = NULL;\n sp = NULL;\n cpu = NULL;\n el_string = NULL;\n rpm_spec_vers_cmp = NULL;\n epoch = NULL;\n allowmaj = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'CentOS-' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (reference && release) {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'git / git-all / git-core / git-core-doc / git-daemon / git-email / etc');\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-05-17T14:16:36", "description": "This update for git fixes the following issues :\n\nSecurity issues fixed :\n\n - CVE-2020-11008: Specially crafted URLs may have tricked the credentials helper to providing credential information that is not appropriate for the protocol in use and host being contacted (bsc#1169936)\n\ngit was updated to 2.26.1 (bsc#1169786, jsc#ECO-1628, bsc#1149792)\n\n - Fix git-daemon not starting after conversion from sysvinit to systemd service (bsc#1169605).\n\n - CVE-2020-5260: Specially crafted URLs with newline characters could have been used to make the Git client to send credential information for a wrong host to the attacker's site bsc#1168930\n\ngit 2.26.0 (bsc#1167890, jsc#SLE-11608) :\n\n - 'git rebase' now uses a different backend that is based on the 'merge' machinery by default. The 'rebase.backend' configuration variable reverts to old behaviour when set to 'apply'\n\n - Improved handling of sparse checkouts\n\n - Improvements to many commands and internal features\n\ngit 2.25.2 :\n\n - bug fixes to various subcommands in specific operations\n\ngit 2.25.1 :\n\n - 'git commit' now honors advise.statusHints\n\n - various updates, bug fixes and documentation updates\n\ngit 2.25.0\n\n - The branch description ('git branch --edit-description') has been used to fill the body of the cover letters by the format-patch command; this has been enhanced so that the subject can also be filled.\n\n - A few commands learned to take the pathspec from the standard input or a named file, instead of taking it as the command line arguments, with the '--pathspec-from-file' option.\n\n - Test updates to prepare for SHA-2 transition continues.\n\n - Redo 'git name-rev' to avoid recursive calls.\n\n - When all files from some subdirectory were renamed to the root directory, the directory rename heuristics would fail to detect that as a rename/merge of the subdirectory to the root directory, which has been corrected.\n\n - HTTP transport had possible allocator/deallocator mismatch, which has been corrected.\n\ngit 2.24.1 :\n\n - CVE-2019-1348: The --export-marks option of fast-import is exposed also via the in-stream command feature export-marks=... and it allows overwriting arbitrary paths (bsc#1158785)\n\n - CVE-2019-1349: on Windows, when submodules are cloned recursively, under certain circumstances Git could be fooled into using the same Git directory twice (bsc#1158787)\n\n - CVE-2019-1350: Incorrect quoting of command-line arguments allowed remote code execution during a recursive clone in conjunction with SSH URLs (bsc#1158788)\n\n - CVE-2019-1351: on Windows mistakes drive letters outside of the US-English alphabet as relative paths (bsc#1158789)\n\n - CVE-2019-1352: on Windows was unaware of NTFS Alternate Data Streams (bsc#1158790)\n\n - CVE-2019-1353: when run in the Windows Subsystem for Linux while accessing a working directory on a regular Windows drive, none of the NTFS protections were active (bsc#1158791)\n\n - CVE-2019-1354: on Windows refuses to write tracked files with filenames that contain backslashes (bsc#1158792)\n\n - CVE-2019-1387: Recursive clones vulnerability that is caused by too-lax validation of submodule names, allowing very targeted attacks via remote code execution in recursive clones (bsc#1158793)\n\n - CVE-2019-19604: a recursive clone followed by a submodule update could execute code contained within the repository without the user explicitly having asked for that (bsc#1158795)\n\ngit 2.24.0\n\n - The command line parser learned '--end-of-options' notation.\n\n - A mechanism to affect the default setting for a (related) group of configuration variables is introduced.\n\n - 'git fetch' learned '--set-upstream' option to help those who first clone from their private fork they intend to push to, add the true upstream via 'git remote add' and then 'git fetch' from it.\n\n - fixes and improvements to UI, workflow and features, bash completion fixes\n\ngit 2.23.0 :\n\n - The '--base' option of 'format-patch' computed the patch-ids for prerequisite patches in an unstable way, which has been updated to compute in a way that is compatible with 'git patch-id\n\n --stable'.\n\n - The 'git log' command by default behaves as if the\n --mailmap option was given.\n\n - fixes and improvements to UI, workflow and features\n\ngit 2.22.1\n\n - A relative pathname given to 'git init --template=<path> <repo>' ought to be relative to the directory 'git init' gets invoked in, but it instead was made relative to the repository, which has been corrected.\n\n - 'git worktree add' used to fail when another worktree connected to the same repository was corrupt, which has been corrected.\n\n - 'git am -i --resolved' segfaulted after trying to see a commit as if it were a tree, which has been corrected.\n\n - 'git merge --squash' is designed to update the working tree and the index without creating the commit, and this cannot be countermanded by adding the '--commit' option;\n the command now refuses to work when both options are given.\n\n - Update to Unicode 12.1 width table.\n\n - 'git request-pull' learned to warn when the ref we ask them to pull from in the local repository and in the published repository are different.\n\n - 'git fetch' into a lazy clone forgot to fetch base objects that are necessary to complete delta in a thin packfile, which has been corrected.\n\n - The URL decoding code has been updated to avoid going past the end of the string while parsing %-<hex>-<hex> sequence.\n\n - 'git clean' silently skipped a path when it cannot lstat() it; now it gives a warning.\n\n - 'git rm' to resolve a conflicted path leaked an internal message 'needs merge' before actually removing the path, which was confusing. This has been corrected.\n\n - Many more bugfixes and code cleanups.\n\n - removal of SuSEfirewall2 service, since SuSEfirewall2 has been replaced by firewalld.\n\n - partial fix for git instaweb giving 500 error (bsc#1112230)\n\ngit 2.22.0 \n\n - The filter specification '--filter=sparse:path=<path>' used to create a lazy/partial clone has been removed.\n Using a blob that is part of the project as sparse specification is still supported with the '--filter=sparse:oid=<blob>' option\n\n - 'git checkout --no-overlay' can be used to trigger a new mode of checking out paths out of the tree-ish, that allows paths that match the pathspec that are in the current index and working tree and are not in the tree-ish.\n\n - Four new configuration variables (author,committer).(name,email) have been introduced to override user.(name,email) in more specific cases.\n\n - 'git branch' learned a new subcommand '--show-current'.\n\n - The command line completion (in contrib/) has been taught to complete more subcommand parameters.\n\n - The completion helper code now pays attention to repository-local configuration (when available), which allows --list-cmds to honour a repository specific setting of completion.commands, for example.\n\n - The list of conflicted paths shown in the editor while concluding a conflicted merge was shown above the scissors line when the clean-up mode is set to 'scissors', even though it was commented out just like the list of updated paths and other information to help the user explain the merge better.\n\n - 'git rebase' that was reimplemented in C did not set ORIG_HEAD correctly, which has been corrected.\n\n - 'git worktree add' used to do a 'find an available name with stat and then mkdir', which is race-prone. This has been fixed by using mkdir and reacting to EEXIST in a loop. \n\n - Move to DocBook 5.x. Asciidoctor 2.x no longer supports the legacy DocBook 4.5 format.\n\n - update git-web AppArmor profile for bash and tar usrMerge (bsc#1132350)\n\ngit 2.21.0\n\n - Historically, the '-m' (mainline) option can only be used for 'git cherry-pick' and 'git revert' when working with a merge commit. This version of Git no longer warns or errors out when working with a single-parent commit, as long as the argument to the '-m' option is 1 (i.e. it has only one parent, and the request is to pick or revert relative to that first parent). Scripts that relied on the behaviour may get broken with this change.\n\n - Small fixes and features for fast-export and fast-import.\n\n - The 'http.version' configuration variable can be used with recent enough versions of cURL library to force the version of HTTP used to talk when fetching and pushing.\n\n - 'git push $there $src:$dst' rejects when $dst is not a fully qualified refname and it is not clear what the end user meant.\n\n - Update 'git multimail' from the upstream.\n\n - A new date format '--date=human' that morphs its output depending on how far the time is from the current time has been introduced. '--date=auto:human' can be used to use this new format (or any existing format) when the output is going to the pager or to the terminal, and otherwise the default format.\n\n - Fix worktree creation race (bsc#1114225).\n\n - add shadow build dependency to the -daemon subpackage.\n\ngit 2.20.1 :\n\n - portability fixes\n\n - 'git help -a' did not work well when an overly long alias was defined\n\n - no longer squelched an error message when the run_command API failed to run a missing command\n\ngit 2.20.0\n\n - 'git help -a' now gives verbose output (same as 'git help -av'). Those who want the old output may say 'git help --no-verbose -a'..\n\n - 'git send-email' learned to grab address-looking string on any trailer whose name ends with '-by'.\n\n - 'git format-patch' learned new '--interdiff' and '--range-diff' options to explain the difference between this version and the previous attempt in the cover letter (or after the three-dashes as a comment).\n\n - Developer builds now use -Wunused-function compilation option.\n\n - Fix a bug in which the same path could be registered under multiple worktree entries if the path was missing (for instance, was removed manually). Also, as a convenience, expand the number of cases in which --force is applicable.\n\n - The overly large Documentation/config.txt file have been split into million little pieces. This potentially allows each individual piece to be included into the manual page of the command it affects more easily.\n\n - Malformed or crafted data in packstream can make our code attempt to read or write past the allocated buffer and abort, instead of reporting an error, which has been fixed.\n\n - Fix for a long-standing bug that leaves the index file corrupt when it shrinks during a partial commit.\n\n - 'git merge' and 'git pull' that merges into an unborn branch used to completely ignore '--verify-signatures', which has been corrected.\n\n - ...and much more features and fixes\n\ngit 2.19.2 :\n\n - various bug fixes for multiple subcommands and operations\n\ngit 2.19.1 :\n\n - CVE-2018-17456: Specially crafted .gitmodules files may have allowed arbitrary code execution when the repository is cloned with --recurse-submodules (bsc#1110949)\n\ngit 2.19.0 :\n\n - 'git diff' compares the index and the working tree. For paths added with intent-to-add bit, the command shows the full contents of them as added, but the paths themselves were not marked as new files. They are now shown as new by default.\n\n - 'git apply' learned the '--intent-to-add' option so that an otherwise working-tree-only application of a patch will add new paths to the index marked with the 'intent-to-add' bit.\n\n - 'git grep' learned the '--column' option that gives not just the line number but the column number of the hit.\n\n - The '-l' option in 'git branch -l' is an unfortunate short-hand for '--create-reflog', but many users, both old and new, somehow expect it to be something else, perhaps '--list'. This step warns when '-l' is used as a short-hand for '--create-reflog' and warns about the future repurposing of the it when it is used.\n\n - The userdiff pattern for .php has been updated.\n\n - The content-transfer-encoding of the message 'git send-email' sends out by default was 8bit, which can cause trouble when there is an overlong line to bust RFC 5322/2822 limit. A new option 'auto' to automatically switch to quoted-printable when there is such a line in the payload has been introduced and is made the default.\n\n - 'git checkout' and 'git worktree add' learned to honor checkout.defaultRemote when auto-vivifying a local branch out of a remote tracking branch in a repository with multiple remotes that have tracking branches that share the same names. (merge 8d7b558bae ab/checkout-default-remote later to maint).\n\n - 'git grep' learned the '--only-matching' option.\n\n - 'git rebase --rebase-merges' mode now handles octopus merges as well.\n\n - Add a server-side knob to skip commits in exponential/fibbonacci stride in an attempt to cover wider swath of history with a smaller number of iterations, potentially accepting a larger packfile transfer, instead of going back one commit a time during common ancestor discovery during the 'git fetch' transaction. (merge 42cc7485a2 jt/fetch-negotiator-skipping later to maint).\n\n - A new configuration variable core.usereplacerefs has been added, primarily to help server installations that want to ignore the replace mechanism altogether.\n\n - Teach 'git tag -s' etc. a few configuration variables (gpg.format that can be set to 'openpgp' or 'x509', and gpg.<format>.program that is used to specify what program to use to deal with the format) to allow x.509 certs with CMS via 'gpgsm' to be used instead of openpgp via 'gnupg'.\n\n - Many more strings are prepared for l10n.\n\n - 'git p4 submit' learns to ask its own pre-submit hook if it should continue with submitting.\n\n - The test performed at the receiving end of 'git push' to prevent bad objects from entering repository can be customized via receive.fsck.* configuration variables;\n we now have gained a counterpart to do the same on the 'git fetch' side, with fetch.fsck.* configuration variables.\n\n - 'git pull --rebase=interactive' learned 'i' as a short-hand for 'interactive'.\n\n - 'git instaweb' has been adjusted to run better with newer Apache on RedHat based distros.\n\n - 'git range-diff' is a reimplementation of 'git tbdiff' that lets us compare individual patches in two iterations of a topic.\n\n - The sideband code learned to optionally paint selected keywords at the beginning of incoming lines on the receiving end.\n\n - 'git branch --list' learned to take the default sort order from the 'branch.sort' configuration variable, just like 'git tag --list' pays attention to 'tag.sort'.\n\n - 'git worktree' command learned '--quiet' option to make it less verbose.\n\ngit 2.18.0 :\n\n - improvements to rename detection logic\n\n - When built with more recent cURL, GIT_SSL_VERSION can now specify 'tlsv1.3' as its value.\n\n - 'git mergetools' learned talking to guiffy.\n\n - various other workflow improvements and fixes\n\n - performance improvements and other developer visible fixes\n\ngit 2.17.1\n\n - Submodule 'names' come from the untrusted .gitmodules file, but we blindly append them to $GIT_DIR/modules to create our on-disk repo paths. This means you can do bad things by putting '../' into the name. We now enforce some rules for submodule names which will cause Git to ignore these malicious names (CVE-2018-11235, bsc#1095219)\n\n - It was possible to trick the code that sanity-checks paths on NTFS into reading random piece of memory (CVE-2018-11233, bsc#1095218)\n\n - Support on the server side to reject pushes to repositories that attempt to create such problematic .gitmodules file etc. as tracked contents, to help hosting sites protect their customers by preventing malicious contents from spreading.\n\ngit 2.17.0 :\n\n - 'diff' family of commands learned '--find-object=<object-id>' option to limit the findings to changes that involve the named object.\n\n - 'git format-patch' learned to give 72-cols to diffstat, which is consistent with other line length limits the subcommand uses for its output meant for e-mails.\n\n - The log from 'git daemon' can be redirected with a new option; one relevant use case is to send the log to standard error (instead of syslog) when running it from inetd.\n\n - 'git rebase' learned to take '--allow-empty-message' option.\n\n - 'git am' has learned the '--quit' option, in addition to the existing '--abort' option; having the pair mirrors a few other commands like 'rebase' and 'cherry-pick'.\n\n - 'git worktree add' learned to run the post-checkout hook, just like 'git clone' runs it upon the initial checkout.\n\n - 'git tag' learned an explicit '--edit' option that allows the message given via '-m' and '-F' to be further edited.\n\n - 'git fetch --prune-tags' may be used as a handy short-hand for getting rid of stale tags that are locally held.\n\n - The new '--show-current-patch' option gives an end-user facing way to get the diff being applied when 'git rebase' (and 'git am') stops with a conflict.\n\n - 'git add -p' used to offer '/' (look for a matching hunk) as a choice, even there was only one hunk, which has been corrected. Also the single-key help is now given only for keys that are enabled (e.g. help for '/' won't be shown when there is only one hunk).\n\n - Since Git 1.7.9, 'git merge' defaulted to --no-ff (i.e.\n even when the side branch being merged is a descendant of the current commit, create a merge commit instead of fast-forwarding) when merging a tag object. This was appropriate default for integrators who pull signed tags from their downstream contributors, but caused an unnecessary merges when used by downstream contributors who habitually 'catch up' their topic branches with tagged releases from the upstream. Update 'git merge' to default to --no-ff only when merging a tag object that does *not* sit at its usual place in refs/tags/ hierarchy, and allow fast-forwarding otherwise, to mitigate the problem.\n\n - 'git status' can spend a lot of cycles to compute the relation between the current branch and its upstream, which can now be disabled with '--no-ahead-behind' option.\n\n - 'git diff' and friends learned funcname patterns for Go language source files.\n\n - 'git send-email' learned '--reply-to=<address>' option.\n\n - Funcname pattern used for C# now recognizes 'async' keyword.\n\n - In a way similar to how 'git tag' learned to honor the pager setting only in the list mode, 'git config' learned to ignore the pager setting when it is used for setting values (i.e. when the purpose of the operation is not to 'show').\n\nThis update was imported from the SUSE:SLE-15:Update update project.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2020-05-04T00:00:00", "type": "nessus", "title": "openSUSE Security Update : git (openSUSE-2020-598)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-15298", "CVE-2018-11233", "CVE-2018-11235", "CVE-2018-17456", "CVE-2019-1348", "CVE-2019-1349", "CVE-2019-1350", "CVE-2019-1351", "CVE-2019-1352", "CVE-2019-1353", "CVE-2019-1354", "CVE-2019-1387", "CVE-2019-19604", "CVE-2020-11008", "CVE-2020-5260"], "modified": "2022-05-16T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:git", "p-cpe:/a:novell:opensuse:git-arch", "p-cpe:/a:novell:opensuse:git-core", "p-cpe:/a:novell:opensuse:git-core-debuginfo", "p-cpe:/a:novell:opensuse:git-credential-gnome-keyring", "p-cpe:/a:novell:opensuse:git-credential-gnome-keyring-debuginfo", "p-cpe:/a:novell:opensuse:git-credential-libsecret", "p-cpe:/a:novell:opensuse:git-credential-libsecret-debuginfo", "p-cpe:/a:novell:opensuse:git-cvs", "p-cpe:/a:novell:opensuse:git-daemon", "p-cpe:/a:novell:opensuse:git-daemon-debuginfo", "p-cpe:/a:novell:opensuse:git-debuginfo", "p-cpe:/a:novell:opensuse:git-debugsource", "p-cpe:/a:novell:opensuse:git-email", "p-cpe:/a:novell:opensuse:git-gui", "p-cpe:/a:novell:opensuse:git-p4", "p-cpe:/a:novell:opensuse:git-svn", "p-cpe:/a:novell:opensuse:git-svn-debuginfo", "p-cpe:/a:novell:opensuse:git-web", "p-cpe:/a:novell:opensuse:gitk", "cpe:/o:novell:opensuse:15.1"], "id": "OPENSUSE-2020-598.NASL", "href": "https://www.tenable.com/plugins/nessus/136311", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2020-598.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(136311);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/16\");\n\n script_cve_id(\"CVE-2017-15298\", \"CVE-2018-11233\", \"CVE-2018-11235\", \"CVE-2018-17456\", \"CVE-2019-1348\", \"CVE-2019-1349\", \"CVE-2019-1350\", \"CVE-2019-1351\", \"CVE-2019-1352\", \"CVE-2019-1353\", \"CVE-2019-1354\", \"CVE-2019-1387\", \"CVE-2019-19604\", \"CVE-2020-11008\", \"CVE-2020-5260\");\n\n script_name(english:\"openSUSE Security Update : git (openSUSE-2020-598)\");\n script_summary(english:\"Check for the openSUSE-2020-598 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for git fixes the following issues :\n\nSecurity issues fixed :\n\n - CVE-2020-11008: Specially crafted URLs may have tricked\n the credentials helper to providing credential\n information that is not appropriate for the protocol in\n use and host being contacted (bsc#1169936)\n\ngit was updated to 2.26.1 (bsc#1169786, jsc#ECO-1628, bsc#1149792)\n\n - Fix git-daemon not starting after conversion from\n sysvinit to systemd service (bsc#1169605).\n\n - CVE-2020-5260: Specially crafted URLs with newline\n characters could have been used to make the Git client\n to send credential information for a wrong host to the\n attacker's site bsc#1168930\n\ngit 2.26.0 (bsc#1167890, jsc#SLE-11608) :\n\n - 'git rebase' now uses a different backend that is based\n on the 'merge' machinery by default. The\n 'rebase.backend' configuration variable reverts to old\n behaviour when set to 'apply'\n\n - Improved handling of sparse checkouts\n\n - Improvements to many commands and internal features\n\ngit 2.25.2 :\n\n - bug fixes to various subcommands in specific operations\n\ngit 2.25.1 :\n\n - 'git commit' now honors advise.statusHints\n\n - various updates, bug fixes and documentation updates\n\ngit 2.25.0\n\n - The branch description ('git branch --edit-description')\n has been used to fill the body of the cover letters by\n the format-patch command; this has been enhanced so that\n the subject can also be filled.\n\n - A few commands learned to take the pathspec from the\n standard input or a named file, instead of taking it as\n the command line arguments, with the\n '--pathspec-from-file' option.\n\n - Test updates to prepare for SHA-2 transition continues.\n\n - Redo 'git name-rev' to avoid recursive calls.\n\n - When all files from some subdirectory were renamed to\n the root directory, the directory rename heuristics\n would fail to detect that as a rename/merge of the\n subdirectory to the root directory, which has been\n corrected.\n\n - HTTP transport had possible allocator/deallocator\n mismatch, which has been corrected.\n\ngit 2.24.1 :\n\n - CVE-2019-1348: The --export-marks option of fast-import\n is exposed also via the in-stream command feature\n export-marks=... and it allows overwriting arbitrary\n paths (bsc#1158785)\n\n - CVE-2019-1349: on Windows, when submodules are cloned\n recursively, under certain circumstances Git could be\n fooled into using the same Git directory twice\n (bsc#1158787)\n\n - CVE-2019-1350: Incorrect quoting of command-line\n arguments allowed remote code execution during a\n recursive clone in conjunction with SSH URLs\n (bsc#1158788)\n\n - CVE-2019-1351: on Windows mistakes drive letters outside\n of the US-English alphabet as relative paths\n (bsc#1158789)\n\n - CVE-2019-1352: on Windows was unaware of NTFS Alternate\n Data Streams (bsc#1158790)\n\n - CVE-2019-1353: when run in the Windows Subsystem for\n Linux while accessing a working directory on a regular\n Windows drive, none of the NTFS protections were active\n (bsc#1158791)\n\n - CVE-2019-1354: on Windows refuses to write tracked files\n with filenames that contain backslashes (bsc#1158792)\n\n - CVE-2019-1387: Recursive clones vulnerability that is\n caused by too-lax validation of submodule names,\n allowing very targeted attacks via remote code execution\n in recursive clones (bsc#1158793)\n\n - CVE-2019-19604: a recursive clone followed by a\n submodule update could execute code contained within the\n repository without the user explicitly having asked for\n that (bsc#1158795)\n\ngit 2.24.0\n\n - The command line parser learned '--end-of-options'\n notation.\n\n - A mechanism to affect the default setting for a\n (related) group of configuration variables is\n introduced.\n\n - 'git fetch' learned '--set-upstream' option to help\n those who first clone from their private fork they\n intend to push to, add the true upstream via 'git remote\n add' and then 'git fetch' from it.\n\n - fixes and improvements to UI, workflow and features,\n bash completion fixes\n\ngit 2.23.0 :\n\n - The '--base' option of 'format-patch' computed the\n patch-ids for prerequisite patches in an unstable way,\n which has been updated to compute in a way that is\n compatible with 'git patch-id\n\n --stable'.\n\n - The 'git log' command by default behaves as if the\n --mailmap option was given.\n\n - fixes and improvements to UI, workflow and features\n\ngit 2.22.1\n\n - A relative pathname given to 'git init --template=<path>\n <repo>' ought to be relative to the directory 'git init'\n gets invoked in, but it instead was made relative to the\n repository, which has been corrected.\n\n - 'git worktree add' used to fail when another worktree\n connected to the same repository was corrupt, which has\n been corrected.\n\n - 'git am -i --resolved' segfaulted after trying to see a\n commit as if it were a tree, which has been corrected.\n\n - 'git merge --squash' is designed to update the working\n tree and the index without creating the commit, and this\n cannot be countermanded by adding the '--commit' option;\n the command now refuses to work when both options are\n given.\n\n - Update to Unicode 12.1 width table.\n\n - 'git request-pull' learned to warn when the ref we ask\n them to pull from in the local repository and in the\n published repository are different.\n\n - 'git fetch' into a lazy clone forgot to fetch base\n objects that are necessary to complete delta in a thin\n packfile, which has been corrected.\n\n - The URL decoding code has been updated to avoid going\n past the end of the string while parsing %-<hex>-<hex>\n sequence.\n\n - 'git clean' silently skipped a path when it cannot\n lstat() it; now it gives a warning.\n\n - 'git rm' to resolve a conflicted path leaked an internal\n message 'needs merge' before actually removing the path,\n which was confusing. This has been corrected.\n\n - Many more bugfixes and code cleanups.\n\n - removal of SuSEfirewall2 service, since SuSEfirewall2\n has been replaced by firewalld.\n\n - partial fix for git instaweb giving 500 error\n (bsc#1112230)\n\ngit 2.22.0 \n\n - The filter specification '--filter=sparse:path=<path>'\n used to create a lazy/partial clone has been removed.\n Using a blob that is part of the project as sparse\n specification is still supported with the\n '--filter=sparse:oid=<blob>' option\n\n - 'git checkout --no-overlay' can be used to trigger a new\n mode of checking out paths out of the tree-ish, that\n allows paths that match the pathspec that are in the\n current index and working tree and are not in the\n tree-ish.\n\n - Four new configuration variables\n (author,committer).(name,email) have been introduced to\n override user.(name,email) in more specific cases.\n\n - 'git branch' learned a new subcommand '--show-current'.\n\n - The command line completion (in contrib/) has been\n taught to complete more subcommand parameters.\n\n - The completion helper code now pays attention to\n repository-local configuration (when available), which\n allows --list-cmds to honour a repository specific\n setting of completion.commands, for example.\n\n - The list of conflicted paths shown in the editor while\n concluding a conflicted merge was shown above the\n scissors line when the clean-up mode is set to\n 'scissors', even though it was commented out just like\n the list of updated paths and other information to help\n the user explain the merge better.\n\n - 'git rebase' that was reimplemented in C did not set\n ORIG_HEAD correctly, which has been corrected.\n\n - 'git worktree add' used to do a 'find an available name\n with stat and then mkdir', which is race-prone. This has\n been fixed by using mkdir and reacting to EEXIST in a\n loop. \n\n - Move to DocBook 5.x. Asciidoctor 2.x no longer supports\n the legacy DocBook 4.5 format.\n\n - update git-web AppArmor profile for bash and tar\n usrMerge (bsc#1132350)\n\ngit 2.21.0\n\n - Historically, the '-m' (mainline) option can only be\n used for 'git cherry-pick' and 'git revert' when working\n with a merge commit. This version of Git no longer warns\n or errors out when working with a single-parent commit,\n as long as the argument to the '-m' option is 1 (i.e. it\n has only one parent, and the request is to pick or\n revert relative to that first parent). Scripts that\n relied on the behaviour may get broken with this change.\n\n - Small fixes and features for fast-export and\n fast-import.\n\n - The 'http.version' configuration variable can be used\n with recent enough versions of cURL library to force the\n version of HTTP used to talk when fetching and pushing.\n\n - 'git push $there $src:$dst' rejects when $dst is not a\n fully qualified refname and it is not clear what the end\n user meant.\n\n - Update 'git multimail' from the upstream.\n\n - A new date format '--date=human' that morphs its output\n depending on how far the time is from the current time\n has been introduced. '--date=auto:human' can be used to\n use this new format (or any existing format) when the\n output is going to the pager or to the terminal, and\n otherwise the default format.\n\n - Fix worktree creation race (bsc#1114225).\n\n - add shadow build dependency to the -daemon subpackage.\n\ngit 2.20.1 :\n\n - portability fixes\n\n - 'git help -a' did not work well when an overly long\n alias was defined\n\n - no longer squelched an error message when the\n run_command API failed to run a missing command\n\ngit 2.20.0\n\n - 'git help -a' now gives verbose output (same as 'git\n help -av'). Those who want the old output may say 'git\n help --no-verbose -a'..\n\n - 'git send-email' learned to grab address-looking string\n on any trailer whose name ends with '-by'.\n\n - 'git format-patch' learned new '--interdiff' and\n '--range-diff' options to explain the difference between\n this version and the previous attempt in the cover\n letter (or after the three-dashes as a comment).\n\n - Developer builds now use -Wunused-function compilation\n option.\n\n - Fix a bug in which the same path could be registered\n under multiple worktree entries if the path was missing\n (for instance, was removed manually). Also, as a\n convenience, expand the number of cases in which --force\n is applicable.\n\n - The overly large Documentation/config.txt file have been\n split into million little pieces. This potentially\n allows each individual piece to be included into the\n manual page of the command it affects more easily.\n\n - Malformed or crafted data in packstream can make our\n code attempt to read or write past the allocated buffer\n and abort, instead of reporting an error, which has been\n fixed.\n\n - Fix for a long-standing bug that leaves the index file\n corrupt when it shrinks during a partial commit.\n\n - 'git merge' and 'git pull' that merges into an unborn\n branch used to completely ignore '--verify-signatures',\n which has been corrected.\n\n - ...and much more features and fixes\n\ngit 2.19.2 :\n\n - various bug fixes for multiple subcommands and\n operations\n\ngit 2.19.1 :\n\n - CVE-2018-17456: Specially crafted .gitmodules files may\n have allowed arbitrary code execution when the\n repository is cloned with --recurse-submodules\n (bsc#1110949)\n\ngit 2.19.0 :\n\n - 'git diff' compares the index and the working tree. For\n paths added with intent-to-add bit, the command shows\n the full contents of them as added, but the paths\n themselves were not marked as new files. They are now\n shown as new by default.\n\n - 'git apply' learned the '--intent-to-add' option so that\n an otherwise working-tree-only application of a patch\n will add new paths to the index marked with the\n 'intent-to-add' bit.\n\n - 'git grep' learned the '--column' option that gives not\n just the line number but the column number of the hit.\n\n - The '-l' option in 'git branch -l' is an unfortunate\n short-hand for '--create-reflog', but many users, both\n old and new, somehow expect it to be something else,\n perhaps '--list'. This step warns when '-l' is used as a\n short-hand for '--create-reflog' and warns about the\n future repurposing of the it when it is used.\n\n - The userdiff pattern for .php has been updated.\n\n - The content-transfer-encoding of the message 'git\n send-email' sends out by default was 8bit, which can\n cause trouble when there is an overlong line to bust RFC\n 5322/2822 limit. A new option 'auto' to automatically\n switch to quoted-printable when there is such a line in\n the payload has been introduced and is made the default.\n\n - 'git checkout' and 'git worktree add' learned to honor\n checkout.defaultRemote when auto-vivifying a local\n branch out of a remote tracking branch in a repository\n with multiple remotes that have tracking branches that\n share the same names. (merge 8d7b558bae\n ab/checkout-default-remote later to maint).\n\n - 'git grep' learned the '--only-matching' option.\n\n - 'git rebase --rebase-merges' mode now handles octopus\n merges as well.\n\n - Add a server-side knob to skip commits in\n exponential/fibbonacci stride in an attempt to cover\n wider swath of history with a smaller number of\n iterations, potentially accepting a larger packfile\n transfer, instead of going back one commit a time during\n common ancestor discovery during the 'git fetch'\n transaction. (merge 42cc7485a2\n jt/fetch-negotiator-skipping later to maint).\n\n - A new configuration variable core.usereplacerefs has\n been added, primarily to help server installations that\n want to ignore the replace mechanism altogether.\n\n - Teach 'git tag -s' etc. a few configuration variables\n (gpg.format that can be set to 'openpgp' or 'x509', and\n gpg.<format>.program that is used to specify what\n program to use to deal with the format) to allow x.509\n certs with CMS via 'gpgsm' to be used instead of openpgp\n via 'gnupg'.\n\n - Many more strings are prepared for l10n.\n\n - 'git p4 submit' learns to ask its own pre-submit hook if\n it should continue with submitting.\n\n - The test performed at the receiving end of 'git push' to\n prevent bad objects from entering repository can be\n customized via receive.fsck.* configuration variables;\n we now have gained a counterpart to do the same on the\n 'git fetch' side, with fetch.fsck.* configuration\n variables.\n\n - 'git pull --rebase=interactive' learned 'i' as a\n short-hand for 'interactive'.\n\n - 'git instaweb' has been adjusted to run better with\n newer Apache on RedHat based distros.\n\n - 'git range-diff' is a reimplementation of 'git tbdiff'\n that lets us compare individual patches in two\n iterations of a topic.\n\n - The sideband code learned to optionally paint selected\n keywords at the beginning of incoming lines on the\n receiving end.\n\n - 'git branch --list' learned to take the default sort\n order from the 'branch.sort' configuration variable,\n just like 'git tag --list' pays attention to 'tag.sort'.\n\n - 'git worktree' command learned '--quiet' option to make\n it less verbose.\n\ngit 2.18.0 :\n\n - improvements to rename detection logic\n\n - When built with more recent cURL, GIT_SSL_VERSION can\n now specify 'tlsv1.3' as its value.\n\n - 'git mergetools' learned talking to guiffy.\n\n - various other workflow improvements and fixes\n\n - performance improvements and other developer visible\n fixes\n\ngit 2.17.1\n\n - Submodule 'names' come from the untrusted .gitmodules\n file, but we blindly append them to $GIT_DIR/modules to\n create our on-disk repo paths. This means you can do bad\n things by putting '../' into the name. We now enforce\n some rules for submodule names which will cause Git to\n ignore these malicious names (CVE-2018-11235,\n bsc#1095219)\n\n - It was possible to trick the code that sanity-checks\n paths on NTFS into reading random piece of memory\n (CVE-2018-11233, bsc#1095218)\n\n - Support on the server side to reject pushes to\n repositories that attempt to create such problematic\n .gitmodules file etc. as tracked contents, to help\n hosting sites protect their customers by preventing\n malicious contents from spreading.\n\ngit 2.17.0 :\n\n - 'diff' family of commands learned\n '--find-object=<object-id>' option to limit the findings\n to changes that involve the named object.\n\n - 'git format-patch' learned to give 72-cols to diffstat,\n which is consistent with other line length limits the\n subcommand uses for its output meant for e-mails.\n\n - The log from 'git daemon' can be redirected with a new\n option; one relevant use case is to send the log to\n standard error (instead of syslog) when running it from\n inetd.\n\n - 'git rebase' learned to take '--allow-empty-message'\n option.\n\n - 'git am' has learned the '--quit' option, in addition to\n the existing '--abort' option; having the pair mirrors a\n few other commands like 'rebase' and 'cherry-pick'.\n\n - 'git worktree add' learned to run the post-checkout\n hook, just like 'git clone' runs it upon the initial\n checkout.\n\n - 'git tag' learned an explicit '--edit' option that\n allows the message given via '-m' and '-F' to be further\n edited.\n\n - 'git fetch --prune-tags' may be used as a handy\n short-hand for getting rid of stale tags that are\n locally held.\n\n - The new '--show-current-patch' option gives an end-user\n facing way to get the diff being applied when 'git\n rebase' (and 'git am') stops with a conflict.\n\n - 'git add -p' used to offer '/' (look for a matching\n hunk) as a choice, even there was only one hunk, which\n has been corrected. Also the single-key help is now\n given only for keys that are enabled (e.g. help for '/'\n won't be shown when there is only one hunk).\n\n - Since Git 1.7.9, 'git merge' defaulted to --no-ff (i.e.\n even when the side branch being merged is a descendant\n of the current commit, create a merge commit instead of\n fast-forwarding) when merging a tag object. This was\n appropriate default for integrators who pull signed tags\n from their downstream contributors, but caused an\n unnecessary merges when used by downstream contributors\n who habitually 'catch up' their topic branches with\n tagged releases from the upstream. Update 'git merge' to\n default to --no-ff only when merging a tag object that\n does *not* sit at its usual place in refs/tags/\n hierarchy, and allow fast-forwarding otherwise, to\n mitigate the problem.\n\n - 'git status' can spend a lot of cycles to compute the\n relation between the current branch and its upstream,\n which can now be disabled with '--no-ahead-behind'\n option.\n\n - 'git diff' and friends learned funcname patterns for Go\n language source files.\n\n - 'git send-email' learned '--reply-to=<address>' option.\n\n - Funcname pattern used for C# now recognizes 'async'\n keyword.\n\n - In a way similar to how 'git tag' learned to honor the\n pager setting only in the list mode, 'git config'\n learned to ignore the pager setting when it is used for\n setting values (i.e. when the purpose of the operation\n is not to 'show').\n\nThis update was imported from the SUSE:SLE-15:Update update project.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1063412\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1095218\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1095219\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1110949\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1112230\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1114225\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1132350\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1149792\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1156651\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1158785\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1158787\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1158788\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1158789\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1158790\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1158791\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1158792\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1158793\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1158795\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1167890\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1168930\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1169605\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1169786\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1169936\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected git packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-19604\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Malicious Git HTTP Server For CVE-2018-17456');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:git\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:git-arch\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:git-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:git-core-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:git-credential-gnome-keyring\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:git-credential-gnome-keyring-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:git-credential-libsecret\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:git-credential-libsecret-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:git-cvs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:git-daemon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:git-daemon-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:git-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:git-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:git-email\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:git-gui\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:git-p4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:git-svn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:git-svn-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:git-web\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:gitk\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.1\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/10/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/05/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/05/04\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE15\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"15.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(x86_64)$\") audit(AUDIT_ARCH_NOT, \"x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE15.1\", reference:\"git-2.26.1-lp151.4.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"git-arch-2.26.1-lp151.4.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"git-core-2.26.1-lp151.4.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"git-core-debuginfo-2.26.1-lp151.4.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"git-credential-gnome-keyring-2.26.1-lp151.4.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"git-credential-gnome-keyring-debuginfo-2.26.1-lp151.4.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"git-credential-libsecret-2.26.1-lp151.4.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"git-credential-libsecret-debuginfo-2.26.1-lp151.4.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"git-cvs-2.26.1-lp151.4.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"git-daemon-2.26.1-lp151.4.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"git-daemon-debuginfo-2.26.1-lp151.4.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"git-debuginfo-2.26.1-lp151.4.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"git-debugsource-2.26.1-lp151.4.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"git-email-2.26.1-lp151.4.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"git-gui-2.26.1-lp151.4.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"git-p4-2.26.1-lp151.4.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"git-svn-2.26.1-lp151.4.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"git-svn-debuginfo-2.26.1-lp151.4.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"git-web-2.26.1-lp151.4.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"gitk-2.26.1-lp151.4.9.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"git / git-arch / git-core / git-core-debuginfo / etc\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-05-15T13:46:17", "description": "This update for git fixes the following issues :\n\nSecurity issues fixed :\n\nCVE-2020-11008: Specially crafted URLs may have tricked the credentials helper to providing credential information that is not appropriate for the protocol in use and host being contacted (bsc#1169936)\n\ngit was updated to 2.26.1 (bsc#1169786, jsc#ECO-1628, bsc#1149792)\n\nFix git-daemon not starting after conversion from sysvinit to systemd service (bsc#1169605).\n\nCVE-2020-5260: Specially crafted URLs with newline characters could have been used to make the Git client to send credential information for a wrong host to the attacker's site bsc#1168930\n\ngit 2.26.0 (bsc#1167890, jsc#SLE-11608) :\n\n'git rebase' now uses a different backend that is based on the 'merge' machinery by default. The 'rebase.backend' configuration variable reverts to old behaviour when set to 'apply'\n\nImproved handling of sparse checkouts\n\nImprovements to many commands and internal features\n\ngit 2.25.2 :\n\nbug fixes to various subcommands in specific operations\n\ngit 2.25.1 :\n\n'git commit' now honors advise.statusHints\n\nvarious updates, bug fixes and documentation updates\n\ngit 2.25.0\n\nThe branch description ('git branch --edit-description') has been used to fill the body of the cover letters by the format-patch command;\nthis has been enhanced so that the subject can also be filled.\n\nA few commands learned to take the pathspec from the standard input or a named file, instead of taking it as the command line arguments, with the '--pathspec-from-file' option.\n\nTest updates to prepare for SHA-2 transition continues.\n\nRedo 'git name-rev' to avoid recursive calls.\n\nWhen all files from some subdirectory were renamed to the root directory, the directory rename heuristics would fail to detect that as a rename/merge of the subdirectory to the root directory, which has been corrected.\n\nHTTP transport had possible allocator/deallocator mismatch, which has been corrected.\n\ngit 2.24.1 :\n\nCVE-2019-1348: The --export-marks option of fast-import is exposed also via the in-stream command feature export-marks=... and it allows overwriting arbitrary paths (bsc#1158785)\n\nCVE-2019-1349: on Windows, when submodules are cloned recursively, under certain circumstances Git could be fooled into using the same Git directory twice (bsc#1158787)\n\nCVE-2019-1350: Incorrect quoting of command-line arguments allowed remote code execution during a recursive clone in conjunction with SSH URLs (bsc#1158788)\n\nCVE-2019-1351: on Windows mistakes drive letters outside of the US-English alphabet as relative paths (bsc#1158789)\n\nCVE-2019-1352: on Windows was unaware of NTFS Alternate Data Streams (bsc#1158790)\n\nCVE-2019-1353: when run in the Windows Subsystem for Linux while accessing a working directory on a regular Windows drive, none of the NTFS protections were active (bsc#1158791)\n\nCVE-2019-1354: on Windows refuses to write tracked files with filenames that contain backslashes (bsc#1158792)\n\nCVE-2019-1387: Recursive clones vulnerability that is caused by too-lax validation of submodule names, allowing very targeted attacks via remote code execution in recursive clones (bsc#1158793)\n\nCVE-2019-19604: a recursive clone followed by a submodule update could execute code contained within the repository without the user explicitly having asked for that (bsc#1158795)\n\ngit 2.24.0\n\nThe command line parser learned '--end-of-options' notation.\n\nA mechanism to affect the default setting for a (related) group of configuration variables is introduced.\n\n'git fetch' learned '--set-upstream' option to help those who first clone from their private fork they intend to push to, add the true upstream via 'git remote add' and then 'git fetch' from it.\n\nfixes and improvements to UI, workflow and features, bash completion fixes\n\ngit 2.23.0 :\n\nThe '--base' option of 'format-patch' computed the patch-ids for prerequisite patches in an unstable way, which has been updated to compute in a way that is compatible with 'git patch-id\n\n--stable'.\n\nThe 'git log' command by default behaves as if the --mailmap option was given.\n\nfixes and improvements to UI, workflow and features\n\ngit 2.22.1\n\nA relative pathname given to 'git init --template=<path> <repo>' ought to be relative to the directory 'git init' gets invoked in, but it instead was made relative to the repository, which has been corrected.\n</repo></path>\n\n'git worktree add' used to fail when another worktree connected to the same repository was corrupt, which has been corrected.\n\n'git am -i --resolved' segfaulted after trying to see a commit as if it were a tree, which has been corrected.\n\n'git merge --squash' is designed to update the working tree and the index without creating the commit, and this cannot be countermanded by adding the '--commit' option; the command now refuses to work when both options are given.\n\nUpdate to Unicode 12.1 width table.\n\n'git request-pull' learned to warn when the ref we ask them to pull from in the local repository and in the published repository are different.\n\n'git fetch' into a lazy clone forgot to fetch base objects that are necessary to complete delta in a thin packfile, which has been corrected.\n\nThe URL decoding code has been updated to avoid going past the end of the string while parsing %-<hex>-<hex> sequence. </hex></hex>\n\n'git clean' silently skipped a path when it cannot lstat() it; now it gives a warning.\n\n'git rm' to resolve a conflicted path leaked an internal message 'needs merge' before actually removing the path, which was confusing.\nThis has been corrected.\n\nMany more bugfixes and code cleanups.\n\nremoval of SuSEfirewall2 service, since SuSEfirewall2 has been replaced by firewalld.\n\npartial fix for git instaweb giving 500 error (bsc#1112230)\n\ngit 2.22.0\n\nThe filter specification '--filter=sparse:path=<path>' used to create a lazy/partial clone has been removed. Using a blob that is part of the project as sparse specification is still supported with the '--filter=sparse:oid=<blob>' option </blob></path>\n\n'git checkout --no-overlay' can be used to trigger a new mode of checking out paths out of the tree-ish, that allows paths that match the pathspec that are in the current index and working tree and are not in the tree-ish.\n\nFour new configuration variables {author,committer}.{name,email} have been introduced to override user.{name,email} in more specific cases.\n\n'git branch' learned a new subcommand '--show-current'.\n\nThe command line completion (in contrib/) has been taught to complete more subcommand parameters.\n\nThe completion helper code now pays attention to repository-local configuration (when available), which allows --list-cmds to honour a repository specific setting of completion.commands, for example.\n\nThe list of conflicted paths shown in the editor while concluding a conflicted merge was shown above the scissors line when the clean-up mode is set to 'scissors', even though it was commented out just like the list of updated paths and other information to help the user explain the merge better.\n\n'git rebase' that was reimplemented in C did not set ORIG_HEAD correctly, which has been corrected.\n\n'git worktree add' used to do a 'find an available name with stat and then mkdir', which is race-prone. This has been fixed by using mkdir and reacting to EEXIST in a loop.\n\nMove to DocBook 5.x. Asciidoctor 2.x no longer supports the legacy DocBook 4.5 format.\n\nupdate git-web AppArmor profile for bash and tar usrMerge (bsc#1132350)\n\ngit 2.21.0\n\nHistorically, the '-m' (mainline) option can only be used for 'git cherry-pick' and 'git revert' when working with a merge commit. This version of Git no longer warns or errors out when working with a single-parent commit, as long as the argument to the '-m' option is 1 (i.e. it has only one parent, and the request is to pick or revert relative to that first parent). Scripts that relied on the behaviour may get broken with this change.\n\nSmall fixes and features for fast-export and fast-import.\n\nThe 'http.version' configuration variable can be used with recent enough versions of cURL library to force the version of HTTP used to talk when fetching and pushing.\n\n'git push $there $src:$dst' rejects when $dst is not a fully qualified refname and it is not clear what the end user meant.\n\nUpdate 'git multimail' from the upstream.\n\nA new date format '--date=human' that morphs its output depending on how far the time is from the current time has been introduced.\n'--date=auto:human' can be used to use this new format (or any existing format) when the output is going to the pager or to the terminal, and otherwise the default format.\n\nFix worktree creation race (bsc#1114225).\n\nadd shadow build dependency to the -daemon subpackage.\n\ngit 2.20.1 :\n\nportability fixes\n\n'git help -a' did not work well when an overly long alias was defined\n\nno longer squelched an error message when the run_command API failed to run a missing command\n\ngit 2.20.0\n\n'git help -a' now gives verbose output (same as 'git help -av'). Those who want the old output may say 'git help --no-verbose -a'..\n\n'git send-email' learned to grab address-looking string on any trailer whose name ends with '-by'.\n\n'git format-patch' learned new '--interdiff' and '--range-diff' options to explain the difference between this version and the previous attempt in the cover letter (or after the three-dashes as a comment).\n\nDeveloper builds now use -Wunused-function compilation option.\n\nFix a bug in which the same path could be registered under multiple worktree entries if the path was missing (for instance, was removed manually). Also, as a convenience, expand the number of cases in which\n\n--force is applicable.\n\nThe overly large Documentation/config.txt file have been split into million little pieces. This potentially allows each individual piece to be included into the manual page of the command it affects more easily.\n\nMalformed or crafted data in packstream can make our code attempt to read or write past the allocated buffer and abort, instead of reporting an error, which has been fixed.\n\nFix for a long-standing bug that leaves the index file corrupt when it shrinks during a partial commit.\n\n'git merge' and 'git pull' that merges into an unborn branch used to completely ignore '--verify-signatures', which has been corrected.\n\n...and much more features and fixes\n\ngit 2.19.2 :\n\nvarious bug fixes for multiple subcommands and operations\n\ngit 2.19.1 :\n\nCVE-2018-17456: Specially crafted .gitmodules files may have allowed arbitrary code execution when the repository is cloned with\n\n--recurse-submodules (bsc#1110949)\n\ngit 2.19.0 :\n\n'git diff' compares the index and the working tree. For paths added with intent-to-add bit, the command shows the full contents of them as added, but the paths themselves were not marked as new files. They are now shown as new by default.\n\n'git apply' learned the '--intent-to-add' option so that an otherwise working-tree-only application of a patch will add new paths to the index marked with the 'intent-to-add' bit.\n\n'git grep' learned the '--column' option that gives not just the line number but the column number of the hit.\n\nThe '-l' option in 'git branch -l' is an unfortunate short-hand for '--create-reflog', but many users, both old and new, somehow expect it to be something else, perhaps '--list'. This step warns when '-l' is used as a short-hand for '--create-reflog' and warns about the future repurposing of the it when it is used.\n\nThe userdiff pattern for .php has been updated.\n\nThe content-transfer-encoding of the message 'git send-email' sends out by default was 8bit, which can cause trouble when there is an overlong line to bust RFC 5322/2822 limit. A new option 'auto' to automatically switch to quoted-printable when there is such a line in the payload has been introduced and is made the default.\n\n'git checkout' and 'git worktree add' learned to honor checkout.defaultRemote when auto-vivifying a local branch out of a remote tracking branch in a repository with multiple remotes that have tracking branches that share the same names. (merge 8d7b558bae ab/checkout-default-remote later to maint).\n\n'git grep' learned the '--only-matching' option.\n\n'git rebase --rebase-merges' mode now handles octopus merges as well.\n\nAdd a server-side knob to skip commits in exponential/fibbonacci stride in an attempt to cover wider swath of history with a smaller number of iterations, potentially accepting a larger packfile transfer, instead of going back one commit a time during common ancestor discovery during the 'git fetch' transaction. (merge 42cc7485a2 jt/fetch-negotiator-skipping later to maint).\n\nA new configuration variable core.usereplacerefs has been added, primarily to help server installations that want to ignore the replace mechanism altogether.\n\nTeach 'git tag -s' etc. a few configuration variables (gpg.format that can be set to 'openpgp' or 'x509', and gpg.<format>.program that is used to specify what program to use to deal with the format) to allow x.509 certs with CMS via 'gpgsm' to be used instead of openpgp via 'gnupg'. </format>\n\nMany more strings are prepared for l10n.\n\n'git p4 submit' learns to ask its own pre-submit hook if it should continue with submitting.\n\nThe test performed at the receiving end of 'git push' to prevent bad objects from entering repository can be customized via receive.fsck.* configuration variables; we now have gained a counterpart to do the same on the 'git fetch' side, with fetch.fsck.* configuration variables.\n\n'git pull --rebase=interactive' learned 'i' as a short-hand for 'interactive'.\n\n'git instaweb' has been adjusted to run better with newer Apache on RedHat based distros.\n\n'git range-diff' is a reimplementation of 'git tbdiff' that lets us compare individual patches in two iterations of a topic.\n\nThe sideband code learned to optionally paint selected keywords at the beginning of incoming lines on the receiving end.\n\n'git branch --list' learned to take the default sort order from the 'branch.sort' configuration variable, just like 'git tag --list' pays attention to 'tag.sort'.\n\n'git worktree' command learned '--quiet' option to make it less verbose.\n\ngit 2.18.0 :\n\nimprovements to rename detection logic\n\nWhen built with more recent cURL, GIT_SSL_VERSION can now specify 'tlsv1.3' as its value.\n\n'git mergetools' learned talking to guiffy.\n\nvarious other workflow improvements and fixes\n\nperformance improvements and other developer visible fixes\n\ngit 2.17.1\n\nSubmodule 'names' come from the untrusted .gitmodules file, but we blindly append them to $GIT_DIR/modules to create our on-disk repo paths. This means you can do bad things by putting '../' into the name. We now enforce some rules for submodule names which will cause Git to ignore these malicious names (CVE-2018-11235, bsc#1095219)\n\nIt was possible to trick the code that sanity-checks paths on NTFS into reading random piece of memory (CVE-2018-11233, bsc#1095218)\n\nSupport on the server side to reject pushes to repositories that attempt to create such problematic .gitmodules file etc. as tracked contents, to help hosting sites protect their customers by preventing malicious contents from spreading.\n\ngit 2.17.0 :\n\n'diff' family of commands learned '--find-object=<object-id>' option to limit the findings to changes that involve the named object.\n</object-id>\n\n'git format-patch' learned to give 72-cols to diffstat, which is consistent with other line length limits the subcommand uses for its output meant for e-mails.\n\nThe log from 'git daemon' can be redirected with a new option; one relevant use case is to send the log to standard error (instead of syslog) when running it from inetd.\n\n'git rebase' learned to take '--allow-empty-message' option.\n\n'git am' has learned the '--quit' option, in addition to the existing '--abort' option; having the pair mirrors a few other commands like 'rebase' and 'cherry-pick'.\n\n'git worktree add' learned to run the post-checkout hook, just like 'git clone' runs it upon the initial checkout.\n\n'git tag' learned an explicit '--edit' option that allows the message given via '-m' and '-F' to be further edited.\n\n'git fetch --prune-tags' may be used as a handy short-hand for getting rid of stale tags that are locally held.\n\nThe new '--show-current-patch' option gives an end-user facing way to get the diff being applied when 'git rebase' (and 'git am') stops with a conflict.\n\n'git add -p' used to offer '/' (look for a matching hunk) as a choice, even there was only one hunk, which has been corrected. Also the single-key help is now given only for keys that are enabled (e.g. help for '/' won't be shown when there is only one hunk).\n\nSince Git 1.7.9, 'git merge' defaulted to --no-ff (i.e. even when the side branch being merged is a descendant of the current commit, create a merge commit instead of fast-forwarding) when merging a tag object.\nThis was appropriate default for integrators who pull signed tags from their downstream contributors, but caused an unnecessary merges when used by downstream contributors who habitually 'catch up' their topic branches with tagged releases from the upstream. Update 'git merge' to default to --no-ff only when merging a tag object that does *not* sit at its usual place in refs/tags/ hierarchy, and allow fast-forwarding otherwise, to mitigate the problem.\n\n'git status' can spend a lot of cycles to compute the relation between the current branch and its upstream, which can now be disabled with '--no-ahead-behind' option.\n\n'git diff' and friends learned funcname patterns for Go language source files.\n\n'git send-email' learned '--reply-to=<address>' option. </address>\n\nFuncname pattern used for C# now recognizes 'async' keyword.\n\nIn a way similar to how 'git tag' learned to honor the pager setting only in the list mode, 'git config' learned to ignore the pager setting when it is used for setting values (i.e. when the purpose of the operation is not to 'show').\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2020-04-29T00:00:00", "type": "nessus", "title": "SUSE SLED15 / SLES15 Security Update : git (SUSE-SU-2020:1121-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-15298", "CVE-2018-11233", "CVE-2018-11235", "CVE-2018-17456", "CVE-2019-1348", "CVE-2019-1349", "CVE-2019-1350", "CVE-2019-1351", "CVE-2019-1352", "CVE-2019-1353", "CVE-2019-1354", "CVE-2019-1387", "CVE-2019-19604", "CVE-2020-11008", "CVE-2020-5260"], "modified": "2022-05-13T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:git", "p-cpe:/a:novell:suse_linux:git-arch", "p-cpe:/a:novell:suse_linux:git-core", "p-cpe:/a:novell:suse_linux:git-core-debuginfo", "p-cpe:/a:novell:suse_linux:git-credential-gnome-keyring", "p-cpe:/a:novell:suse_linux:git-credential-gnome-keyring-debuginfo", "p-cpe:/a:novell:suse_linux:git-credential-libsecret", "p-cpe:/a:novell:suse_linux:git-credential-libsecret-debuginfo", "p-cpe:/a:novell:suse_linux:git-cvs", "p-cpe:/a:novell:suse_linux:git-daemon", "p-cpe:/a:novell:suse_linux:git-daemon-debuginfo", "p-cpe:/a:novell:suse_linux:git-debuginfo", "p-cpe:/a:novell:suse_linux:git-debugsource", "p-cpe:/a:novell:suse_linux:git-email", "p-cpe:/a:novell:suse_linux:git-gui", "p-cpe:/a:novell:suse_linux:git-p4", "p-cpe:/a:novell:suse_linux:git-svn", "p-cpe:/a:novell:suse_linux:git-svn-debuginfo", "p-cpe:/a:novell:suse_linux:git-web", "p-cpe:/a:novell:suse_linux:gitk", "cpe:/o:novell:suse_linux:15"], "id": "SUSE_SU-2020-1121-1.NASL", "href": "https://www.tenable.com/plugins/nessus/136074", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2020:1121-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(136074);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/13\");\n\n script_cve_id(\n \"CVE-2017-15298\",\n \"CVE-2018-11233\",\n \"CVE-2018-11235\",\n \"CVE-2018-17456\",\n \"CVE-2019-1348\",\n \"CVE-2019-1349\",\n \"CVE-2019-1350\",\n \"CVE-2019-1351\",\n \"CVE-2019-1352\",\n \"CVE-2019-1353\",\n \"CVE-2019-1354\",\n \"CVE-2019-1387\",\n \"CVE-2019-19604\",\n \"CVE-2020-5260\",\n \"CVE-2020-11008\"\n );\n\n script_name(english:\"SUSE SLED15 / SLES15 Security Update : git (SUSE-SU-2020:1121-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"This update for git fixes the following issues :\n\nSecurity issues fixed :\n\nCVE-2020-11008: Specially crafted URLs may have tricked the\ncredentials helper to providing credential information that is not\nappropriate for the protocol in use and host being contacted\n(bsc#1169936)\n\ngit was updated to 2.26.1 (bsc#1169786, jsc#ECO-1628, bsc#1149792)\n\nFix git-daemon not starting after conversion from sysvinit to systemd\nservice (bsc#1169605).\n\nCVE-2020-5260: Specially crafted URLs with newline characters could\nhave been used to make the Git client to send credential information\nfor a wrong host to the attacker's site bsc#1168930\n\ngit 2.26.0 (bsc#1167890, jsc#SLE-11608) :\n\n'git rebase' now uses a different backend that is based on the 'merge'\nmachinery by default. The 'rebase.backend' configuration variable\nreverts to old behaviour when set to 'apply'\n\nImproved handling of sparse checkouts\n\nImprovements to many commands and internal features\n\ngit 2.25.2 :\n\nbug fixes to various subcommands in specific operations\n\ngit 2.25.1 :\n\n'git commit' now honors advise.statusHints\n\nvarious updates, bug fixes and documentation updates\n\ngit 2.25.0\n\nThe branch description ('git branch --edit-description') has been used\nto fill the body of the cover letters by the format-patch command;\nthis has been enhanced so that the subject can also be filled.\n\nA few commands learned to take the pathspec from the standard input or\na named file, instead of taking it as the command line arguments, with\nthe '--pathspec-from-file' option.\n\nTest updates to prepare for SHA-2 transition continues.\n\nRedo 'git name-rev' to avoid recursive calls.\n\nWhen all files from some subdirectory were renamed to the root\ndirectory, the directory rename heuristics would fail to detect that\nas a rename/merge of the subdirectory to the root directory, which has\nbeen corrected.\n\nHTTP transport had possible allocator/deallocator mismatch, which has\nbeen corrected.\n\ngit 2.24.1 :\n\nCVE-2019-1348: The --export-marks option of fast-import is exposed\nalso via the in-stream command feature export-marks=... and it allows\noverwriting arbitrary paths (bsc#1158785)\n\nCVE-2019-1349: on Windows, when submodules are cloned recursively,\nunder certain circumstances Git could be fooled into using the same\nGit directory twice (bsc#1158787)\n\nCVE-2019-1350: Incorrect quoting of command-line arguments allowed\nremote code execution during a recursive clone in conjunction with SSH\nURLs (bsc#1158788)\n\nCVE-2019-1351: on Windows mistakes drive letters outside of the\nUS-English alphabet as relative paths (bsc#1158789)\n\nCVE-2019-1352: on Windows was unaware of NTFS Alternate Data Streams\n(bsc#1158790)\n\nCVE-2019-1353: when run in the Windows Subsystem for Linux while\naccessing a working directory on a regular Windows drive, none of the\nNTFS protections were active (bsc#1158791)\n\nCVE-2019-1354: on Windows refuses to write tracked files with\nfilenames that contain backslashes (bsc#1158792)\n\nCVE-2019-1387: Recursive clones vulnerability that is caused by\ntoo-lax validation of submodule names, allowing very targeted attacks\nvia remote code execution in recursive clones (bsc#1158793)\n\nCVE-2019-19604: a recursive clone followed by a submodule update could\nexecute code contained within the repository without the user\nexplicitly having asked for that (bsc#1158795)\n\ngit 2.24.0\n\nThe command line parser learned '--end-of-options' notation.\n\nA mechanism to affect the default setting for a (related) group of\nconfiguration variables is introduced.\n\n'git fetch' learned '--set-upstream' option to help those who first\nclone from their private fork they intend to push to, add the true\nupstream via 'git remote add' and then 'git fetch' from it.\n\nfixes and improvements to UI, workflow and features, bash completion\nfixes\n\ngit 2.23.0 :\n\nThe '--base' option of 'format-patch' computed the patch-ids for\nprerequisite patches in an unstable way, which has been updated to\ncompute in a way that is compatible with 'git patch-id\n\n--stable'.\n\nThe 'git log' command by default behaves as if the --mailmap option\nwas given.\n\nfixes and improvements to UI, workflow and features\n\ngit 2.22.1\n\nA relative pathname given to 'git init --template=<path> <repo>' ought\nto be relative to the directory 'git init' gets invoked in, but it\ninstead was made relative to the repository, which has been corrected.\n</repo></path>\n\n'git worktree add' used to fail when another worktree connected to the\nsame repository was corrupt, which has been corrected.\n\n'git am -i --resolved' segfaulted after trying to see a commit as if\nit were a tree, which has been corrected.\n\n'git merge --squash' is designed to update the working tree and the\nindex without creating the commit, and this cannot be countermanded by\nadding the '--commit' option; the command now refuses to work when\nboth options are given.\n\nUpdate to Unicode 12.1 width table.\n\n'git request-pull' learned to warn when the ref we ask them to pull\nfrom in the local repository and in the published repository are\ndifferent.\n\n'git fetch' into a lazy clone forgot to fetch base objects that are\nnecessary to complete delta in a thin packfile, which has been\ncorrected.\n\nThe URL decoding code has been updated to avoid going past the end of\nthe string while parsing %-<hex>-<hex> sequence. </hex></hex>\n\n'git clean' silently skipped a path when it cannot lstat() it; now it\ngives a warning.\n\n'git rm' to resolve a conflicted path leaked an internal message\n'needs merge' before actually removing the path, which was confusing.\nThis has been corrected.\n\nMany more bugfixes and code cleanups.\n\nremoval of SuSEfirewall2 service, since SuSEfirewall2 has been\nreplaced by firewalld.\n\npartial fix for git instaweb giving 500 error (bsc#1112230)\n\ngit 2.22.0\n\nThe filter specification '--filter=sparse:path=<path>' used to create\na lazy/partial clone has been removed. Using a blob that is part of\nthe project as sparse specification is still supported with the\n'--filter=sparse:oid=<blob>' option </blob></path>\n\n'git checkout --no-overlay' can be used to trigger a new mode of\nchecking out paths out of the tree-ish, that allows paths that match\nthe pathspec that are in the current index and working tree and are\nnot in the tree-ish.\n\nFour new configuration variables {author,committer}.{name,email} have\nbeen introduced to override user.{name,email} in more specific cases.\n\n'git branch' learned a new subcommand '--show-current'.\n\nThe command line completion (in contrib/) has been taught to complete\nmore subcommand parameters.\n\nThe completion helper code now pays attention to repository-local\nconfiguration (when available), which allows --list-cmds to honour a\nrepository specific setting of completion.commands, for example.\n\nThe list of conflicted paths shown in the editor while concluding a\nconflicted merge was shown above the scissors line when the clean-up\nmode is set to 'scissors', even though it was commented out just like\nthe list of updated paths and other information to help the user\nexplain the merge better.\n\n'git rebase' that was reimplemented in C did not set ORIG_HEAD\ncorrectly, which has been corrected.\n\n'git worktree add' used to do a 'find an available name with stat and\nthen mkdir', which is race-prone. This has been fixed by using mkdir\nand reacting to EEXIST in a loop.\n\nMove to DocBook 5.x. Asciidoctor 2.x no longer supports the legacy\nDocBook 4.5 format.\n\nupdate git-web AppArmor profile for bash and tar usrMerge\n(bsc#1132350)\n\ngit 2.21.0\n\nHistorically, the '-m' (mainline) option can only be used for 'git\ncherry-pick' and 'git revert' when working with a merge commit. This\nversion of Git no longer warns or errors out when working with a\nsingle-parent commit, as long as the argument to the '-m' option is 1\n(i.e. it has only one parent, and the request is to pick or revert\nrelative to that first parent). Scripts that relied on the behaviour\nmay get broken with this change.\n\nSmall fixes and features for fast-export and fast-import.\n\nThe 'http.version' configuration variable can be used with recent\nenough versions of cURL library to force the version of HTTP used to\ntalk when fetching and pushing.\n\n'git push $there $src:$dst' rejects when $dst is not a fully qualified\nrefname and it is not clear what the end user meant.\n\nUpdate 'git multimail' from the upstream.\n\nA new date format '--date=human' that morphs its output depending on\nhow far the time is from the current time has been introduced.\n'--date=auto:human' can be used to use this new format (or any\nexisting format) when the output is going to the pager or to the\nterminal, and otherwise the default format.\n\nFix worktree creation race (bsc#1114225).\n\nadd shadow build dependency to the -daemon subpackage.\n\ngit 2.20.1 :\n\nportability fixes\n\n'git help -a' did not work well when an overly long alias was defined\n\nno longer squelched an error message when the run_command API failed\nto run a missing command\n\ngit 2.20.0\n\n'git help -a' now gives verbose output (same as 'git help -av'). Those\nwho want the old output may say 'git help --no-verbose -a'..\n\n'git send-email' learned to grab address-looking string on any trailer\nwhose name ends with '-by'.\n\n'git format-patch' learned new '--interdiff' and '--range-diff'\noptions to explain the difference between this version and the\nprevious attempt in the cover letter (or after the three-dashes as a\ncomment).\n\nDeveloper builds now use -Wunused-function compilation option.\n\nFix a bug in which the same path could be registered under multiple\nworktree entries if the path was missing (for instance, was removed\nmanually). Also, as a convenience, expand the number of cases in which\n\n--force is applicable.\n\nThe overly large Documentation/config.txt file have been split into\nmillion little pieces. This potentially allows each individual piece\nto be included into the manual page of the command it affects more\neasily.\n\nMalformed or crafted data in packstream can make our code attempt to\nread or write past the allocated buffer and abort, instead of\nreporting an error, which has been fixed.\n\nFix for a long-standing bug that leaves the index file corrupt when it\nshrinks during a partial commit.\n\n'git merge' and 'git pull' that merges into an unborn branch used to\ncompletely ignore '--verify-signatures', which has been corrected.\n\n...and much more features and fixes\n\ngit 2.19.2 :\n\nvarious bug fixes for multiple subcommands and operations\n\ngit 2.19.1 :\n\nCVE-2018-17456: Specially crafted .gitmodules files may have allowed\narbitrary code execution when the repository is cloned with\n\n--recurse-submodules (bsc#1110949)\n\ngit 2.19.0 :\n\n'git diff' compares the index and the working tree. For paths added\nwith intent-to-add bit, the command shows the full contents of them as\nadded, but the paths themselves were not marked as new files. They are\nnow shown as new by default.\n\n'git apply' learned the '--intent-to-add' option so that an otherwise\nworking-tree-only application of a patch will add new paths to the\nindex marked with the 'intent-to-add' bit.\n\n'git grep' learned the '--column' option that gives not just the line\nnumber but the column number of the hit.\n\nThe '-l' option in 'git branch -l' is an unfortunate short-hand for\n'--create-reflog', but many users, both old and new, somehow expect it\nto be something else, perhaps '--list'. This step warns when '-l' is\nused as a short-hand for '--create-reflog' and warns about the future\nrepurposing of the it when it is used.\n\nThe userdiff pattern for .php has been updated.\n\nThe content-transfer-encoding of the message 'git send-email' sends\nout by default was 8bit, which can cause trouble when there is an\noverlong line to bust RFC 5322/2822 limit. A new option 'auto' to\nautomatically switch to quoted-printable when there is such a line in\nthe payload has been introduced and is made the default.\n\n'git checkout' and 'git worktree add' learned to honor\ncheckout.defaultRemote when auto-vivifying a local branch out of a\nremote tracking branch in a repository with multiple remotes that have\ntracking branches that share the same names. (merge 8d7b558bae\nab/checkout-default-remote later to maint).\n\n'git grep' learned the '--only-matching' option.\n\n'git rebase --rebase-merges' mode now handles octopus merges as well.\n\nAdd a server-side knob to skip commits in exponential/fibbonacci\nstride in an attempt to cover wider swath of history with a smaller\nnumber of iterations, potentially accepting a larger packfile\ntransfer, instead of going back one commit a time during common\nancestor discovery during the 'git fetch' transaction. (merge\n42cc7485a2 jt/fetch-negotiator-skipping later to maint).\n\nA new configuration variable core.usereplacerefs has been added,\nprimarily to help server installations that want to ignore the replace\nmechanism altogether.\n\nTeach 'git tag -s' etc. a few configuration variables (gpg.format that\ncan be set to 'openpgp' or 'x509', and gpg.<format>.program that is\nused to specify what program to use to deal with the format) to allow\nx.509 certs with CMS via 'gpgsm' to be used instead of openpgp via\n'gnupg'. </format>\n\nMany more strings are prepared for l10n.\n\n'git p4 submit' learns to ask its own pre-submit hook if it should\ncontinue with submitting.\n\nThe test performed at the receiving end of 'git push' to prevent bad\nobjects from entering repository can be customized via receive.fsck.*\nconfiguration variables; we now have gained a counterpart to do the\nsame on the 'git fetch' side, with fetch.fsck.* configuration\nvariables.\n\n'git pull --rebase=interactive' learned 'i' as a short-hand for\n'interactive'.\n\n'git instaweb' has been adjusted to run better with newer Apache on\nRedHat based distros.\n\n'git range-diff' is a reimplementation of 'git tbdiff' that lets us\ncompare individual patches in two iterations of a topic.\n\nThe sideband code learned to optionally paint selected keywords at the\nbeginning of incoming lines on the receiving end.\n\n'git branch --list' learned to take the default sort order from the\n'branch.sort' configuration variable, just like 'git tag --list' pays\nattention to 'tag.sort'.\n\n'git worktree' command learned '--quiet' option to make it less\nverbose.\n\ngit 2.18.0 :\n\nimprovements to rename detection logic\n\nWhen built with more recent cURL, GIT_SSL_VERSION can now specify\n'tlsv1.3' as its value.\n\n'git mergetools' learned talking to guiffy.\n\nvarious other workflow improvements and fixes\n\nperformance improvements and other developer visible fixes\n\ngit 2.17.1\n\nSubmodule 'names' come from the untrusted .gitmodules file, but we\nblindly append them to $GIT_DIR/modules to create our on-disk repo\npaths. This means you can do bad things by putting '../' into the\nname. We now enforce some rules for submodule names which will cause\nGit to ignore these malicious names (CVE-2018-11235, bsc#1095219)\n\nIt was possible to trick the code that sanity-checks paths on NTFS\ninto reading random piece of memory (CVE-2018-11233, bsc#1095218)\n\nSupport on the server side to reject pushes to repositories that\nattempt to create such problematic .gitmodules file etc. as tracked\ncontents, to help hosting sites protect their customers by preventing\nmalicious contents from spreading.\n\ngit 2.17.0 :\n\n'diff' family of commands learned '--find-object=<object-id>' option\nto limit the findings to changes that involve the named object.\n</object-id>\n\n'git format-patch' learned to give 72-cols to diffstat, which is\nconsistent with other line length limits the subcommand uses for its\noutput meant for e-mails.\n\nThe log from 'git daemon' can be redirected with a new option; one\nrelevant use case is to send the log to standard error (instead of\nsyslog) when running it from inetd.\n\n'git rebase' learned to take '--allow-empty-message' option.\n\n'git am' has learned the '--quit' option, in addition to the existing\n'--abort' option; having the pair mirrors a few other commands like\n'rebase' and 'cherry-pick'.\n\n'git worktree add' learned to run the post-checkout hook, just like\n'git clone' runs it upon the initial checkout.\n\n'git tag' learned an explicit '--edit' option that allows the message\ngiven via '-m' and '-F' to be further edited.\n\n'git fetch --prune-tags' may be used as a handy short-hand for getting\nrid of stale tags that are locally held.\n\nThe new '--show-current-patch' option gives an end-user facing way to\nget the diff being applied when 'git rebase' (and 'git am') stops with\na conflict.\n\n'git add -p' used to offer '/' (look for a matching hunk) as a choice,\neven there was only one hunk, which has been corrected. Also the\nsingle-key help is now given only for keys that are enabled (e.g. help\nfor '/' won't be shown when there is only one hunk).\n\nSince Git 1.7.9, 'git merge' defaulted to --no-ff (i.e. even when the\nside branch being merged is a descendant of the current commit, create\na merge commit instead of fast-forwarding) when merging a tag object.\nThis was appropriate default for integrators who pull signed tags from\ntheir downstream contributors, but caused an unnecessary merges when\nused by downstream contributors who habitually 'catch up' their topic\nbranches with tagged releases from the upstream. Update 'git merge' to\ndefault to --no-ff only when merging a tag object that does *not* sit\nat its usual place in refs/tags/ hierarchy, and allow fast-forwarding\notherwise, to mitigate the problem.\n\n'git status' can spend a lot of cycles to compute the relation between\nthe current branch and its upstream, which can now be disabled with\n'--no-ahead-behind' option.\n\n'git diff' and friends learned funcname patterns for Go language\nsource files.\n\n'git send-email' learned '--reply-to=<address>' option. </address>\n\nFuncname pattern used for C# now recognizes 'async' keyword.\n\nIn a way similar to how 'git tag' learned to honor the pager setting\nonly in the list mode, 'git config' learned to ignore the pager\nsetting when it is used for setting values (i.e. when the purpose of\nthe operation is not to 'show').\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1063412\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1095218\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1095219\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1110949\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1112230\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1114225\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1132350\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1149792\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1156651\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1158785\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1158787\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1158788\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1158789\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1158790\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1158791\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1158792\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1158793\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1158795\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1167890\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1168930\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1169605\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1169786\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1169936\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2017-15298/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2018-11233/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2018-11235/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2018-17456/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-1348/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-1349/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-1350/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-1351/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-1352/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-1353/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-1354/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-1387/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-19604/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-11008/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-5260/\");\n # https://www.suse.com/support/update/announcement/2020/suse-su-20201121-1/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?47879213\");\n script_set_attribute(attribute:\"solution\", value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Module for Open Buildservice Development Tools\n15-SP1 :\n\nzypper in -t patch\nSUSE-SLE-Module-Development-Tools-OBS-15-SP1-2020-1121=1\n\nSUSE Linux Enterprise Module for Development Tools 15-SP1 :\n\nzypper in -t patch\nSUSE-SLE-Module-Development-Tools-15-SP1-2020-1121=1\n\nSUSE Linux Enterprise Module for Basesystem 15-SP1 :\n\nzypper in -t patch SUSE-SLE-Module-Basesystem-15-SP1-2020-1121=1\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-19604\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2019-1353\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Malicious Git HTTP Server For CVE-2018-17456');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/10/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/04/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/04/29\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:git\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:git-arch\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:git-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:git-core-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:git-credential-gnome-keyring\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:git-credential-gnome-keyring-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:git-credential-libsecret\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:git-credential-libsecret-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:git-cvs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:git-daemon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:git-daemon-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:git-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:git-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:git-email\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:git-gui\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:git-p4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:git-svn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:git-svn-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:git-web\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:gitk\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED15|SLES15)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED15 / SLES15\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(1)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES15 SP1\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED15\" && (! preg(pattern:\"^(1)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED15 SP1\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"git-2.26.1-3.25.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"git-arch-2.26.1-3.25.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"git-core-2.26.1-3.25.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"git-core-debuginfo-2.26.1-3.25.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"git-credential-gnome-keyring-2.26.1-3.25.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"git-credential-gnome-keyring-debuginfo-2.26.1-3.25.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"git-credential-libsecret-2.26.1-3.25.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"git-credential-libsecret-debuginfo-2.26.1-3.25.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"git-cvs-2.26.1-3.25.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"git-daemon-2.26.1-3.25.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"git-daemon-debuginfo-2.26.1-3.25.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"git-debuginfo-2.26.1-3.25.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"git-debugsource-2.26.1-3.25.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"git-email-2.26.1-3.25.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"git-gui-2.26.1-3.25.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"git-p4-2.26.1-3.25.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"git-svn-2.26.1-3.25.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"git-svn-debuginfo-2.26.1-3.25.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"git-web-2.26.1-3.25.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"gitk-2.26.1-3.25.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"git-2.26.1-3.25.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"git-arch-2.26.1-3.25.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"git-core-2.26.1-3.25.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"git-core-debuginfo-2.26.1-3.25.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"git-credential-gnome-keyring-2.26.1-3.25.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"git-credential-gnome-keyring-debuginfo-2.26.1-3.25.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"git-credential-libsecret-2.26.1-3.25.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"git-credential-libsecret-debuginfo-2.26.1-3.25.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"git-cvs-2.26.1-3.25.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"git-daemon-2.26.1-3.25.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"git-daemon-debuginfo-2.26.1-3.25.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"git-debuginfo-2.26.1-3.25.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"git-debugsource-2.26.1-3.25.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"git-email-2.26.1-3.25.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"git-gui-2.26.1-3.25.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"git-p4-2.26.1-3.25.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"git-svn-2.26.1-3.25.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"git-svn-debuginfo-2.26.1-3.25.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"git-web-2.26.1-3.25.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"gitk-2.26.1-3.25.2\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"git\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-02-19T12:50:01", "description": "The remote host is affected by the vulnerability described in GLSA-202003-42 (libgit2: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in libgit2. Please review the CVE identifiers referenced below for details.\n Impact :\n\n An attacker could possibly overwrite arbitrary paths, execute arbitrary code, and overwrite files in the .git directory.\n Workaround :\n\n There is no known workaround at this time.", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2020-03-20T00:00:00", "type": "nessus", "title": "GLSA-202003-42 : libgit2: Multiple vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1348", "CVE-2019-1350", "CVE-2019-1387"], "modified": "2020-03-24T00:00:00", "cpe": ["p-cpe:/a:gentoo:linux:libgit2", "cpe:/o:gentoo:linux"], "id": "GENTOO_GLSA-202003-42.NASL", "href": "https://www.tenable.com/plugins/nessus/134728", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 202003-42.\n#\n# The advisory text is Copyright (C) 2001-2020 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(134728);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/03/24\");\n\n script_cve_id(\"CVE-2019-1348\", \"CVE-2019-1350\", \"CVE-2019-1387\");\n script_xref(name:\"GLSA\", value:\"202003-42\");\n\n script_name(english:\"GLSA-202003-42 : libgit2: Multiple vulnerabilities\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-202003-42\n(libgit2: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in libgit2. Please review\n the CVE identifiers referenced below for details.\n \nImpact :\n\n An attacker could possibly overwrite arbitrary paths, execute arbitrary\n code, and overwrite files in the .git directory.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/202003-42\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All libgit2 users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=dev-libs/libgit2-0.28.4'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:libgit2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/12/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/03/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/03/20\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"dev-libs/libgit2\", unaffected:make_list(\"ge 0.28.4\"), vulnerable:make_list(\"lt 0.28.4\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libgit2\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-05-15T13:46:18", "description": "This update for git fixes the following issues :\n\nSecurity issue fixed :\n\nCVE-2020-5260: With a crafted URL that contains a newline in it, the credential helper machinery can be fooled to give credential information for a wrong host (bsc#1168930).\n\nNon-security issue fixed :\n\ngit was updated to 2.26.0 for SHA256 support (bsc#1167890, jsc#SLE-11608): the xinetd snippet was removed\n\nthe System V init script for the git-daemon was replaced by a systemd service file of the same name.\n\ngit 2.26.0: 'git rebase' now uses a different backend that is based on the 'merge' machinery by default. The 'rebase.backend' configuration variable reverts to old behaviour when set to 'apply'\n\nImproved handling of sparse checkouts\n\nImprovements to many commands and internal features\n\ngit 2.25.1: 'git commit' now honors advise.statusHints\n\nvarious updates, bug fixes and documentation updates\n\ngit 2.25.0: The branch description ('git branch --edit-description') has been used to fill the body of the cover letters by the format-patch command; this has been enhanced so that the subject can also be filled.\n\nA few commands learned to take the pathspec from the standard input or a named file, instead of taking it as the command line arguments, with the '--pathspec-from-file' option.\n\nTest updates to prepare for SHA-2 transition continues.\n\nRedo 'git name-rev' to avoid recursive calls.\n\nWhen all files from some subdirectory were renamed to the root directory, the directory rename heuristics would fail to detect that as a rename/merge of the subdirectory to the root directory, which has been corrected.\n\nHTTP transport had possible allocator/deallocator mismatch, which has been corrected.\n\ngit 2.24.1: CVE-2019-1348: The --export-marks option of fast-import is exposed also via the in-stream command feature export-marks=... and it allows overwriting arbitrary paths (bsc#1158785)\n\nCVE-2019-1349: on Windows, when submodules are cloned recursively, under certain circumstances Git could be fooled into using the same Git directory twice (bsc#1158787)\n\nCVE-2019-1350: Incorrect quoting of command-line arguments allowed remote code execution during a recursive clone in conjunction with SSH URLs (bsc#1158788)\n\nCVE-2019-1351: on Windows mistakes drive letters outside of the US-English alphabet as relative paths (bsc#1158789)\n\nCVE-2019-1352: on Windows was unaware of NTFS Alternate Data Streams (bsc#1158790)\n\nCVE-2019-1353: when run in the Windows Subsystem for Linux while accessing a working directory on a regular Windows drive, none of the NTFS protections were active (bsc#1158791)\n\nCVE-2019-1354: on Windows refuses to write tracked files with filenames that contain backslashes (bsc#1158792)\n\nCVE-2019-1387: Recursive clones vulnerability that is caused by too-lax validation of submodule names, allowing very targeted attacks via remote code execution in recursive clones (bsc#1158793)\n\nCVE-2019-19604: a recursive clone followed by a submodule update could execute code contained within the repository without the user explicitly having asked for that (bsc#1158795)\n\nFix building with asciidoctor and without DocBook4 stylesheets.\n\ngit 2.24.0 The command line parser learned '--end-of-options' notation.\n\nA mechanism to affect the default setting for a (related) group of configuration variables is introduced.\n\n'git fetch' learned '--set-upstream' option to help those who first clone from their private fork they intend to push to, add the true upstream via 'git remote add' and then 'git fetch' from it.\n\nfixes and improvements to UI, workflow and features, bash completion fixes\n\npart of it merged upstream\n\nthe Makefile attempted to download some documentation, banned\n\ngit 2.23.0: The '--base' option of 'format-patch' computed the patch-ids for prerequisite patches in an unstable way, which has been updated to compute in a way that is compatible with 'git patch-id\n\n--stable'.\n\nThe 'git log' command by default behaves as if the --mailmap option was given.\n\nfixes and improvements to UI, workflow and features\n\ngit 2.22.1: A relative pathname given to 'git init\n--template=<path><repo>' ought to be relative to the directory 'git init' gets invoked in, but it instead was made relative to the repository, which has been corrected. </repo></path>\n\n'git worktree add' used to fail when another worktree connected to the same repository was corrupt, which has been corrected.\n\n'git am -i --resolved' segfaulted after trying to see a commit as if it were a tree, which has been corrected.\n\n'git merge --squash' is designed to update the working tree and the index without creating the commit, and this cannot be countermanded by adding the '--commit' option; the command now refuses to work when both options are given.\n\nUpdate to Unicode 12.1 width table.\n\n'git request-pull' learned to warn when the ref we ask them to pull from in the local repository and in the published repository are different.\n\n'git fetch' into a lazy clone forgot to fetch base objects that are necessary to complete delta in a thin packfile, which has been corrected.\n\nThe URL decoding code has been updated to avoid going past the end of the string while parsing %-<hex>-<hex> sequence. </hex></hex>\n\n'git clean' silently skipped a path when it cannot lstat() it; now it gives a warning.\n\n'git rm' to resolve a conflicted path leaked an internal message 'needs merge' before actually removing the path, which was confusing.\nThis has been corrected.\n\nMany more bugfixes and code cleanups.\n\nremoval of SuSEfirewall2 service, since SuSEfirewall2 has been replaced by firewalld, see [1]. [1]:\nhttps://lists.opensuse.org/opensuse-factory/2019-01/msg00490.html\n\ngit 2.22.0: The filter specification '--filter=sparse:path=<path>' used to create a lazy/partial clone has been removed. Using a blob that is part of the project as sparse specification is still supported with the '--filter=sparse:oid=<blob>' option </blob></path>\n\n'git checkout --no-overlay' can be used to trigger a new mode of checking out paths out of the tree-ish, that allows paths that match the pathspec that are in the current index and working tree and are not in the tree-ish.\n\nFour new configuration variables {author,committer}.{name,email} have been introduced to override user.{name,email} in more specific cases.\n\n'git branch' learned a new subcommand '--show-current'.\n\nThe command line completion (in contrib/) has been taught to complete more subcommand parameters.\n\nThe completion helper code now pays attention to repository-local configuration (when available), which allows --list-cmds to honour a repository specific setting of completion.commands, for example.\n\nThe list of conflicted paths shown in the editor while concluding a conflicted merge was shown above the scissors line when the clean-up mode is set to 'scissors', even though it was commented out just like the list of updated paths and other information to help the user explain the merge better.\n\n'git rebase' that was reimplemented in C did not set ORIG_HEAD correctly, which has been corrected.\n\n'git worktree add' used to do a 'find an available name with stat and then mkdir', which is race-prone. This has been fixed by using mkdir and reacting to EEXIST in a loop.\n\nupdate git-web AppArmor profile for bash and tar usrMerge (bsc#1132350)\n\ngit 2.21.0: Historically, the '-m' (mainline) option can only be used for 'git cherry-pick' and 'git revert' when working with a merge commit. This version of Git no longer warns or errors out when working with a single-parent commit, as long as the argument to the '-m' option is 1 (i.e. it has only one parent, and the request is to pick or revert relative to that first parent). Scripts that relied on the behaviour may get broken with this change.\n\nSmall fixes and features for fast-export and fast-import.\n\nThe 'http.version' configuration variable can be used with recent enough versions of cURL library to force the version of HTTP used to talk when fetching and pushing.\n\n'git push $there $src:$dst' rejects when $dst is not a fully qualified refname and it is not clear what the end user meant.\n\nUpdate 'git multimail' from the upstream.\n\nA new date format '--date=human' that morphs its output depending on how far the time is from the current time has been introduced.\n'--date=auto:human' can be used to use this new format (or any existing format) when the output is going to the pager or to the terminal, and otherwise the default format.\n\nFix worktree creation race (bsc#1114225).\n\ngit 2.20.1: portability fixes\n\n'git help -a' did not work well when an overly long alias was defined\n\nno longer squelched an error message when the run_command API failed to run a missing command\n\ngit 2.20.0: 'git help -a' now gives verbose output (same as 'git help\n-av'). Those who want the old output may say 'git help --no-verbose\n-a'..\n\n'git send-email' learned to grab address-looking string on any trailer whose name ends with '-by'.\n\n'git format-patch' learned new '--interdiff' and '--range-diff' options to explain the difference between this version and the previous attempt in the cover letter (or after the three-dashes as a comment).\n\nDeveloper builds now use -Wunused-function compilation option.\n\nFix a bug in which the same path could be registered under multiple worktree entries if the path was missing (for instance, was removed manually). Also, as a convenience, expand the number of cases in which\n\n--force is applicable.\n\nThe overly large Documentation/config.txt file have been split into million little pieces. This potentially allows each individual piece to be included into the manual page of the command it affects more easily.\n\nMalformed or crafted data in packstream can make our code attempt to read or write past the allocated buffer and abort, instead of reporting an error, which has been fixed.\n\nFix for a long-standing bug that leaves the index file corrupt when it shrinks during a partial commit.\n\n'git merge' and 'git pull' that merges into an unborn branch used to completely ignore '--verify-signatures', which has been corrected.\n\n...and much more features and fixes\n\nfix CVE-2018-19486 (bsc#1117257)\n\ngit 2.19.2: various bug fixes for multiple subcommands and operations\n\ngit 2.19.1: CVE-2018-17456: Specially crafted .gitmodules files may have allowed arbitrary code execution when the repository is cloned with\n\n--recurse-submodules (bsc#1110949)\n\ngit 2.19.0: 'git diff' compares the index and the working tree. For paths added with intent-to-add bit, the command shows the full contents of them as added, but the paths themselves were not marked as new files. They are now shown as new by default.\n\n'git apply' learned the '--intent-to-add' option so that an otherwise working-tree-only application of a patch will add new paths to the index marked with the 'intent-to-add' bit.\n\n'git grep' learned the '--column' option that gives not just the line number but the column number of the hit.\n\nThe '-l' option in 'git branch -l' is an unfortunate short-hand for '--create-reflog', but many users, both old and new, somehow expect it to be something else, perhaps '--list'. This step warns when '-l' is used as a short-hand for '--create-reflog' and warns about the future repurposing of the it when it is used.\n\nThe userdiff pattern for .php has been updated.\n\nThe content-transfer-encoding of the message 'git send-email' sends out by default was 8bit, which can cause trouble when there is an overlong line to bust RFC 5322/2822 limit. A new option 'auto' to automatically switch to quoted-printable when there is such a line in the payload has been introduced and is made the default.\n\n'git checkout' and 'git worktree add' learned to honor checkout.defaultRemote when auto-vivifying a local branch out of a remote tracking branch in a repository with multiple remotes that have tracking branches that share the same names. (merge 8d7b558bae ab/checkout-default-remote later to maint).\n\n'git grep' learned the '--only-matching' option.\n\n'git rebase --rebase-merges' mode now handles octopus merges as well.\n\nAdd a server-side knob to skip commits in exponential/fibbonacci stride in an attempt to cover wider swath of history with a smaller number of iterations, potentially accepting a larger packfile transfer, instead of going back one commit a time during common ancestor discovery during the 'git fetch' transaction. (merge 42cc7485a2 jt/fetch-negotiator-skipping later to maint).\n\nA new configuration variable core.usereplacerefs has been added, primarily to help server installations that want to ignore the replace mechanism altogether.\n\nTeach 'git tag -s' etc. a few configuration variables (gpg.format that can be set to 'openpgp' or 'x509', and gpg.<format>.program that is used to specify what program to use to deal with the format) to allow x.509 certs with CMS via 'gpgsm' to be used instead of openpgp via 'gnupg'. </format>\n\nMany more strings are prepared for l10n.\n\n'git p4 submit' learns to ask its own pre-submit hook if it should continue with submitting.\n\nThe test performed at the receiving end of 'git push' to prevent bad objects from entering repository can be customized via receive.fsck.* configuration variables; we now have gained a counterpart to do the same on the 'git fetch' side, with fetch.fsck.* configuration variables.\n\n'git pull --rebase=interactive' learned 'i' as a short-hand for 'interactive'.\n\n'git instaweb' has been adjusted to run better with newer Apache on RedHat based distros.\n\n'git range-diff' is a reimplementation of 'git tbdiff' that lets us compare individual patches in two iterations of a topic.\n\nThe sideband code learned to optionally paint selected keywords at the beginning of incoming lines on the receiving end.\n\n'git branch --list' learned to take the default sort order from the 'branch.sort' configuration variable, just like 'git tag --list' pays attention to 'tag.sort'.\n\n'git worktree' command learned '--quiet' option to make it less verbose.\n\ngit 2.18.0: improvements to rename detection logic\n\nWhen built with more recent cURL, GIT_SSL_VERSION can now specify 'tlsv1.3' as its value.\n\n'git mergetools' learned talking to guiffy.\n\nvarious other workflow improvements and fixes\n\nperformance improvements and other developer visible fixes\n\nUpdate to git 2.16.4: security fix release\n\ngit 2.17.1: Submodule 'names' come from the untrusted .gitmodules file, but we blindly append them to $GIT_DIR/modules to create our on-disk repo paths. This means you can do bad things by putting '../' into the name. We now enforce some rules for submodule names which will cause Git to ignore these malicious names (CVE-2018-11235, bsc#1095219)\n\nIt was possible to trick the code that sanity-checks paths on NTFS into reading random piece of memory (CVE-2018-11233, bsc#1095218)\n\nSupport on the server side to reject pushes to repositories that attempt to create such problematic .gitmodules file etc. as tracked contents, to help hosting sites protect their customers by preventing malicious contents from spreading.\n\ngit 2.17.0: 'diff' family of commands learned '--find-object=<object-id>' option to limit the findings to changes that involve the named object. </object-id>\n\n'git format-patch' learned to give 72-cols to diffstat, which is consistent with other line length limits the subcommand uses for its output meant for e-mails.\n\nThe log from 'git daemon' can be redirected with a new option; one relevant use case is to send the log to standard error (instead of syslog) when running it from inetd.\n\n'git rebase' learned to take '--allow-empty-message' option.\n\n'git am' has learned the '--quit' option, in addition to the existing '--abort' option; having the pair mirrors a few other commands like 'rebase' and 'cherry-pick'.\n\n'git worktree add' learned to run the post-checkout hook, just like 'git clone' runs it upon the initial checkout.\n\n'git tag' learned an explicit '--edit' option that allows the message given via '-m' and '-F' to be further edited.\n\n'git fetch --prune-tags' may be used as a handy short-hand for getting rid of stale tags that are locally held.\n\nThe new '--show-current-patch' option gives an end-user facing way to get the diff being applied when 'git rebase' (and 'git am') stops with a conflict.\n\n'git add -p' used to offer '/' (look for a matching hunk) as a choice, even there was only one hunk, which has been corrected. Also the single-key help is now given only for keys that are enabled (e.g. help for '/' won't be shown when there is only one hunk).\n\nSince Git 1.7.9, 'git merge' defaulted to --no-ff (i.e. even when the side branch being merged is a descendant of the current commit, create a merge commit instead of fast-forwarding) when merging a tag object.\nThis was appropriate default for integrators who pull signed tags from their downstream contributors, but caused an unnecessary merges when used by downstream contributors who habitually 'catch up' their topic branches with tagged releases from the upstream. Update 'git merge' to default to --no-ff only when merging a tag object that does *not* sit at its usual place in refs/tags/ hierarchy, and allow fast-forwarding otherwise, to mitigate the problem.\n\n'git status' can spend a lot of cycles to compute the relation between the current branch and its upstream, which can now be disabled with '--no-ahead-behind' option.\n\n'git diff' and friends learned funcname patterns for Go language source files.\n\n'git send-email' learned '--reply-to=<address>' option. </address>\n\nFuncname pattern used for C# now recognizes 'async' keyword.\n\nIn a way similar to how 'git tag' learned to honor the pager setting only in the list mode, 'git config' learned to ignore the pager setting when it is used for setting values (i.e. when the purpose of the operation is not to 'show').\n\nUse %license instead of %doc [bsc#1082318]\n\ngit 2.16.3: 'git status' after moving a path in the working tree (hence making it appear 'removed') and then adding with the -N option (hence making that appear 'added') detected it as a rename, but did not report the old and new pathnames correctly.\n\n'git commit --fixup' did not allow '-m<message>' option to be used at the same time; allow it to annotate resulting commit with more text.\n</message>\n\nWhen resetting the working tree files recursively, the working tree of submodules are now also reset to match.\n\nFix for a commented-out code to adjust it to a rather old API change around object ID.\n\nWhen there are too many changed paths, 'git diff' showed a warning message but in the middle of a line.\n\nThe http tracing code, often used to debug connection issues, learned to redact potentially sensitive information from its output so that it can be more safely sharable.\n\nCrash fix for a corner case where an error codepath tried to unlock what it did not acquire lock on.\n\nThe split-index mode had a few corner case bugs fixed.\n\nAssorted fixes to 'git daemon'.\n\nCompletion of 'git merge -s<strategy>' (in contrib/) did not work well in non-C locale. </strategy>\n\nWorkaround for segfault with more recent versions of SVN.\n\nRecently introduced leaks in fsck have been plugged.\n\nTravis CI integration now builds the executable in 'script' phase to follow the established practice, rather than during 'before_script' phase. This allows the CI categorize the failures better ('failed' is project's fault, 'errored' is build environment's).\n\nDrop superfluous xinetd snippet, no longer used (bsc#1084460)\n\nBuild with asciidoctor for the recent distros (bsc#1075764)\n\nMove %{?systemd_requires} to daemon subpackage\n\nCreate subpackage for libsecret credential helper.\n\ngit 2.16.2: An old regression in 'git describe --all $annotated_tag^0' has been fixed.\n\n'git svn dcommit' did not take into account the fact that a svn+ssh:// URL with a username@ (typically used for pushing) refers to the same SVN repository without the username@ and failed when svn.pushmergeinfo option is set.\n\n'git merge -Xours/-Xtheirs' learned to use our/their version when resolving a conflicting updates to a symbolic link.\n\n'git clone $there $here' is allowed even when here directory exists as long as it is an empty directory, but the command incorrectly removed it upon a failure of the operation.\n\n'git stash -- <pathspec>' incorrectly blew away untracked files in the directory that matched the pathspec, which has been corrected.\n</pathspec>\n\n'git add -p' was taught to ignore local changes to submodules as they do not interfere with the partial addition of regular changes anyway.\n\ngit 2.16.1: 'git clone' segfaulted when cloning a project that happens to track two paths that differ only in case on a case insensitive filesystem\n\ngit 2.16.0 (CVE-2017-15298, bsc#1063412): See https://raw.github.com/git/git/master/Documentation/RelNotes/2.16.0.tx t\n\ngit 2.15.1: fix 'auto' column output\n\nfixes to moved lines diffing\n\ndocumentation updates\n\nfix use of repositories immediately under the root directory\n\nimprove usage of libsecret\n\nfixes to various error conditions in git commands\n\nRewrite from sysv init to systemd unit file for git-daemon (bsc#1069803)\n\nReplace references to /var/adm/fillup-templates with new %_fillupdir macro (bsc#1069468)\n\nsplit off p4 to a subpackage (bsc#1067502)\n\nBuild with the external libsha1detectcoll (bsc#1042644)\n\ngit 2.15.0: Use of an empty string as a pathspec element that is used for 'everything matches' is still warned and Git asks users to use a more explicit '.' for that instead. Removal scheduled for 2.16\n\nGit now avoids blindly falling back to '.git' when the setup sequence said we are _not_ in Git repository (another corner case removed)\n\n'branch --set-upstream' was retired, deprecated since 1.8\n\nmany other improvements and updates\n\ngit 2.14.3: git send-email understands more cc: formats\n\nfixes so gitk --bisect\n\ngit commit-tree fixed to handle -F file alike\n\nPrevent segfault in 'git cat-file --textconv'\n\nFix function header parsing for HTML\n\nVarious small fixes to user commands and and internal functions\n\ngit 2.14.2: fixes to color output\n\nhttp.{sslkey,sslCert} now interpret '~[username]/' prefix\n\nfixes to walking of reflogs via 'log -g' and friends\n\nvarious fixes to output correctness\n\n'git push --recurse-submodules $there HEAD:$target' is now propagated down to the submodules\n\n'git clone --recurse-submodules --quiet' c$how propagates quiet option down to submodules.\n\n'git svn --localtime' correctness fixes\n\n'git grep -L' and 'git grep --quiet -L' now report same exit code\n\nfixes to 'git apply' when converting line endings\n\nVarious Perl scripts did not use safe_pipe_capture() instead of backticks, leaving them susceptible to end-user input. CVE-2017-14867 bsc#1061041\n\n'git cvsserver' no longer is invoked by 'git daemon' by default\n\ngit 2.14.1 (bsc#1052481): Security fix for CVE-2017-1000117: A malicious third-party can give a crafted 'ssh://...' URL to an unsuspecting victim, and an attempt to visit the URL can result in any program that exists on the victim's machine being executed. Such a URL could be placed in the .gitmodules file of a malicious project, and an unsuspecting victim could be tricked into running 'git clone\n--recurse-submodules' to trigger the vulnerability.\n\nA 'ssh://...' URL can result in a 'ssh' command line with a hostname that begins with a dash '-', which would cause the 'ssh' command to instead (mis)treat it as an option. This is now prevented by forbidding such a hostname (which should not impact any real-world usage).\n\nSimilarly, when GIT_PROXY_COMMAND is configured, the command is run with host and port that are parsed out from 'ssh://...' URL; a poorly written GIT_PROXY_COMMAND could be tricked into treating a string that begins with a dash '-' as an option. This is now prevented by forbidding such a hostname and port number (again, which should not impact any real-world usage).\n\nIn the same spirit, a repository name that begins with a dash '-' is also forbidden now.\n\ngit 2.14.0: Use of an empty string as a pathspec element that is used for 'everything matches' is deprecated, use '.'\n\nAvoid blindly falling back to '.git' when the setup sequence indicates operation not on a Git repository\n\n'indent heuristics' are now the default.\n\nBuilds with pcre2\n\nMany bug fixes, improvements and updates\n\ngit 2.13.4: Update the character width tables.\n\nFix an alias that contained an uppercase letter\n\nProgress meter fixes\n\ngit gc concurrency fixes\n\ngit 2.13.3: various internal bug fixes\n\nFix a regression to 'git rebase -i'\n\nCorrect unaligned 32-bit access in pack-bitmap code\n\nTighten error checks for invalid 'git apply' input\n\nThe split index code did not honor core.sharedrepository setting correctly\n\nFix 'git branch --list' handling of color.branch.local\n\ngit 2.13.2: 'collision detecting' SHA-1 update for platform fixes\n\n'git checkout --recurse-submodules' did not quite work with a submodule that itself has submodules.\n\nThe 'run-command' API implementation has been made more robust against dead-locking in a threaded environment.\n\n'git clean -d' now only cleans ignored files with '-x'\n\n'git status --ignored' did not list ignored and untracked files without '-uall'\n\n'git pull --rebase --autostash' didn't auto-stash when the local history fast-forwards to the upstream.\n\n'git describe --contains' gives as much weight to lightweight tags as annotated tags\n\nFix 'git stash push <pathspec>' from a subdirectory </pathspec>\n\ngit 2.13.1: Setting 'log.decorate=false' in the configuration file did not take effect in v2.13, which has been corrected.\n\ncorrections to documentation and command help output\n\ngarbage collection fixes\n\nmemory leaks fixed\n\nreceive-pack now makes sure that the push certificate records the same set of push options used for pushing\n\nshell completion corrections for git stash\n\nfix 'git clone --config var=val' with empty strings\n\ninternal efficiency improvements\n\nUpdate sha1 collision detection code for big-endian platforms and platforms not supporting unaligned fetches\n\nFix packaging of documentation\n\ngit 2.13.0: empty string as a pathspec element for 'everything matches' is still warned, for future removal.\n\ndeprecated argument order 'git merge <msg> HEAD <commit>...' was removed </commit></msg>\n\ndefault location '~/.git-credential-cache/socket' for the socket used to communicate with the credential-cache daemon moved to '~/.cache/git/credential/socket'.\n\nnow avoid blindly falling back to '.git' when the setup sequence indicated otherwise\n\nmany workflow features, improvements and bug fixes\n\nadd a hardened implementation of SHA1 in response to practical collision attacks (CVE-2005-4900, bsc#1042640)\n\nCVE-2017-8386: On a server running git-shell as login shell to restrict user to git commands, remote users may have been able to have git service programs spawn an interactive pager and thus escape the shell restrictions. (bsc#1038395)\n\nChanges in pcre2: Include the libraries, development and tools packages.\n\ngit uses only libpcre2-8 so far, but this allows further application usage of pcre2.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2020-04-15T00:00:00", "type": "nessus", "title": "SUSE SLES12 Security Update : git (SUSE-SU-2020:0992-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2005-4900", "CVE-2017-1000117", "CVE-2017-14867", "CVE-2017-15298", "CVE-2017-8386", "CVE-2018-11233", "CVE-2018-11235", "CVE-2018-17456", "CVE-2018-19486", "CVE-2019-1348", "CVE-2019-1349", "CVE-2019-1350", "CVE-2019-1351", "CVE-2019-1352", "CVE-2019-1353", "CVE-2019-1354", "CVE-2019-1387", "CVE-2019-19604", "CVE-2020-5260"], "modified": "2022-05-13T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:git-core", "p-cpe:/a:novell:suse_linux:git-core-debuginfo", "p-cpe:/a:novell:suse_linux:git-debugsource", "p-cpe:/a:novell:suse_linux:libpcre2-16", "p-cpe:/a:novell:suse_linux:libpcre2-16-0-debuginfo", "p-cpe:/a:novell:suse_linux:libpcre2-32", "p-cpe:/a:novell:suse_linux:libpcre2-32-0-debuginfo", "p-cpe:/a:novell:suse_linux:libpcre2-8", "p-cpe:/a:novell:suse_linux:libpcre2-8-0-debuginfo", "p-cpe:/a:novell:suse_linux:libpcre2-posix2", "p-cpe:/a:novell:suse_linux:libpcre2-posix2-debuginfo", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2020-0992-1.NASL", "href": "https://www.tenable.com/plugins/nessus/135580", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2020:0992-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(135580);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/13\");\n\n script_cve_id(\n \"CVE-2005-4900\",\n \"CVE-2017-8386\",\n \"CVE-2017-14867\",\n \"CVE-2017-15298\",\n \"CVE-2017-1000117\",\n \"CVE-2018-11233\",\n \"CVE-2018-11235\",\n \"CVE-2018-17456\",\n \"CVE-2018-19486\",\n \"CVE-2019-1348\",\n \"CVE-2019-1349\",\n \"CVE-2019-1350\",\n \"CVE-2019-1351\",\n \"CVE-2019-1352\",\n \"CVE-2019-1353\",\n \"CVE-2019-1354\",\n \"CVE-2019-1387\",\n \"CVE-2019-19604\",\n \"CVE-2020-5260\"\n );\n\n script_name(english:\"SUSE SLES12 Security Update : git (SUSE-SU-2020:0992-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"This update for git fixes the following issues :\n\nSecurity issue fixed :\n\nCVE-2020-5260: With a crafted URL that contains a newline in it, the\ncredential helper machinery can be fooled to give credential\ninformation for a wrong host (bsc#1168930).\n\nNon-security issue fixed :\n\ngit was updated to 2.26.0 for SHA256 support (bsc#1167890,\njsc#SLE-11608): the xinetd snippet was removed\n\nthe System V init script for the git-daemon was replaced by a systemd\nservice file of the same name.\n\ngit 2.26.0: 'git rebase' now uses a different backend that is based on\nthe 'merge' machinery by default. The 'rebase.backend' configuration\nvariable reverts to old behaviour when set to 'apply'\n\nImproved handling of sparse checkouts\n\nImprovements to many commands and internal features\n\ngit 2.25.1: 'git commit' now honors advise.statusHints\n\nvarious updates, bug fixes and documentation updates\n\ngit 2.25.0: The branch description ('git branch --edit-description')\nhas been used to fill the body of the cover letters by the\nformat-patch command; this has been enhanced so that the subject can\nalso be filled.\n\nA few commands learned to take the pathspec from the standard input or\na named file, instead of taking it as the command line arguments, with\nthe '--pathspec-from-file' option.\n\nTest updates to prepare for SHA-2 transition continues.\n\nRedo 'git name-rev' to avoid recursive calls.\n\nWhen all files from some subdirectory were renamed to the root\ndirectory, the directory rename heuristics would fail to detect that\nas a rename/merge of the subdirectory to the root directory, which has\nbeen corrected.\n\nHTTP transport had possible allocator/deallocator mismatch, which has\nbeen corrected.\n\ngit 2.24.1: CVE-2019-1348: The --export-marks option of fast-import is\nexposed also via the in-stream command feature export-marks=... and it\nallows overwriting arbitrary paths (bsc#1158785)\n\nCVE-2019-1349: on Windows, when submodules are cloned recursively,\nunder certain circumstances Git could be fooled into using the same\nGit directory twice (bsc#1158787)\n\nCVE-2019-1350: Incorrect quoting of command-line arguments allowed\nremote code execution during a recursive clone in conjunction with SSH\nURLs (bsc#1158788)\n\nCVE-2019-1351: on Windows mistakes drive letters outside of the\nUS-English alphabet as relative paths (bsc#1158789)\n\nCVE-2019-1352: on Windows was unaware of NTFS Alternate Data Streams\n(bsc#1158790)\n\nCVE-2019-1353: when run in the Windows Subsystem for Linux while\naccessing a working directory on a regular Windows drive, none of the\nNTFS protections were active (bsc#1158791)\n\nCVE-2019-1354: on Windows refuses to write tracked files with\nfilenames that contain backslashes (bsc#1158792)\n\nCVE-2019-1387: Recursive clones vulnerability that is caused by\ntoo-lax validation of submodule names, allowing very targeted attacks\nvia remote code execution in recursive clones (bsc#1158793)\n\nCVE-2019-19604: a recursive clone followed by a submodule update could\nexecute code contained within the repository without the user\nexplicitly having asked for that (bsc#1158795)\n\nFix building with asciidoctor and without DocBook4 stylesheets.\n\ngit 2.24.0 The command line parser learned '--end-of-options'\nnotation.\n\nA mechanism to affect the default setting for a (related) group of\nconfiguration variables is introduced.\n\n'git fetch' learned '--set-upstream' option to help those who first\nclone from their private fork they intend to push to, add the true\nupstream via 'git remote add' and then 'git fetch' from it.\n\nfixes and improvements to UI, workflow and features, bash completion\nfixes\n\npart of it merged upstream\n\nthe Makefile attempted to download some documentation, banned\n\ngit 2.23.0: The '--base' option of 'format-patch' computed the\npatch-ids for prerequisite patches in an unstable way, which has been\nupdated to compute in a way that is compatible with 'git patch-id\n\n--stable'.\n\nThe 'git log' command by default behaves as if the --mailmap option\nwas given.\n\nfixes and improvements to UI, workflow and features\n\ngit 2.22.1: A relative pathname given to 'git init\n--template=<path><repo>' ought to be relative to the directory 'git\ninit' gets invoked in, but it instead was made relative to the\nrepository, which has been corrected. </repo></path>\n\n'git worktree add' used to fail when another worktree connected to the\nsame repository was corrupt, which has been corrected.\n\n'git am -i --resolved' segfaulted after trying to see a commit as if\nit were a tree, which has been corrected.\n\n'git merge --squash' is designed to update the working tree and the\nindex without creating the commit, and this cannot be countermanded by\nadding the '--commit' option; the command now refuses to work when\nboth options are given.\n\nUpdate to Unicode 12.1 width table.\n\n'git request-pull' learned to warn when the ref we ask them to pull\nfrom in the local repository and in the published repository are\ndifferent.\n\n'git fetch' into a lazy clone forgot to fetch base objects that are\nnecessary to complete delta in a thin packfile, which has been\ncorrected.\n\nThe URL decoding code has been updated to avoid going past the end of\nthe string while parsing %-<hex>-<hex> sequence. </hex></hex>\n\n'git clean' silently skipped a path when it cannot lstat() it; now it\ngives a warning.\n\n'git rm' to resolve a conflicted path leaked an internal message\n'needs merge' before actually removing the path, which was confusing.\nThis has been corrected.\n\nMany more bugfixes and code cleanups.\n\nremoval of SuSEfirewall2 service, since SuSEfirewall2 has been\nreplaced by firewalld, see [1]. [1]:\nhttps://lists.opensuse.org/opensuse-factory/2019-01/msg00490.html\n\ngit 2.22.0: The filter specification '--filter=sparse:path=<path>'\nused to create a lazy/partial clone has been removed. Using a blob\nthat is part of the project as sparse specification is still supported\nwith the '--filter=sparse:oid=<blob>' option </blob></path>\n\n'git checkout --no-overlay' can be used to trigger a new mode of\nchecking out paths out of the tree-ish, that allows paths that match\nthe pathspec that are in the current index and working tree and are\nnot in the tree-ish.\n\nFour new configuration variables {author,committer}.{name,email} have\nbeen introduced to override user.{name,email} in more specific cases.\n\n'git branch' learned a new subcommand '--show-current'.\n\nThe command line completion (in contrib/) has been taught to complete\nmore subcommand parameters.\n\nThe completion helper code now pays attention to repository-local\nconfiguration (when available), which allows --list-cmds to honour a\nrepository specific setting of completion.commands, for example.\n\nThe list of conflicted paths shown in the editor while concluding a\nconflicted merge was shown above the scissors line when the clean-up\nmode is set to 'scissors', even though it was commented out just like\nthe list of updated paths and other information to help the user\nexplain the merge better.\n\n'git rebase' that was reimplemented in C did not set ORIG_HEAD\ncorrectly, which has been corrected.\n\n'git worktree add' used to do a 'find an available name with stat and\nthen mkdir', which is race-prone. This has been fixed by using mkdir\nand reacting to EEXIST in a loop.\n\nupdate git-web AppArmor profile for bash and tar usrMerge\n(bsc#1132350)\n\ngit 2.21.0: Historically, the '-m' (mainline) option can only be used\nfor 'git cherry-pick' and 'git revert' when working with a merge\ncommit. This version of Git no longer warns or errors out when working\nwith a single-parent commit, as long as the argument to the '-m'\noption is 1 (i.e. it has only one parent, and the request is to pick\nor revert relative to that first parent). Scripts that relied on the\nbehaviour may get broken with this change.\n\nSmall fixes and features for fast-export and fast-import.\n\nThe 'http.version' configuration variable can be used with recent\nenough versions of cURL library to force the version of HTTP used to\ntalk when fetching and pushing.\n\n'git push $there $src:$dst' rejects when $dst is not a fully qualified\nrefname and it is not clear what the end user meant.\n\nUpdate 'git multimail' from the upstream.\n\nA new date format '--date=human' that morphs its output depending on\nhow far the time is from the current time has been introduced.\n'--date=auto:human' can be used to use this new format (or any\nexisting format) when the output is going to the pager or to the\nterminal, and otherwise the default format.\n\nFix worktree creation race (bsc#1114225).\n\ngit 2.20.1: portability fixes\n\n'git help -a' did not work well when an overly long alias was defined\n\nno longer squelched an error message when the run_command API failed\nto run a missing command\n\ngit 2.20.0: 'git help -a' now gives verbose output (same as 'git help\n-av'). Those who want the old output may say 'git help --no-verbose\n-a'..\n\n'git send-email' learned to grab address-looking string on any trailer\nwhose name ends with '-by'.\n\n'git format-patch' learned new '--interdiff' and '--range-diff'\noptions to explain the difference between this version and the\nprevious attempt in the cover letter (or after the three-dashes as a\ncomment).\n\nDeveloper builds now use -Wunused-function compilation option.\n\nFix a bug in which the same path could be registered under multiple\nworktree entries if the path was missing (for instance, was removed\nmanually). Also, as a convenience, expand the number of cases in which\n\n--force is applicable.\n\nThe overly large Documentation/config.txt file have been split into\nmillion little pieces. This potentially allows each individual piece\nto be included into the manual page of the command it affects more\neasily.\n\nMalformed or crafted data in packstream can make our code attempt to\nread or write past the allocated buffer and abort, instead of\nreporting an error, which has been fixed.\n\nFix for a long-standing bug that leaves the index file corrupt when it\nshrinks during a partial commit.\n\n'git merge' and 'git pull' that merges into an unborn branch used to\ncompletely ignore '--verify-signatures', which has been corrected.\n\n...and much more features and fixes\n\nfix CVE-2018-19486 (bsc#1117257)\n\ngit 2.19.2: various bug fixes for multiple subcommands and operations\n\ngit 2.19.1: CVE-2018-17456: Specially crafted .gitmodules files may\nhave allowed arbitrary code execution when the repository is cloned\nwith\n\n--recurse-submodules (bsc#1110949)\n\ngit 2.19.0: 'git diff' compares the index and the working tree. For\npaths added with intent-to-add bit, the command shows the full\ncontents of them as added, but the paths themselves were not marked as\nnew files. They are now shown as new by default.\n\n'git apply' learned the '--intent-to-add' option so that an otherwise\nworking-tree-only application of a patch will add new paths to the\nindex marked with the 'intent-to-add' bit.\n\n'git grep' learned the '--column' option that gives not just the line\nnumber but the column number of the hit.\n\nThe '-l' option in 'git branch -l' is an unfortunate short-hand for\n'--create-reflog', but many users, both old and new, somehow expect it\nto be something else, perhaps '--list'. This step warns when '-l' is\nused as a short-hand for '--create-reflog' and warns about the future\nrepurposing of the it when it is used.\n\nThe userdiff pattern for .php has been updated.\n\nThe content-transfer-encoding of the message 'git send-email' sends\nout by default was 8bit, which can cause trouble when there is an\noverlong line to bust RFC 5322/2822 limit. A new option 'auto' to\nautomatically switch to quoted-printable when there is such a line in\nthe payload has been introduced and is made the default.\n\n'git checkout' and 'git worktree add' learned to honor\ncheckout.defaultRemote when auto-vivifying a local branch out of a\nremote tracking branch in a repository with multiple remotes that have\ntracking branches that share the same names. (merge 8d7b558bae\nab/checkout-default-remote later to maint).\n\n'git grep' learned the '--only-matching' option.\n\n'git rebase --rebase-merges' mode now handles octopus merges as well.\n\nAdd a server-side knob to skip commits in exponential/fibbonacci\nstride in an attempt to cover wider swath of history with a smaller\nnumber of iterations, potentially accepting a larger packfile\ntransfer, instead of going back one commit a time during common\nancestor discovery during the 'git fetch' transaction. (merge\n42cc7485a2 jt/fetch-negotiator-skipping later to maint).\n\nA new configuration variable core.usereplacerefs has been added,\nprimarily to help server installations that want to ignore the replace\nmechanism altogether.\n\nTeach 'git tag -s' etc. a few configuration variables (gpg.format that\ncan be set to 'openpgp' or 'x509', and gpg.<format>.program that is\nused to specify what program to use to deal with the format) to allow\nx.509 certs with CMS via 'gpgsm' to be used instead of openpgp via\n'gnupg'. </format>\n\nMany more strings are prepared for l10n.\n\n'git p4 submit' learns to ask its own pre-submit hook if it should\ncontinue with submitting.\n\nThe test performed at the receiving end of 'git push' to prevent bad\nobjects from entering repository can be customized via receive.fsck.*\nconfiguration variables; we now have gained a counterpart to do the\nsame on the 'git fetch' side, with fetch.fsck.* configuration\nvariables.\n\n'git pull --rebase=interactive' learned 'i' as a short-hand for\n'interactive'.\n\n'git instaweb' has been adjusted to run better with newer Apache on\nRedHat based distros.\n\n'git range-diff' is a reimplementation of 'git tbdiff' that lets us\ncompare individual patches in two iterations of a topic.\n\nThe sideband code learned to optionally paint selected keywords at the\nbeginning of incoming lines on the receiving end.\n\n'git branch --list' learned to take the default sort order from the\n'branch.sort' configuration variable, just like 'git tag --list' pays\nattention to 'tag.sort'.\n\n'git worktree' command learned '--quiet' option to make it less\nverbose.\n\ngit 2.18.0: improvements to rename detection logic\n\nWhen built with more recent cURL, GIT_SSL_VERSION can now specify\n'tlsv1.3' as its value.\n\n'git mergetools' learned talking to guiffy.\n\nvarious other workflow improvements and fixes\n\nperformance improvements and other developer visible fixes\n\nUpdate to git 2.16.4: security fix release\n\ngit 2.17.1: Submodule 'names' come from the untrusted .gitmodules\nfile, but we blindly append them to $GIT_DIR/modules to create our\non-disk repo paths. This means you can do bad things by putting '../'\ninto the name. We now enforce some rules for submodule names which\nwill cause Git to ignore these malicious names (CVE-2018-11235,\nbsc#1095219)\n\nIt was possible to trick the code that sanity-checks paths on NTFS\ninto reading random piece of memory (CVE-2018-11233, bsc#1095218)\n\nSupport on the server side to reject pushes to repositories that\nattempt to create such problematic .gitmodules file etc. as tracked\ncontents, to help hosting sites protect their customers by preventing\nmalicious contents from spreading.\n\ngit 2.17.0: 'diff' family of commands learned\n'--find-object=<object-id>' option to limit the findings to changes\nthat involve the named object. </object-id>\n\n'git format-patch' learned to give 72-cols to diffstat, which is\nconsistent with other line length limits the subcommand uses for its\noutput meant for e-mails.\n\nThe log from 'git daemon' can be redirected with a new option; one\nrelevant use case is to send the log to standard error (instead of\nsyslog) when running it from inetd.\n\n'git rebase' learned to take '--allow-empty-message' option.\n\n'git am' has learned the '--quit' option, in addition to the existing\n'--abort' option; having the pair mirrors a few other commands like\n'rebase' and 'cherry-pick'.\n\n'git worktree add' learned to run the post-checkout hook, just like\n'git clone' runs it upon the initial checkout.\n\n'git tag' learned an explicit '--edit' option that allows the message\ngiven via '-m' and '-F' to be further edited.\n\n'git fetch --prune-tags' may be used as a handy short-hand for getting\nrid of stale tags that are locally held.\n\nThe new '--show-current-patch' option gives an end-user facing way to\nget the diff being applied when 'git rebase' (and 'git am') stops with\na conflict.\n\n'git add -p' used to offer '/' (look for a matching hunk) as a choice,\neven there was only one hunk, which has been corrected. Also the\nsingle-key help is now given only for keys that are enabled (e.g. help\nfor '/' won't be shown when there is only one hunk).\n\nSince Git 1.7.9, 'git merge' defaulted to --no-ff (i.e. even when the\nside branch being merged is a descendant of the current commit, create\na merge commit instead of fast-forwarding) when merging a tag object.\nThis was appropriate default for integrators who pull signed tags from\ntheir downstream contributors, but caused an unnecessary merges when\nused by downstream contributors who habitually 'catch up' their topic\nbranches with tagged releases from the upstream. Update 'git merge' to\ndefault to --no-ff only when merging a tag object that does *not* sit\nat its usual place in refs/tags/ hierarchy, and allow fast-forwarding\notherwise, to mitigate the problem.\n\n'git status' can spend a lot of cycles to compute the relation between\nthe current branch and its upstream, which can now be disabled with\n'--no-ahead-behind' option.\n\n'git diff' and friends learned funcname patterns for Go language\nsource files.\n\n'git send-email' learned '--reply-to=<address>' option. </address>\n\nFuncname pattern used for C# now recognizes 'async' keyword.\n\nIn a way similar to how 'git tag' learned to honor the pager setting\nonly in the list mode, 'git config' learned to ignore the pager\nsetting when it is used for setting values (i.e. when the purpose of\nthe operation is not to 'show').\n\nUse %license instead of %doc [bsc#1082318]\n\ngit 2.16.3: 'git status' after moving a path in the working tree\n(hence making it appear 'removed') and then adding with the -N option\n(hence making that appear 'added') detected it as a rename, but did\nnot report the old and new pathnames correctly.\n\n'git commit --fixup' did not allow '-m<message>' option to be used at\nthe same time; allow it to annotate resulting commit with more text.\n</message>\n\nWhen resetting the working tree files recursively, the working tree of\nsubmodules are now also reset to match.\n\nFix for a commented-out code to adjust it to a rather old API change\naround object ID.\n\nWhen there are too many changed paths, 'git diff' showed a warning\nmessage but in the middle of a line.\n\nThe http tracing code, often used to debug connection issues, learned\nto redact potentially sensitive information from its output so that it\ncan be more safely sharable.\n\nCrash fix for a corner case where an error codepath tried to unlock\nwhat it did not acquire lock on.\n\nThe split-index mode had a few corner case bugs fixed.\n\nAssorted fixes to 'git daemon'.\n\nCompletion of 'git merge -s<strategy>' (in contrib/) did not work well\nin non-C locale. </strategy>\n\nWorkaround for segfault with more recent versions of SVN.\n\nRecently introduced leaks in fsck have been plugged.\n\nTravis CI integration now builds the executable in 'script' phase to\nfollow the established practice, rather than during 'before_script'\nphase. This allows the CI categorize the failures better ('failed' is\nproject's fault, 'errored' is build environment's).\n\nDrop superfluous xinetd snippet, no longer used (bsc#1084460)\n\nBuild with asciidoctor for the recent distros (bsc#1075764)\n\nMove %{?systemd_requires} to daemon subpackage\n\nCreate subpackage for libsecret credential helper.\n\ngit 2.16.2: An old regression in 'git describe --all $annotated_tag^0'\nhas been fixed.\n\n'git svn dcommit' did not take into account the fact that a svn+ssh://\nURL with a username@ (typically used for pushing) refers to the same\nSVN repository without the username@ and failed when svn.pushmergeinfo\noption is set.\n\n'git merge -Xours/-Xtheirs' learned to use our/their version when\nresolving a conflicting updates to a symbolic link.\n\n'git clone $there $here' is allowed even when here directory exists as\nlong as it is an empty directory, but the command incorrectly removed\nit upon a failure of the operation.\n\n'git stash -- <pathspec>' incorrectly blew away untracked files in the\ndirectory that matched the pathspec, which has been corrected.\n</pathspec>\n\n'git add -p' was taught to ignore local changes to submodules as they\ndo not interfere with the partial addition of regular changes anyway.\n\ngit 2.16.1: 'git clone' segfaulted when cloning a project that happens\nto track two paths that differ only in case on a case insensitive\nfilesystem\n\ngit 2.16.0 (CVE-2017-15298, bsc#1063412): See\nhttps://raw.github.com/git/git/master/Documentation/RelNotes/2.16.0.tx\nt\n\ngit 2.15.1: fix 'auto' column output\n\nfixes to moved lines diffing\n\ndocumentation updates\n\nfix use of repositories immediately under the root directory\n\nimprove usage of libsecret\n\nfixes to various error conditions in git commands\n\nRewrite from sysv init to systemd unit file for git-daemon\n(bsc#1069803)\n\nReplace references to /var/adm/fillup-templates with new %_fillupdir\nmacro (bsc#1069468)\n\nsplit off p4 to a subpackage (bsc#1067502)\n\nBuild with the external libsha1detectcoll (bsc#1042644)\n\ngit 2.15.0: Use of an empty string as a pathspec element that is used\nfor 'everything matches' is still warned and Git asks users to use a\nmore explicit '.' for that instead. Removal scheduled for 2.16\n\nGit now avoids blindly falling back to '.git' when the setup sequence\nsaid we are _not_ in Git repository (another corner case removed)\n\n'branch --set-upstream' was retired, deprecated since 1.8\n\nmany other improvements and updates\n\ngit 2.14.3: git send-email understands more cc: formats\n\nfixes so gitk --bisect\n\ngit commit-tree fixed to handle -F file alike\n\nPrevent segfault in 'git cat-file --textconv'\n\nFix function header parsing for HTML\n\nVarious small fixes to user commands and and internal functions\n\ngit 2.14.2: fixes to color output\n\nhttp.{sslkey,sslCert} now interpret '~[username]/' prefix\n\nfixes to walking of reflogs via 'log -g' and friends\n\nvarious fixes to output correctness\n\n'git push --recurse-submodules $there HEAD:$target' is now propagated\ndown to the submodules\n\n'git clone --recurse-submodules --quiet' c$how propagates quiet option\ndown to submodules.\n\n'git svn --localtime' correctness fixes\n\n'git grep -L' and 'git grep --quiet -L' now report same exit code\n\nfixes to 'git apply' when converting line endings\n\nVarious Perl scripts did not use safe_pipe_capture() instead of\nbackticks, leaving them susceptible to end-user input. CVE-2017-14867\nbsc#1061041\n\n'git cvsserver' no longer is invoked by 'git daemon' by default\n\ngit 2.14.1 (bsc#1052481): Security fix for CVE-2017-1000117: A\nmalicious third-party can give a crafted 'ssh://...' URL to an\nunsuspecting victim, and an attempt to visit the URL can result in any\nprogram that exists on the victim's machine being executed. Such a URL\ncould be placed in the .gitmodules file of a malicious project, and an\nunsuspecting victim could be tricked into running 'git clone\n--recurse-submodules' to trigger the vulnerability.\n\nA 'ssh://...' URL can result in a 'ssh' command line with a hostname\nthat begins with a dash '-', which would cause the 'ssh' command to\ninstead (mis)treat it as an option. This is now prevented by\nforbidding such a hostname (which should not impact any real-world\nusage).\n\nSimilarly, when GIT_PROXY_COMMAND is configured, the command is run\nwith host and port that are parsed out from 'ssh://...' URL; a poorly\nwritten GIT_PROXY_COMMAND could be tricked into treating a string that\nbegins with a dash '-' as an option. This is now prevented by\nforbidding such a hostname and port number (again, which should not\nimpact any real-world usage).\n\nIn the same spirit, a repository name that begins with a dash '-' is\nalso forbidden now.\n\ngit 2.14.0: Use of an empty string as a pathspec element that is used\nfor 'everything matches' is deprecated, use '.'\n\nAvoid blindly falling back to '.git' when the setup sequence indicates\noperation not on a Git repository\n\n'indent heuristics' are now the default.\n\nBuilds with pcre2\n\nMany bug fixes, improvements and updates\n\ngit 2.13.4: Update the character width tables.\n\nFix an alias that contained an uppercase letter\n\nProgress meter fixes\n\ngit gc concurrency fixes\n\ngit 2.13.3: various internal bug fixes\n\nFix a regression to 'git rebase -i'\n\nCorrect unaligned 32-bit access in pack-bitmap code\n\nTighten error checks for invalid 'git apply' input\n\nThe split index code did not honor core.sharedrepository setting\ncorrectly\n\nFix 'git branch --list' handling of color.branch.local\n\ngit 2.13.2: 'collision detecting' SHA-1 update for platform fixes\n\n'git checkout --recurse-submodules' did not quite work with a\nsubmodule that itself has submodules.\n\nThe 'run-command' API implementation has been made more robust against\ndead-locking in a threaded environment.\n\n'git clean -d' now only cleans ignored files with '-x'\n\n'git status --ignored' did not list ignored and untracked files\nwithout '-uall'\n\n'git pull --rebase --autostash' didn't auto-stash when the local\nhistory fast-forwards to the upstream.\n\n'git describe --contains' gives as much weight to lightweight tags as\nannotated tags\n\nFix 'git stash push <pathspec>' from a subdirectory </pathspec>\n\ngit 2.13.1: Setting 'log.decorate=false' in the configuration file did\nnot take effect in v2.13, which has been corrected.\n\ncorrections to documentation and command help output\n\ngarbage collection fixes\n\nmemory leaks fixed\n\nreceive-pack now makes sure that the push certificate records the same\nset of push options used for pushing\n\nshell completion corrections for git stash\n\nfix 'git clone --config var=val' with empty strings\n\ninternal efficiency improvements\n\nUpdate sha1 collision detection code for big-endian platforms and\nplatforms not supporting unaligned fetches\n\nFix packaging of documentation\n\ngit 2.13.0: empty string as a pathspec element for 'everything\nmatches' is still warned, for future removal.\n\ndeprecated argument order 'git merge <msg> HEAD <commit>...' was\nremoved </commit></msg>\n\ndefault location '~/.git-credential-cache/socket' for the socket used\nto communicate with the credential-cache daemon moved to\n'~/.cache/git/credential/socket'.\n\nnow avoid blindly falling back to '.git' when the setup sequence\nindicated otherwise\n\nmany workflow features, improvements and bug fixes\n\nadd a hardened implementation of SHA1 in response to practical\ncollision attacks (CVE-2005-4900, bsc#1042640)\n\nCVE-2017-8386: On a server running git-shell as login shell to\nrestrict user to git commands, remote users may have been able to have\ngit service programs spawn an interactive pager and thus escape the\nshell restrictions. (bsc#1038395)\n\nChanges in pcre2: Include the libraries, development and tools\npackages.\n\ngit uses only libpcre2-8 so far, but this allows further application\nusage of pcre2.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1167890\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1168930\");\n script_set_attribute(attribute:\"see_also\", value:\"https://lists.opensuse.org/opensuse-factory/2019-01/msg00490.html\");\n # https://raw.github.com/git/git/master/Documentation/RelNotes/2.16.0.txt\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?9a796f1e\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-5260/\");\n # https://www.suse.com/support/update/announcement/2020/suse-su-20200992-1/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?d199ff91\");\n script_set_attribute(attribute:\"solution\", value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE OpenStack Cloud Crowbar 8:zypper in -t patch\nSUSE-OpenStack-Cloud-Crowbar-8-2020-992=1\n\nSUSE OpenStack Cloud 8:zypper in -t patch\nSUSE-OpenStack-Cloud-8-2020-992=1\n\nSUSE OpenStack Cloud 7:zypper in -t patch\nSUSE-OpenStack-Cloud-7-2020-992=1\n\nSUSE Linux Enterprise Software Development Kit 12-SP5:zypper in -t\npatch SUSE-SLE-SDK-12-SP5-2020-992=1\n\nSUSE Linux Enterprise Software Development Kit 12-SP4:zypper in -t\npatch SUSE-SLE-SDK-12-SP4-2020-992=1\n\nSUSE Linux Enterprise Server for SAP 12-SP3:zypper in -t patch\nSUSE-SLE-SAP-12-SP3-2020-992=1\n\nSUSE Linux Enterprise Server for SAP 12-SP2:zypper in -t patch\nSUSE-SLE-SAP-12-SP2-2020-992=1\n\nSUSE Linux Enterprise Server for SAP 12-SP1:zypper in -t patch\nSUSE-SLE-SAP-12-SP1-2020-992=1\n\nSUSE Linux Enterprise Server 12-SP5:zypper in -t patch\nSUSE-SLE-SERVER-12-SP5-2020-992=1\n\nSUSE Linux Enterprise Server 12-SP4:zypper in -t patch\nSUSE-SLE-SERVER-12-SP4-2020-992=1\n\nSUSE Linux Enterprise Server 12-SP3-LTSS:zypper in -t patch\nSUSE-SLE-SERVER-12-SP3-2020-992=1\n\nSUSE Linux Enterprise Server 12-SP3-BCL:zypper in -t patch\nSUSE-SLE-SERVER-12-SP3-BCL-2020-992=1\n\nSUSE Linux Enterprise Server 12-SP2-LTSS:zypper in -t patch\nSUSE-SLE-SERVER-12-SP2-2020-992=1\n\nSUSE Linux Enterprise Server 12-SP2-BCL:zypper in -t patch\nSUSE-SLE-SERVER-12-SP2-BCL-2020-992=1\n\nSUSE Linux Enterprise Server 12-SP1-LTSS:zypper in -t patch\nSUSE-SLE-SERVER-12-SP1-2020-992=1\n\nSUSE Enterprise Storage 5:zypper in -t patch SUSE-Storage-5-2020-992=1\n\nHPE Helion Openstack 8:zypper in -t patch\nHPE-Helion-OpenStack-8-2020-992=1\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-19604\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2019-1353\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Malicious Git HTTP Server For CVE-2018-17456');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/10/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/04/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/04/15\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:git-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:git-core-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:git-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libpcre2-16\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libpcre2-16-0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libpcre2-32\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libpcre2-32-0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libpcre2-8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libpcre2-8-0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libpcre2-posix2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libpcre2-posix2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(1|2|3|4|5)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP1/2/3/4/5\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"git-core-2.26.0-27.27.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"git-core-debuginfo-2.26.0-27.27.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"git-debugsource-2.26.0-27.27.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libpcre2-16-0-10.34-1.3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libpcre2-16-0-debuginfo-10.34-1.3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libpcre2-32-0-10.34-1.3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libpcre2-32-0-debuginfo-10.34-1.3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libpcre2-8-0-10.34-1.3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libpcre2-8-0-debuginfo-10.34-1.3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libpcre2-posix2-10.34-1.3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libpcre2-posix2-debuginfo-10.34-1.3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"git-core-2.26.0-27.27.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"git-core-debuginfo-2.26.0-27.27.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"git-debugsource-2.26.0-27.27.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libpcre2-16-0-10.34-1.3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libpcre2-16-0-debuginfo-10.34-1.3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libpcre2-32-0-10.34-1.3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libpcre2-32-0-debuginfo-10.34-1.3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libpcre2-8-0-10.34-1.3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libpcre2-8-0-debuginfo-10.34-1.3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libpcre2-posix2-10.34-1.3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libpcre2-posix2-debuginfo-10.34-1.3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"git-core-2.26.0-27.27.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"git-core-debuginfo-2.26.0-27.27.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"git-debugsource-2.26.0-27.27.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libpcre2-16-0-10.34-1.3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libpcre2-16-0-debuginfo-10.34-1.3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libpcre2-32-0-10.34-1.3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libpcre2-32-0-debuginfo-10.34-1.3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libpcre2-8-0-10.34-1.3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libpcre2-8-0-debuginfo-10.34-1.3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libpcre2-posix2-10.34-1.3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libpcre2-posix2-debuginfo-10.34-1.3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"git-core-2.26.0-27.27.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"git-core-debuginfo-2.26.0-27.27.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"git-debugsource-2.26.0-27.27.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libpcre2-16-0-10.34-1.3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libpcre2-16-0-debuginfo-10.34-1.3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libpcre2-32-0-10.34-1.3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libpcre2-32-0-debuginfo-10.34-1.3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libpcre2-8-0-10.34-1.3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libpcre2-8-0-debuginfo-10.34-1.3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libpcre2-posix2-10.34-1.3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libpcre2-posix2-debuginfo-10.34-1.3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"git-core-2.26.0-27.27.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"git-core-debuginfo-2.26.0-27.27.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"git-debugsource-2.26.0-27.27.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"libpcre2-16-0-10.34-1.3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"libpcre2-16-0-debuginfo-10.34-1.3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"libpcre2-32-0-10.34-1.3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"libpcre2-32-0-debuginfo-10.34-1.3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"libpcre2-8-0-10.34-1.3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"libpcre2-8-0-debuginfo-10.34-1.3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"libpcre2-posix2-10.34-1.3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"libpcre2-posix2-debuginfo-10.34-1.3.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"git\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-05-09T18:04:03", "description": "The remote Debian 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-2936 advisory.\n\n - A flaw was found in libgit2 before version 0.27.3. It has been discovered that an unexpected sign extension in git_delta_apply function in delta.c file may lead to an integer overflow which in turn leads to an out of bound read, allowing to read before the base object. An attacker may use this flaw to leak memory addresses or cause a Denial of Service. (CVE-2018-10887)\n\n - A flaw was found in libgit2 before version 0.27.3. A missing check in git_delta_apply function in delta.c file, may lead to an out-of-bound read while reading a binary delta file. An attacker may use this flaw to cause a Denial of Service. (CVE-2018-10888)\n\n - In ng_pkt in transports/smart_pkt.c in libgit2 before 0.26.6 and 0.27.x before 0.27.4, a remote attacker can send a crafted smart-protocol ng packet that lacks a '\\0' byte to trigger an out-of-bounds read that leads to DoS. (CVE-2018-15501)\n\n - Integer overflow in the index.c:read_entry() function while decompressing a compressed prefix length in libgit2 before v0.26.2 allows an attacker to cause a denial of service (out-of-bounds read) via a crafted repository index file. (CVE-2018-8098)\n\n - Incorrect returning of an error code in the index.c:read_entry() function leads to a double free in libgit2 before v0.26.2, which allows an attacker to cause a denial of service via a crafted repository index file. (CVE-2018-8099)\n\n - A remote code execution vulnerability exists when Git for Visual Studio improperly sanitizes input, aka 'Git for Visual Studio Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1349, CVE-2019-1350, CVE-2019-1354, CVE-2019-1387. (CVE-2019-1352)\n\n - An issue was found in Git before v2.24.1, v2.23.1, v2.22.2, v2.21.1, v2.20.2, v2.19.3, v2.18.2, v2.17.3, v2.16.6, v2.15.4, and v2.14.6. When running Git in the Windows Subsystem for Linux (also known as WSL) while accessing a working directory on a regular Windows drive, none of the NTFS protections were active.\n (CVE-2019-1353)\n\n - An issue was discovered in libgit2 before 0.28.4 and 0.9x before 0.99.0. path.c mishandles equivalent filenames that exist because of NTFS Alternate Data Streams. This may allow remote code execution when cloning a repository. This issue is similar to CVE-2019-1352. (CVE-2020-12278)\n\n - An issue was discovered in libgit2 before 0.28.4 and 0.9x before 0.99.0. checkout.c mishandles equivalent filenames that exist because of NTFS short names. This may allow remote code execution when cloning a repository. This issue is similar to CVE-2019-1353. (CVE-2020-12279)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2022-03-21T00:00:00", "type": "nessus", "title": "Debian DLA-2936-1 : libgit2 - LTS security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10887", "CVE-2018-10888", "CVE-2018-15501", "CVE-2018-8098", "CVE-2018-8099", "CVE-2019-1349", "CVE-2019-1350", "CVE-2019-1352", "CVE-2019-1353", "CVE-2019-1354", "CVE-2019-1387", "CVE-2020-12278", "CVE-2020-12279"], "modified": "2022-05-06T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:libgit2-24", "p-cpe:/a:debian:debian_linux:libgit2-dev", "cpe:/o:debian:debian_linux:9.0"], "id": "DEBIAN_DLA-2936.NASL", "href": "https://www.tenable.com/plugins/nessus/159090", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory dla-2936. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(159090);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/06\");\n\n script_cve_id(\n \"CVE-2018-8098\",\n \"CVE-2018-8099\",\n \"CVE-2018-10887\",\n \"CVE-2018-10888\",\n \"CVE-2018-15501\",\n \"CVE-2019-1352\",\n \"CVE-2019-1353\",\n \"CVE-2020-12278\",\n \"CVE-2020-12279\"\n );\n script_xref(name:\"IAVA\", value:\"2019-A-0454-S\");\n\n script_name(english:\"Debian DLA-2936-1 : libgit2 - LTS security update\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Debian host is missing one or more security-related updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Debian 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the\ndla-2936 advisory.\n\n - A flaw was found in libgit2 before version 0.27.3. It has been discovered that an unexpected sign\n extension in git_delta_apply function in delta.c file may lead to an integer overflow which in turn leads\n to an out of bound read, allowing to read before the base object. An attacker may use this flaw to leak\n memory addresses or cause a Denial of Service. (CVE-2018-10887)\n\n - A flaw was found in libgit2 before version 0.27.3. A missing check in git_delta_apply function in delta.c\n file, may lead to an out-of-bound read while reading a binary delta file. An attacker may use this flaw to\n cause a Denial of Service. (CVE-2018-10888)\n\n - In ng_pkt in transports/smart_pkt.c in libgit2 before 0.26.6 and 0.27.x before 0.27.4, a remote attacker\n can send a crafted smart-protocol ng packet that lacks a '\\0' byte to trigger an out-of-bounds read that\n leads to DoS. (CVE-2018-15501)\n\n - Integer overflow in the index.c:read_entry() function while decompressing a compressed prefix length in\n libgit2 before v0.26.2 allows an attacker to cause a denial of service (out-of-bounds read) via a crafted\n repository index file. (CVE-2018-8098)\n\n - Incorrect returning of an error code in the index.c:read_entry() function leads to a double free in\n libgit2 before v0.26.2, which allows an attacker to cause a denial of service via a crafted repository\n index file. (CVE-2018-8099)\n\n - A remote code execution vulnerability exists when Git for Visual Studio improperly sanitizes input, aka\n 'Git for Visual Studio Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1349,\n CVE-2019-1350, CVE-2019-1354, CVE-2019-1387. (CVE-2019-1352)\n\n - An issue was found in Git before v2.24.1, v2.23.1, v2.22.2, v2.21.1, v2.20.2, v2.19.3, v2.18.2, v2.17.3,\n v2.16.6, v2.15.4, and v2.14.6. When running Git in the Windows Subsystem for Linux (also known as WSL)\n while accessing a working directory on a regular Windows drive, none of the NTFS protections were active.\n (CVE-2019-1353)\n\n - An issue was discovered in libgit2 before 0.28.4 and 0.9x before 0.99.0. path.c mishandles equivalent\n filenames that exist because of NTFS Alternate Data Streams. This may allow remote code execution when\n cloning a repository. This issue is similar to CVE-2019-1352. (CVE-2020-12278)\n\n - An issue was discovered in libgit2 before 0.28.4 and 0.9x before 0.99.0. checkout.c mishandles equivalent\n filenames that exist because of NTFS short names. This may allow remote code execution when cloning a\n repository. This issue is similar to CVE-2019-1353. (CVE-2020-12279)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=892961\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/source-package/libgit2\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.debian.org/lts/security/2022/dla-2936\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2018-10887\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2018-10888\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2018-15501\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2018-8098\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2018-8099\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2019-1352\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2019-1353\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2020-12278\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2020-12279\");\n script_set_attribute(attribute:\"see_also\", value:\"https://packages.debian.org/source/stretch/libgit2\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the libgit2 packages.\n\nFor Debian 9 stretch, these problems have been fixed in version 0.25.1+really0.24.6-1+deb9u1.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-1352\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2020-12279\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/03/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/03/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/03/21\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libgit2-24\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libgit2-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:9.0\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Debian Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\ninclude('audit.inc');\ninclude('debian_package.inc');\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar release = get_kb_item('Host/Debian/release');\nif ( isnull(release) ) audit(AUDIT_OS_NOT, 'Debian');\nvar release = chomp(release);\nif (! preg(pattern:\"^(9)\\.[0-9]+\", string:release)) audit(AUDIT_OS_NOT, 'Debian 9.0', 'Debian ' + release);\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Debian', cpu);\n\nvar pkgs = [\n {'release': '9.0', 'prefix': 'libgit2-24', 'reference': '0.25.1+really0.24.6-1+deb9u1'},\n {'release': '9.0', 'prefix': 'libgit2-dev', 'reference': '0.25.1+really0.24.6-1+deb9u1'}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var release = NULL;\n var prefix = NULL;\n var reference = NULL;\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['prefix'])) prefix = package_array['prefix'];\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (release && prefix && reference) {\n if (deb_check(release:release, prefix:prefix, reference:reference)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : deb_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = deb_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'libgit2-24 / libgit2-dev');\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-05-15T13:58:00", "description": "According to the versions of the libgit2 package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - An issue was discovered in libgit2 before 0.28.4 and 0.9x before 0.99.0. path.c mishandles equivalent filenames that exist because of NTFS Alternate Data Streams. This may allow remote code execution when cloning a repository. This issue is similar to CVE-2019-1352.(CVE-2020-12278)\n\n - An issue was discovered in libgit2 before 0.28.4 and 0.9x before 0.99.0. checkout.c mishandles equivalent filenames that exist because of NTFS short names. This may allow remote code execution when cloning a repository. This issue is similar to CVE-2019-1353.(CVE-2020-12279)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2020-08-28T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP8 : libgit2 (EulerOS-SA-2020-1861)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1352", "CVE-2019-1353", "CVE-2020-12278", "CVE-2020-12279"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:libgit2", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2020-1861.NASL", "href": "https://www.tenable.com/plugins/nessus/139964", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(139964);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2020-12278\",\n \"CVE-2020-12279\"\n );\n\n script_name(english:\"EulerOS 2.0 SP8 : libgit2 (EulerOS-SA-2020-1861)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the libgit2 package installed, the\nEulerOS installation on the remote host is affected by the following\nvulnerabilities :\n\n - An issue was discovered in libgit2 before 0.28.4 and\n 0.9x before 0.99.0. path.c mishandles equivalent\n filenames that exist because of NTFS Alternate Data\n Streams. This may allow remote code execution when\n cloning a repository. This issue is similar to\n CVE-2019-1352.(CVE-2020-12278)\n\n - An issue was discovered in libgit2 before 0.28.4 and\n 0.9x before 0.99.0. checkout.c mishandles equivalent\n filenames that exist because of NTFS short names. This\n may allow remote code execution when cloning a\n repository. This issue is similar to\n CVE-2019-1353.(CVE-2020-12279)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-1861\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?4a81cd8d\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected libgit2 packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/08/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/08/28\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libgit2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(8)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP8\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP8\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nflag = 0;\n\npkgs = [\"libgit2-0.27.5-1.h1.eulerosv2r8\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"8\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libgit2\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:17:03", "description": "An update of the git package has been released.", "cvss3": {"score": 7.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2020-01-16T00:00:00", "type": "nessus", "title": "Photon OS 1.0: Git PHSA-2019-1.0-0263", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-19604"], "modified": "2020-01-18T00:00:00", "cpe": ["p-cpe:/a:vmware:photonos:git", "cpe:/o:vmware:photonos:1.0"], "id": "PHOTONOS_PHSA-2019-1_0-0263_GIT.NASL", "href": "https://www.tenable.com/plugins/nessus/132964", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n# The descriptive text and package checks in this plugin were\n# extracted from VMware Security Advisory PHSA-2019-1.0-0263. The text\n# itself is copyright (C) VMware, Inc.\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(132964);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2020/01/18\");\n\n script_cve_id(\"CVE-2019-19604\");\n\n script_name(english:\"Photon OS 1.0: Git PHSA-2019-1.0-0263\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote PhotonOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"An update of the git package has been released.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://github.com/vmware/photon/wiki/Security-Updates-1.0-263.md\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected Linux packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-19604\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/12/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/12/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/01/16\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:vmware:photonos:git\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:photonos:1.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"PhotonOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/PhotonOS/release\", \"Host/PhotonOS/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/PhotonOS/release\");\nif (isnull(release) || release !~ \"^VMware Photon\") audit(AUDIT_OS_NOT, \"PhotonOS\");\nif (release !~ \"^VMware Photon (?:Linux|OS) 1\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"PhotonOS 1.0\");\n\nif (!get_kb_item(\"Host/PhotonOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"PhotonOS\", cpu);\n\nflag = 0;\n\nif (rpm_exists(rpm:\"git-2.23\", release:\"PhotonOS-1.0\") && rpm_check(release:\"PhotonOS-1.0\", cpu:\"x86_64\", reference:\"git-2.23.1-1.ph1\")) flag++;\nif (rpm_exists(rpm:\"git-2.23\", release:\"PhotonOS-1.0\") && rpm_check(release:\"PhotonOS-1.0\", cpu:\"src\", reference:\"git-2.23.1-1.ph1.src\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", cpu:\"x86_64\", reference:\"git-debuginfo-2.23.1-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", cpu:\"x86_64\", reference:\"git-lang-2.23.1-1.ph1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"git\");\n}\n\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T12:17:18", "description": "An update of the git package has been released.", "cvss3": {"score": 7.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2020-01-18T00:00:00", "type": "nessus", "title": "Photon OS 3.0: Git PHSA-2020-3.0-0047", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-19604"], "modified": "2020-01-20T00:00:00", "cpe": ["p-cpe:/a:vmware:photonos:git", "cpe:/o:vmware:photonos:3.0"], "id": "PHOTONOS_PHSA-2020-3_0-0047_GIT.NASL", "href": "https://www.tenable.com/plugins/nessus/133063", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n# The descriptive text and package checks in this plugin were\n# extracted from VMware Security Advisory PHSA-2020-3.0-0047. The text\n# itself is copyright (C) VMware, Inc.\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(133063);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2020/01/20\");\n\n script_cve_id(\"CVE-2019-19604\");\n\n script_name(english:\"Photon OS 3.0: Git PHSA-2020-3.0-0047\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote PhotonOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"An update of the git package has been released.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://github.com/vmware/photon/wiki/Security-Updates-3.0-47.md\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected Linux packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-19604\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/12/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/01/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/01/18\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:vmware:photonos:git\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:photonos:3.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"PhotonOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/PhotonOS/release\", \"Host/PhotonOS/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/PhotonOS/release\");\nif (isnull(release) || release !~ \"^VMware Photon\") audit(AUDIT_OS_NOT, \"PhotonOS\");\nif (release !~ \"^VMware Photon (?:Linux|OS) 3\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"PhotonOS 3.0\");\n\nif (!get_kb_item(\"Host/PhotonOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"PhotonOS\", cpu);\n\nflag = 0;\n\nif (rpm_exists(rpm:\"git-2.23\", release:\"PhotonOS-3.0\") && rpm_check(release:\"PhotonOS-3.0\", cpu:\"aarch64\", reference:\"git-2.23.1-1.ph3\")) flag++;\nif (rpm_exists(rpm:\"git-2.23\", release:\"PhotonOS-3.0\") && rpm_check(release:\"PhotonOS-3.0\", cpu:\"x86_64\", reference:\"git-2.23.1-1.ph3\")) flag++;\nif (rpm_exists(rpm:\"git-2.23\", release:\"PhotonOS-3.0\") && rpm_check(release:\"PhotonOS-3.0\", cpu:\"src\", reference:\"git-2.23.1-1.ph3.src\")) flag++;\nif (rpm_exists(rpm:\"git-debuginfo-2.23\", release:\"PhotonOS-3.0\") && rpm_check(release:\"PhotonOS-3.0\", cpu:\"aarch64\", reference:\"git-debuginfo-2.23.1-1.ph3\")) flag++;\nif (rpm_exists(rpm:\"git-debuginfo-2.23\", release:\"PhotonOS-3.0\") && rpm_check(release:\"PhotonOS-3.0\", cpu:\"x86_64\", reference:\"git-debuginfo-2.23.1-1.ph3\")) flag++;\nif (rpm_exists(rpm:\"git-lang-2.23\", release:\"PhotonOS-3.0\") && rpm_check(release:\"PhotonOS-3.0\", cpu:\"aarch64\", reference:\"git-lang-2.23.1-1.ph3\")) flag++;\nif (rpm_exists(rpm:\"git-lang-2.23\", release:\"PhotonOS-3.0\") && rpm_check(release:\"PhotonOS-3.0\", cpu:\"x86_64\", reference:\"git-lang-2.23.1-1.ph3\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"git\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T12:17:03", "description": "An update of the git package has been released.", "cvss3": {"score": 7.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2020-01-16T00:00:00", "type": "nessus", "title": "Photon OS 2.0: Git PHSA-2019-2.0-0196", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-19604"], "modified": "2020-01-18T00:00:00", "cpe": ["p-cpe:/a:vmware:photonos:git", "cpe:/o:vmware:photonos:2.0"], "id": "PHOTONOS_PHSA-2019-2_0-0196_GIT.NASL", "href": "https://www.tenable.com/plugins/nessus/132971", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n# The descriptive text and package checks in this plugin were\n# extracted from VMware Security Advisory PHSA-2019-2.0-0196. The text\n# itself is copyright (C) VMware, Inc.\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(132971);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2020/01/18\");\n\n script_cve_id(\"CVE-2019-19604\");\n\n script_name(english:\"Photon OS 2.0: Git PHSA-2019-2.0-0196\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote PhotonOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"An update of the git package has been released.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://github.com/vmware/photon/wiki/Security-Updates-2-196.md\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected Linux packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-19604\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/12/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/12/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/01/16\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:vmware:photonos:git\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:photonos:2.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"PhotonOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/PhotonOS/release\", \"Host/PhotonOS/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/PhotonOS/release\");\nif (isnull(release) || release !~ \"^VMware Photon\") audit(AUDIT_OS_NOT, \"PhotonOS\");\nif (release !~ \"^VMware Photon (?:Linux|OS) 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"PhotonOS 2.0\");\n\nif (!get_kb_item(\"Host/PhotonOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"PhotonOS\", cpu);\n\nflag = 0;\n\nif (rpm_exists(rpm:\"git-2.23\", release:\"PhotonOS-2.0\") && rpm_check(release:\"PhotonOS-2.0\", cpu:\"x86_64\", reference:\"git-2.23.1-1.ph2\")) flag++;\nif (rpm_exists(rpm:\"git-2.23\", release:\"PhotonOS-2.0\") && rpm_check(release:\"PhotonOS-2.0\", cpu:\"src\", reference:\"git-2.23.1-1.ph2.src\")) flag++;\nif (rpm_check(release:\"PhotonOS-2.0\", cpu:\"x86_64\", reference:\"git-debuginfo-2.23.1-1.ph2\")) flag++;\nif (rpm_check(release:\"PhotonOS-2.0\", cpu:\"x86_64\", reference:\"git-lang-2.23.1-1.ph2\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"git\");\n}\n\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-02-19T13:04:37", "description": "Security Fix(es) :\n\n - git: Remote code execution in recursive clones with nested submodules (CVE-2019-1387)", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2020-01-17T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : git on SL7.x x86_64 (20200116)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1387"], "modified": "2020-02-24T00:00:00", "cpe": ["p-cpe:/a:fermilab:scientific_linux:emacs-git", "p-cpe:/a:fermilab:scientific_linux:emacs-git-el", "p-cpe:/a:fermilab:scientific_linux:git", "p-cpe:/a:fermilab:scientific_linux:git-all", "p-cpe:/a:fermilab:scientific_linux:git-bzr", "p-cpe:/a:fermilab:scientific_linux:git-cvs", "p-cpe:/a:fermilab:scientific_linux:git-daemon", "p-cpe:/a:fermilab:scientific_linux:git-debuginfo", "p-cpe:/a:fermilab:scientific_linux:git-email", "p-cpe:/a:fermilab:scientific_linux:git-gnome-keyring", "p-cpe:/a:fermilab:scientific_linux:git-gui", "p-cpe:/a:fermilab:scientific_linux:git-hg", "p-cpe:/a:fermilab:scientific_linux:git-instaweb", "p-cpe:/a:fermilab:scientific_linux:git-p4", "p-cpe:/a:fermilab:scientific_linux:git-svn", "p-cpe:/a:fermilab:scientific_linux:gitk", "p-cpe:/a:fermilab:scientific_linux:gitweb", "p-cpe:/a:fermilab:scientific_linux:perl-Git", "p-cpe:/a:fermilab:scientific_linux:perl-Git-SVN", "x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20200116_GIT_ON_SL7_X.NASL", "href": "https://www.tenable.com/plugins/nessus/133029", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(133029);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/02/24\");\n\n script_cve_id(\"CVE-2019-1387\");\n\n script_name(english:\"Scientific Linux Security Update : git on SL7.x x86_64 (20200116)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Security Fix(es) :\n\n - git: Remote code execution in recursive clones with\n nested submodules (CVE-2019-1387)\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind2001&L=SCIENTIFIC-LINUX-ERRATA&P=3439\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?408c2417\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:emacs-git\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:emacs-git-el\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:git\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:git-all\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:git-bzr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:git-cvs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:git-daemon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:git-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:git-email\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:git-gnome-keyring\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:git-gui\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:git-hg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:git-instaweb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:git-p4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:git-svn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:gitk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:gitweb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:perl-Git\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:perl-Git-SVN\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/12/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/01/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/01/17\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nos_ver = pregmatch(pattern: \"Scientific Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Scientific Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Scientific Linux 7.x\", \"Scientific Linux \" + os_ver);\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL7\", reference:\"emacs-git-1.8.3.1-21.el7_7\")) flag++;\nif (rpm_check(release:\"SL7\", reference:\"emacs-git-el-1.8.3.1-21.el7_7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"git-1.8.3.1-21.el7_7\")) flag++;\nif (rpm_check(release:\"SL7\", reference:\"git-all-1.8.3.1-21.el7_7\")) flag++;\nif (rpm_check(release:\"SL7\", reference:\"git-bzr-1.8.3.1-21.el7_7\")) flag++;\nif (rpm_check(release:\"SL7\", reference:\"git-cvs-1.8.3.1-21.el7_7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"git-daemon-1.8.3.1-21.el7_7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"git-debuginfo-1.8.3.1-21.el7_7\")) flag++;\nif (rpm_check(release:\"SL7\", reference:\"git-email-1.8.3.1-21.el7_7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"git-gnome-keyring-1.8.3.1-21.el7_7\")) flag++;\nif (rpm_check(release:\"SL7\", reference:\"git-gui-1.8.3.1-21.el7_7\")) flag++;\nif (rpm_check(release:\"SL7\", reference:\"git-hg-1.8.3.1-21.el7_7\")) flag++;\nif (rpm_check(release:\"SL7\", reference:\"git-instaweb-1.8.3.1-21.el7_7\")) flag++;\nif (rpm_check(release:\"SL7\", reference:\"git-p4-1.8.3.1-21.el7_7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"git-svn-1.8.3.1-21.el7_7\")) flag++;\nif (rpm_check(release:\"SL7\", reference:\"gitk-1.8.3.1-21.el7_7\")) flag++;\nif (rpm_check(release:\"SL7\", reference:\"gitweb-1.8.3.1-21.el7_7\")) flag++;\nif (rpm_check(release:\"SL7\", reference:\"perl-Git-1.8.3.1-21.el7_7\")) flag++;\nif (rpm_check(release:\"SL7\", reference:\"perl-Git-SVN-1.8.3.1-21.el7_7\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"emacs-git / emacs-git-el / git / git-all / git-bzr / git-cvs / etc\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-02-19T13:05:27", "description": "From Red Hat Security Advisory 2020:0124 :\n\nAn update for git is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nGit is a distributed revision control system with a decentralized architecture. As opposed to centralized version control systems with a client-server model, Git ensures that each working copy of a Git repository is an exact copy with complete revision history. This not only allows the user to work on and contribute to projects without the need to have permission to push the changes to their official repositories, but also makes it possible for the user to work with no network connection.\n\nSecurity Fix(es) :\n\n* git: Remote code execution in recursive clones with nested submodules (CVE-2019-1387)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2020-01-17T00:00:00", "type": "nessus", "title": "Oracle Linux 7 : git (ELSA-2020-0124)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1387"], "modified": "2020-01-21T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:emacs-git", "p-cpe:/a:oracle:linux:emacs-git-el", "p-cpe:/a:oracle:linux:git", "p-cpe:/a:oracle:linux:git-all", "p-cpe:/a:oracle:linux:git-bzr", "p-cpe:/a:oracle:linux:git-cvs", "p-cpe:/a:oracle:linux:git-daemon", "p-cpe:/a:oracle:linux:git-email", "p-cpe:/a:oracle:linux:git-gnome-keyring", "p-cpe:/a:oracle:linux:git-gui", "p-cpe:/a:oracle:linux:git-hg", "p-cpe:/a:oracle:linux:git-instaweb", "p-cpe:/a:oracle:linux:git-p4", "p-cpe:/a:oracle:linux:git-svn", "p-cpe:/a:oracle:linux:gitk", "p-cpe:/a:oracle:linux:gitweb", "p-cpe:/a:oracle:linux:perl-Git", "p-cpe:/a:oracle:linux:perl-Git-SVN", "cpe:/o:oracle:linux:7"], "id": "ORACLELINUX_ELSA-2020-0124.NASL", "href": "https://www.tenable.com/plugins/nessus/133021", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2020:0124 and \n# Oracle Linux Security Advisory ELSA-2020-0124 respectively.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(133021);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2020/01/21\");\n\n script_cve_id(\"CVE-2019-1387\");\n script_xref(name:\"RHSA\", value:\"2020:0124\");\n\n script_name(english:\"Oracle Linux 7 : git (ELSA-2020-0124)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2020:0124 :\n\nAn update for git is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nGit is a distributed revision control system with a decentralized\narchitecture. As opposed to centralized version control systems with a\nclient-server model, Git ensures that each working copy of a Git\nrepository is an exact copy with complete revision history. This not\nonly allows the user to work on and contribute to projects without the\nneed to have permission to push the changes to their official\nrepositories, but also makes it possible for the user to work with no\nnetwork connection.\n\nSecurity Fix(es) :\n\n* git: Remote code execution in recursive clones with nested\nsubmodules (CVE-2019-1387)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, acknowledgments, and other related information, refer to\nthe CVE page(s) listed in the References section.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2020-January/009522.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected git packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:emacs-git\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:emacs-git-el\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:git\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:git-all\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:git-bzr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:git-cvs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:git-daemon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:git-email\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:git-gnome-keyring\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:git-gui\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:git-hg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:git-instaweb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:git-p4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:git-svn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gitk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gitweb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:perl-Git\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:perl-Git-SVN\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/12/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/01/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/01/17\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 7\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\nif (\"x86_64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"emacs-git-1.8.3.1-21.el7_7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"emacs-git-el-1.8.3.1-21.el7_7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"git-1.8.3.1-21.el7_7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"git-all-1.8.3.1-21.el7_7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"git-bzr-1.8.3.1-21.el7_7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"git-cvs-1.8.3.1-21.el7_7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"git-daemon-1.8.3.1-21.el7_7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"git-email-1.8.3.1-21.el7_7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"git-gnome-keyring-1.8.3.1-21.el7_7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"git-gui-1.8.3.1-21.el7_7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"git-hg-1.8.3.1-21.el7_7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"git-instaweb-1.8.3.1-21.el7_7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"git-p4-1.8.3.1-21.el7_7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"git-svn-1.8.3.1-21.el7_7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"gitk-1.8.3.1-21.el7_7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"gitweb-1.8.3.1-21.el7_7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"perl-Git-1.8.3.1-21.el7_7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"perl-Git-SVN-1.8.3.1-21.el7_7\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"emacs-git / emacs-git-el / git / git-all / git-bzr / git-cvs / etc\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-02-19T13:03:27", "description": "An update for git is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nGit is a distributed revision control system with a decentralized architecture. As opposed to centralized version control systems with a client-server model, Git ensures that each working copy of a Git repository is an exact copy with complete revision history. This not only allows the user to work on and contribute to projects without the need to have permission to push the changes to their official repositories, but also makes it possible for the user to work with no network connection.\n\nSecurity Fix(es) :\n\n* git: Remote code execution in recursive clones with nested submodules (CVE-2019-1387)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2020-01-21T00:00:00", "type": "nessus", "title": "CentOS 7 : git (CESA-2020:0124)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1387"], "modified": "2020-01-23T00:00:00", "cpe": ["p-cpe:/a:centos:centos:emacs-git", "p-cpe:/a:centos:centos:emacs-git-el", "p-cpe:/a:centos:centos:git", "p-cpe:/a:centos:centos:git-all", "p-cpe:/a:centos:centos:git-bzr", "p-cpe:/a:centos:centos:git-cvs", "p-cpe:/a:centos:centos:git-daemon", "p-cpe:/a:centos:centos:git-email", "p-cpe:/a:centos:centos:git-gnome-keyring", "p-cpe:/a:centos:centos:git-gui", "p-cpe:/a:centos:centos:git-hg", "p-cpe:/a:centos:centos:git-instaweb", "p-cpe:/a:centos:centos:git-p4", "p-cpe:/a:centos:centos:git-svn", "p-cpe:/a:centos:centos:gitk", "p-cpe:/a:centos:centos:gitweb", "p-cpe:/a:centos:centos:perl-Git", "p-cpe:/a:centos:centos:perl-Git-SVN", "cpe:/o:centos:centos:7"], "id": "CENTOS_RHSA-2020-0124.NASL", "href": "https://www.tenable.com/plugins/nessus/133100", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2020:0124 and \n# CentOS Errata and Security Advisory 2020:0124 respectively.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(133100);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2020/01/23\");\n\n script_cve_id(\"CVE-2019-1387\");\n script_xref(name:\"RHSA\", value:\"2020:0124\");\n\n script_name(english:\"CentOS 7 : git (CESA-2020:0124)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An update for git is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nGit is a distributed revision control system with a decentralized\narchitecture. As opposed to centralized version control systems with a\nclient-server model, Git ensures that each working copy of a Git\nrepository is an exact copy with complete revision history. This not\nonly allows the user to work on and contribute to projects without the\nneed to have permission to push the changes to their official\nrepositories, but also makes it possible for the user to work with no\nnetwork connection.\n\nSecurity Fix(es) :\n\n* git: Remote code execution in recursive clones with nested\nsubmodules (CVE-2019-1387)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, acknowledgments, and other related information, refer to\nthe CVE page(s) listed in the References section.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2020-January/035606.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?dd7b17a1\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected git packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-1387\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:emacs-git\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:emacs-git-el\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:git\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:git-all\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:git-bzr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:git-cvs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:git-daemon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:git-email\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:git-gnome-keyring\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:git-gui\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:git-hg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:git-instaweb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:git-p4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:git-svn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:gitk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:gitweb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:perl-Git\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:perl-Git-SVN\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/12/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/01/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/01/21\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 7.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"emacs-git-1.8.3.1-21.el7_7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"emacs-git-el-1.8.3.1-21.el7_7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"git-1.8.3.1-21.el7_7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"git-all-1.8.3.1-21.el7_7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"git-bzr-1.8.3.1-21.el7_7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"git-cvs-1.8.3.1-21.el7_7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"git-daemon-1.8.3.1-21.el7_7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"git-email-1.8.3.1-21.el7_7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"git-gnome-keyring-1.8.3.1-21.el7_7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"git-gui-1.8.3.1-21.el7_7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"git-hg-1.8.3.1-21.el7_7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"git-instaweb-1.8.3.1-21.el7_7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"git-p4-1.8.3.1-21.el7_7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"git-svn-1.8.3.1-21.el7_7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"gitk-1.8.3.1-21.el7_7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"gitweb-1.8.3.1-21.el7_7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"perl-Git-1.8.3.1-21.el7_7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"perl-Git-SVN-1.8.3.1-21.el7_7\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"emacs-git / emacs-git-el / git / git-all / git-bzr / git-cvs / etc\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-02-19T13:03:24", "description": "The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:0124 advisory.\n\n - git: Remote code execution in recursive clones with nested submodules (CVE-2019-1387)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2020-01-17T00:00:00", "type": "nessus", "title": "RHEL 7 : git (RHSA-2020:0124)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1387"], "modified": "2021-10-13T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:7", "cpe:/o:redhat:rhel_aus:7.7", "cpe:/o:redhat:rhel_e4s:7.6", "cpe:/o:redhat:rhel_e4s:7.7", "cpe:/o:redhat:rhel_eus:7.7", "cpe:/o:redhat:rhel_tus:7.7", "p-cpe:/a:redhat:enterprise_linux:emacs-git", "p-cpe:/a:redhat:enterprise_linux:emacs-git-el", "p-cpe:/a:redhat:enterprise_linux:git", "p-cpe:/a:redhat:enterprise_linux:git-all", "p-cpe:/a:redhat:enterprise_linux:git-bzr", "p-cpe:/a:redhat:enterprise_linux:git-cvs", "p-cpe:/a:redhat:enterprise_linux:git-daemon", "p-cpe:/a:redhat:enterprise_linux:git-email", "p-cpe:/a:redhat:enterprise_linux:git-gnome-keyring", "p-cpe:/a:redhat:enterprise_linux:git-gui", "p-cpe:/a:redhat:enterprise_linux:git-hg", "p-cpe:/a:redhat:enterprise_linux:git-instaweb", "p-cpe:/a:redhat:enterprise_linux:git-p4", "p-cpe:/a:redhat:enterprise_linux:git-svn", "p-cpe:/a:redhat:enterprise_linux:gitk", "p-cpe:/a:redhat:enterprise_linux:gitweb", "p-cpe:/a:redhat:enterprise_linux:perl-Git", "p-cpe:/a:redhat:enterprise_linux:perl-Git-SVN"], "id": "REDHAT-RHSA-2020-0124.NASL", "href": "https://www.tenable.com/plugins/nessus/133025", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2020:0124. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(133025);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/10/13\");\n\n script_cve_id(\"CVE-2019-1387\");\n script_xref(name:\"RHSA\", value:\"2020:0124\");\n\n script_name(english:\"RHEL 7 : git (RHSA-2020:0124)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in\nthe RHSA-2020:0124 advisory.\n\n - git: Remote code execution in recursive clones with nested submodules (CVE-2019-1387)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/20.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-1387\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2020:0124\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1781127\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-1387\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(20);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/12/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/01/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/01/17\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_aus:7.7\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:7.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:7.7\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_eus:7.7\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_tus:7.7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:emacs-git\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:emacs-git-el\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:git\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:git-all\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:git-bzr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:git-cvs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:git-daemon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:git-email\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:git-gnome-keyring\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:git-gui\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:git-hg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:git-instaweb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:git-p4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:git-svn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:gitk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:gitweb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:perl-Git\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:perl-Git-SVN\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/RedHat/release');\nif (isnull(release) || 'Red Hat' >!< release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nvar os_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '7')) audit(AUDIT_OS_NOT, 'Red Hat 7.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar repositories = {\n 'enterprise_linux_7_client': [\n 'rhel-7-desktop-debug-rpms',\n 'rhel-7-desktop-fastrack-debug-rpms',\n 'rhel-7-desktop-fastrack-rpms',\n 'rhel-7-desktop-fastrack-source-rpms',\n 'rhel-7-desktop-optional-debug-rpms',\n 'rhel-7-desktop-optional-fastrack-debug-rpms',\n 'rhel-7-desktop-optional-fastrack-rpms',\n 'rhel-7-desktop-optional-fastrack-source-rpms',\n 'rhel-7-desktop-optional-rpms',\n 'rhel-7-desktop-optional-source-rpms',\n 'rhel-7-desktop-rpms',\n 'rhel-7-desktop-source-rpms'\n ],\n 'enterprise_linux_7_computenode': [\n 'rhel-7-for-hpc-node-fastrack-debug-rpms',\n 'rhel-7-for-hpc-node-fastrack-rpms',\n 'rhel-7-for-hpc-node-fastrack-source-rpms',\n 'rhel-7-for-hpc-node-optional-fastrack-debug-rpms',\n 'rhel-7-for-hpc-node-optional-fastrack-rpms',\n 'rhel-7-for-hpc-node-optional-fastrack-source-rpms',\n 'rhel-7-hpc-node-debug-rpms',\n 'rhel-7-hpc-node-optional-debug-rpms',\n 'rhel-7-hpc-node-optional-rpms',\n 'rhel-7-hpc-node-optional-source-rpms',\n 'rhel-7-hpc-node-rpms',\n 'rhel-7-hpc-node-source-rpms'\n ],\n 'enterprise_linux_7_server': [\n 'rhel-7-for-system-z-a-debug-rpms',\n 'rhel-7-for-system-z-a-optional-debug-rpms',\n 'rhel-7-for-system-z-a-optional-rpms',\n 'rhel-7-for-system-z-a-optional-source-rpms',\n 'rhel-7-for-system-z-a-rpms',\n 'rhel-7-for-system-z-a-source-rpms',\n 'rhel-7-for-system-z-debug-rpms',\n 'rhel-7-for-system-z-fastrack-debug-rpms',\n 'rhel-7-for-system-z-fastrack-rpms',\n 'rhel-7-for-system-z-fastrack-source-rpms',\n 'rhel-7-for-system-z-optional-debug-rpms',\n 'rhel-7-for-system-z-optional-fastrack-debug-rpms',\n 'rhel-7-for-system-z-optional-fastrack-rpms',\n 'rhel-7-for-system-z-optional-fastrack-source-rpms',\n 'rhel-7-for-system-z-optional-rpms',\n 'rhel-7-for-system-z-optional-source-rpms',\n 'rhel-7-for-system-z-rpms',\n 'rhel-7-for-system-z-source-rpms',\n 'rhel-7-server-debug-rpms',\n 'rhel-7-server-fastrack-debug-rpms',\n 'rhel-7-server-fastrack-rpms',\n 'rhel-7-server-fastrack-source-rpms',\n 'rhel-7-server-optional-debug-rpms',\n 'rhel-7-server-optional-fastrack-debug-rpms',\n 'rhel-7-server-optional-fastrack-rpms',\n 'rhel-7-server-optional-fastrack-source-rpms',\n 'rhel-7-server-optional-rpms',\n 'rhel-7-server-optional-source-rpms',\n 'rhel-7-server-rpms',\n 'rhel-7-server-source-rpms',\n 'rhel-ha-for-rhel-7-for-system-z-debug-rpms',\n 'rhel-ha-for-rhel-7-for-system-z-rpms',\n 'rhel-ha-for-rhel-7-for-system-z-source-rpms',\n 'rhel-ha-for-rhel-7-server-debug-rpms',\n 'rhel-ha-for-rhel-7-server-rpms',\n 'rhel-ha-for-rhel-7-server-source-rpms',\n 'rhel-rs-for-rhel-7-for-system-z-debug-rpms',\n 'rhel-rs-for-rhel-7-for-system-z-rpms',\n 'rhel-rs-for-rhel-7-for-system-z-source-rpms',\n 'rhel-rs-for-rhel-7-server-debug-rpms',\n 'rhel-rs-for-rhel-7-server-rpms',\n 'rhel-rs-for-rhel-7-server-source-rpms'\n ],\n 'enterprise_linux_7_workstation': [\n 'rhel-7-workstation-debug-rpms',\n 'rhel-7-workstation-fastrack-debug-rpms',\n 'rhel-7-workstation-fastrack-rpms',\n 'rhel-7-workstation-fastrack-source-rpms',\n 'rhel-7-workstation-optional-debug-rpms',\n 'rhel-7-workstation-optional-fastrack-debug-rpms',\n 'rhel-7-workstation-optional-fastrack-rpms',\n 'rhel-7-workstation-optional-fastrack-source-rpms',\n 'rhel-7-workstation-optional-rpms',\n 'rhel-7-workstation-optional-source-rpms',\n 'rhel-7-workstation-rpms',\n 'rhel-7-workstation-source-rpms'\n ],\n 'rhel_aus_7_7_server': [\n 'rhel-7-server-aus-debug-rpms',\n 'rhel-7-server-aus-debug-rpms__7_DOT_7__x86_64',\n 'rhel-7-server-aus-optional-debug-rpms',\n 'rhel-7-server-aus-optional-debug-rpms__7_DOT_7__x86_64',\n 'rhel-7-server-aus-optional-rpms',\n 'rhel-7-server-aus-optional-rpms__7_DOT_7__x86_64',\n 'rhel-7-server-aus-optional-source-rpms',\n 'rhel-7-server-aus-optional-source-rpms__7_DOT_7__x86_64',\n 'rhel-7-server-aus-rpms',\n 'rhel-7-server-aus-rpms__7_DOT_7__x86_64',\n 'rhel-7-server-aus-source-rpms',\n 'rhel-7-server-aus-source-rpms__7_DOT_7__x86_64'\n ],\n 'rhel_e4s_7_6_server': [\n 'rhel-7-server-aus-debug-rpms',\n 'rhel-7-server-aus-optional-debug-rpms',\n 'rhel-7-server-aus-optional-rpms',\n 'rhel-7-server-aus-optional-source-rpms',\n 'rhel-7-server-aus-rpms',\n 'rhel-7-server-aus-source-rpms',\n 'rhel-7-server-e4s-debug-rpms',\n 'rhel-7-server-e4s-debug-rpms__7_DOT_6__x86_64',\n 'rhel-7-server-e4s-optional-debug-rpms',\n 'rhel-7-server-e4s-optional-debug-rpms__7_DOT_6__x86_64',\n 'rhel-7-server-e4s-optional-debug-rpms__7_DOT_7__x86_64',\n 'rhel-7-server-e4s-optional-rpms',\n 'rhel-7-server-e4s-optional-rpms__7_DOT_6__x86_64',\n 'rhel-7-server-e4s-optional-rpms__7_DOT_7__x86_64',\n 'rhel-7-server-e4s-optional-source-rpms',\n 'rhel-7-server-e4s-optional-source-rpms__7_DOT_6__x86_64',\n 'rhel-7-server-e4s-optional-source-rpms__7_DOT_7__x86_64',\n 'rhel-7-server-e4s-rpms',\n 'rhel-7-server-e4s-rpms__7_DOT_6__x86_64',\n 'rhel-7-server-e4s-source-rpms',\n 'rhel-7-server-e4s-source-rpms__7_DOT_6__x86_64',\n 'rhel-7-server-tus-debug-rpms',\n 'rhel-7-server-tus-optional-debug-rpms',\n 'rhel-7-server-tus-optional-rpms',\n 'rhel-7-server-tus-optional-source-rpms',\n 'rhel-7-server-tus-source-rpms',\n 'rhel-ha-for-rhel-7-server-e4s-debug-rpms',\n 'rhel-ha-for-rhel-7-server-e4s-debug-rpms__7_DOT_6__x86_64',\n 'rhel-ha-for-rhel-7-server-e4s-debug-rpms__7_DOT_7__x86_64',\n 'rhel-ha-for-rhel-7-server-e4s-rpms',\n 'rhel-ha-for-rhel-7-server-e4s-rpms__7_DOT_6__x86_64',\n 'rhel-ha-for-rhel-7-server-e4s-rpms__7_DOT_7__x86_64',\n 'rhel-ha-for-rhel-7-server-e4s-source-rpms',\n 'rhel-ha-for-rhel-7-server-e4s-source-rpms__7_DOT_6__x86_64',\n 'rhel-ha-for-rhel-7-server-e4s-source-rpms__7_DOT_7__x86_64'\n ],\n 'rhel_e4s_7_7_server': [\n 'rhel-7-server-aus-debug-rpms',\n 'rhel-7-server-aus-rpms',\n 'rhel-7-server-aus-source-rpms',\n 'rhel-7-server-e4s-debug-rpms',\n 'rhel-7-server-e4s-debug-rpms__7_DOT_7__x86_64',\n 'rhel-7-server-e4s-rpms',\n 'rhel-7-server-e4s-rpms__7_DOT_7__x86_64',\n 'rhel-7-server-e4s-source-rpms',\n 'rhel-7-server-e4s-source-rpms__7_DOT_7__x86_64',\n 'rhel-7-server-tus-debug-rpms',\n 'rhel-7-server-tus-rpms',\n 'rhel-7-server-tus-source-rpms'\n ],\n 'rhel_eus_7_7_computenode': [\n 'rhel-7-hpc-node-eus-debug-rpms',\n 'rhel-7-hpc-node-eus-debug-rpms__7_DOT_7__x86_64',\n 'rhel-7-hpc-node-eus-optional-debug-rpms',\n 'rhel-7-hpc-node-eus-optional-debug-rpms__7_DOT_7__x86_64',\n 'rhel-7-hpc-node-eus-optional-rpms',\n 'rhel-7-hpc-node-eus-optional-rpms__7_DOT_7__x86_64',\n 'rhel-7-hpc-node-eus-optional-source-rpms',\n 'rhel-7-hpc-node-eus-optional-source-rpms__7_DOT_7__x86_64',\n 'rhel-7-hpc-node-eus-rpms',\n 'rhel-7-hpc-node-eus-rpms__7_DOT_7__x86_64',\n 'rhel-7-hpc-node-eus-source-rpms',\n 'rhel-7-hpc-node-eus-source-rpms__7_DOT_7__x86_64'\n ],\n 'rhel_eus_7_7_server': [\n 'rhel-7-for-system-z-eus-debug-rpms',\n 'rhel-7-for-system-z-eus-debug-rpms__7_DOT_7__s390x',\n 'rhel-7-for-system-z-eus-optional-debug-rpms',\n 'rhel-7-for-system-z-eus-optional-debug-rpms__7_DOT_7__s390x',\n 'rhel-7-for-system-z-eus-optional-rpms',\n 'rhel-7-for-system-z-eus-optional-rpms__7_DOT_7__s390x',\n 'rhel-7-for-system-z-eus-optional-source-rpms',\n 'rhel-7-for-system-z-eus-optional-source-rpms__7_DOT_7__s390x',\n 'rhel-7-for-system-z-eus-rpms',\n 'rhel-7-for-system-z-eus-rpms__7_DOT_7__s390x',\n 'rhel-7-for-system-z-eus-source-rpms',\n 'rhel-7-for-system-z-eus-source-rpms__7_DOT_7__s390x',\n 'rhel-7-server-aus-debug-rpms',\n 'rhel-7-server-aus-optional-debug-rpms',\n 'rhel-7-server-aus-optional-rpms',\n 'rhel-7-server-aus-optional-source-rpms',\n 'rhel-7-server-aus-rpms',\n 'rhel-7-server-aus-source-rpms',\n 'rhel-7-server-e4s-debug-rpms',\n 'rhel-7-server-e4s-optional-debug-rpms',\n 'rhel-7-server-e4s-optional-rpms',\n 'rhel-7-server-e4s-optional-source-rpms',\n 'rhel-7-server-e4s-rpms',\n 'rhel-7-server-e4s-source-rpms',\n 'rhel-7-server-eus-debug-rpms',\n 'rhel-7-server-eus-debug-rpms__7_DOT_7__x86_64',\n 'rhel-7-server-eus-optional-debug-rpms',\n 'rhel-7-server-eus-optional-debug-rpms__7_DOT_7__x86_64',\n 'rhel-7-server-eus-optional-rpms',\n 'rhel-7-server-eus-optional-rpms__7_DOT_7__x86_64',\n 'rhel-7-server-eus-optional-source-rpms',\n 'rhel-7-server-eus-optional-source-rpms__7_DOT_7__x86_64',\n 'rhel-7-server-eus-rpms',\n 'rhel-7-server-eus-rpms__7_DOT_7__x86_64',\n 'rhel-7-server-eus-source-rpms',\n 'rhel-7-server-eus-source-rpms__7_DOT_7__x86_64',\n 'rhel-7-server-tus-debug-rpms',\n 'rhel-7-server-tus-optional-debug-rpms',\n 'rhel-7-server-tus-optional-rpms',\n 'rhel-7-server-tus-optional-source-rpms',\n 'rhel-7-server-tus-rpms',\n 'rhel-7-server-tus-source-rpms',\n 'rhel-ha-for-rhel-7-server-e4s-debug-rpms',\n 'rhel-ha-for-rhel-7-server-e4s-rpms',\n 'rhel-ha-for-rhel-7-server-e4s-source-rpms',\n 'rhel-ha-for-rhel-7-server-eus-debug-rpms',\n 'rhel-ha-for-rhel-7-server-eus-debug-rpms__7_DOT_7__x86_64',\n 'rhel-ha-for-rhel-7-server-eus-rpms',\n 'rhel-ha-for-rhel-7-server-eus-rpms__7_DOT_7__x86_64',\n 'rhel-ha-for-rhel-7-server-eus-source-rpms',\n 'rhel-ha-for-rhel-7-server-eus-source-rpms__7_DOT_7__x86_64',\n 'rhel-ha-for-rhel-7-server-tus-debug-rpms',\n 'rhel-ha-for-rhel-7-server-tus-rpms',\n 'rhel-ha-for-rhel-7-server-tus-source-rpms',\n 'rhel-rs-for-rhel-7-server-eus-debug-rpms',\n 'rhel-rs-for-rhel-7-server-eus-debug-rpms__7_DOT_7__x86_64',\n 'rhel-rs-for-rhel-7-server-eus-rpms',\n 'rhel-rs-for-rhel-7-server-eus-rpms__7_DOT_7__x86_64',\n 'rhel-rs-for-rhel-7-server-eus-source-rpms',\n 'rhel-rs-for-rhel-7-server-eus-source-rpms__7_DOT_7__x86_64'\n ],\n 'rhel_extras_7': [\n 'rhel-7-desktop-supplementary-rpms',\n 'rhel-7-desktop-supplementary-source-rpms',\n 'rhel-7-for-hpc-node-supplementary-rpms',\n 'rhel-7-for-hpc-node-supplementary-source-rpms',\n 'rhel-7-for-system-z-eus-supplementary-rpms',\n 'rhel-7-for-system-z-eus-supplementary-source-rpms',\n 'rhel-7-for-system-z-supplementary-debug-rpms',\n 'rhel-7-for-system-z-supplementary-rpms',\n 'rhel-7-for-system-z-supplementary-source-rpms',\n 'rhel-7-hpc-node-eus-supplementary-rpms',\n 'rhel-7-server-eus-supplementary-rpms',\n 'rhel-7-server-supplementary-rpms',\n 'rhel-7-server-supplementary-source-rpms',\n 'rhel-7-workstation-supplementary-rpms',\n 'rhel-7-workstation-supplementary-source-rpms'\n ],\n 'rhel_extras_oracle_java_7': [\n 'rhel-7-desktop-restricted-maintenance-oracle-java-rpms',\n 'rhel-7-for-hpc-node-restricted-maintenance-oracle-java-rpms',\n 'rhel-7-hpc-node-eus-restricted-maintenance-oracle-java-rpms',\n 'rhel-7-server-eus-restricted-maintenance-oracle-java-rpms',\n 'rhel-7-server-eus-restricted-maintenance-oracle-java-source-rpms',\n 'rhel-7-server-restricted-maintenance-oracle-java-rpms',\n 'rhel-7-workstation-restricted-maintenance-oracle-java-rpms'\n ],\n 'rhel_extras_rt_7': [\n 'rhel-7-server-nfv-debug-rpms',\n 'rhel-7-server-nfv-rpms',\n 'rhel-7-server-nfv-source-rpms',\n 'rhel-7-server-rt-debug-rpms',\n 'rhel-7-server-rt-rpms',\n 'rhel-7-server-rt-source-rpms'\n ],\n 'rhel_extras_sap_7': [\n 'rhel-sap-for-rhel-7-for-system-z-debug-rpms',\n 'rhel-sap-for-rhel-7-for-system-z-eus-debug-rpms',\n 'rhel-sap-for-rhel-7-for-system-z-eus-rpms',\n 'rhel-sap-for-rhel-7-for-system-z-eus-source-rpms',\n 'rhel-sap-for-rhel-7-for-system-z-rpms',\n 'rhel-sap-for-rhel-7-for-system-z-source-rpms',\n 'rhel-sap-for-rhel-7-server-debug-rpms',\n 'rhel-sap-for-rhel-7-server-e4s-debug-rpms',\n 'rhel-sap-for-rhel-7-server-e4s-rpms',\n 'rhel-sap-for-rhel-7-server-e4s-source-rpms',\n 'rhel-sap-for-rhel-7-server-eus-debug-rpms',\n 'rhel-sap-for-rhel-7-server-eus-rpms',\n 'rhel-sap-for-rhel-7-server-eus-source-rpms',\n 'rhel-sap-for-rhel-7-server-rpms',\n 'rhel-sap-for-rhel-7-server-source-rpms'\n ],\n 'rhel_extras_sap_e4s_7_7': [\n 'rhel-sap-for-rhel-7-server-e4s-debug-rpms',\n 'rhel-sap-for-rhel-7-server-e4s-debug-rpms__7_DOT_7__x86_64',\n 'rhel-sap-for-rhel-7-server-e4s-rpms',\n 'rhel-sap-for-rhel-7-server-e4s-rpms__7_DOT_7__x86_64',\n 'rhel-sap-for-rhel-7-server-e4s-source-rpms',\n 'rhel-sap-for-rhel-7-server-e4s-source-rpms__7_DOT_7__x86_64'\n ],\n 'rhel_extras_sap_eus_7_7': [\n 'rhel-sap-for-rhel-7-for-system-z-eus-debug-rpms',\n 'rhel-sap-for-rhel-7-for-system-z-eus-debug-rpms__7_DOT_7__s390x',\n 'rhel-sap-for-rhel-7-for-system-z-eus-rpms',\n 'rhel-sap-for-rhel-7-for-system-z-eus-rpms__7_DOT_7__s390x',\n 'rhel-sap-for-rhel-7-for-system-z-eus-source-rpms',\n 'rhel-sap-for-rhel-7-for-system-z-eus-source-rpms__7_DOT_7__s390x',\n 'rhel-sap-for-rhel-7-server-e4s-debug-rpms',\n 'rhel-sap-for-rhel-7-server-e4s-rpms',\n 'rhel-sap-for-rhel-7-server-e4s-source-rpms',\n 'rhel-sap-for-rhel-7-server-eus-debug-rpms',\n 'rhel-sap-for-rhel-7-server-eus-debug-rpms__7_DOT_7__x86_64',\n 'rhel-sap-for-rhel-7-server-eus-rpms',\n 'rhel-sap-for-rhel-7-server-eus-rpms__7_DOT_7__x86_64',\n 'rhel-sap-for-rhel-7-server-eus-source-rpms',\n 'rhel-sap-for-rhel-7-server-eus-source-rpms__7_DOT_7__x86_64'\n ],\n 'rhel_extras_sap_hana_7': [\n 'rhel-sap-hana-for-rhel-7-server-debug-rpms',\n 'rhel-sap-hana-for-rhel-7-server-e4s-debug-rpms',\n 'rhel-sap-hana-for-rhel-7-server-e4s-rpms',\n 'rhel-sap-hana-for-rhel-7-server-e4s-source-rpms',\n 'rhel-sap-hana-for-rhel-7-server-eus-debug-rpms',\n 'rhel-sap-hana-for-rhel-7-server-eus-rpms',\n 'rhel-sap-hana-for-rhel-7-server-eus-source-rpms',\n 'rhel-sap-hana-for-rhel-7-server-rpms',\n 'rhel-sap-hana-for-rhel-7-server-source-rpms'\n ],\n 'rhel_extras_sap_hana_e4s_7_7': [\n 'rhel-sap-hana-for-rhel-7-server-e4s-debug-rpms',\n 'rhel-sap-hana-for-rhel-7-server-e4s-debug-rpms__7_DOT_7__x86_64',\n 'rhel-sap-hana-for-rhel-7-server-e4s-rpms',\n 'rhel-sap-hana-for-rhel-7-server-e4s-rpms__7_DOT_7__x86_64',\n 'rhel-sap-hana-for-rhel-7-server-e4s-source-rpms',\n 'rhel-sap-hana-for-rhel-7-server-e4s-source-rpms__7_DOT_7__x86_64'\n ],\n 'rhel_extras_sap_hana_eus_7_7': [\n 'rhel-sap-hana-for-rhel-7-server-e4s-debug-rpms',\n 'rhel-sap-hana-for-rhel-7-server-e4s-rpms',\n 'rhel-sap-hana-for-rhel-7-server-e4s-source-rpms',\n 'rhel-sap-hana-for-rhel-7-server-eus-debug-rpms',\n 'rhel-sap-hana-for-rhel-7-server-eus-debug-rpms__7_DOT_7__x86_64',\n 'rhel-sap-hana-for-rhel-7-server-eus-rpms',\n 'rhel-sap-hana-for-rhel-7-server-eus-rpms__7_DOT_7__x86_64',\n 'rhel-sap-hana-for-rhel-7-server-eus-source-rpms',\n 'rhel-sap-hana-for-rhel-7-server-eus-source-rpms__7_DOT_7__x86_64'\n ],\n 'rhel_tus_7_7_server': [\n 'rhel-7-server-tus-debug-rpms',\n 'rhel-7-server-tus-debug-rpms__7_DOT_7__x86_64',\n 'rhel-7-server-tus-optional-debug-rpms',\n 'rhel-7-server-tus-optional-debug-rpms__7_DOT_7__x86_64',\n 'rhel-7-server-tus-optional-rpms',\n 'rhel-7-server-tus-optional-rpms__7_DOT_7__x86_64',\n 'rhel-7-server-tus-optional-source-rpms',\n 'rhel-7-server-tus-optional-source-rpms__7_DOT_7__x86_64',\n 'rhel-7-server-tus-rpms',\n 'rhel-7-server-tus-rpms__7_DOT_7__x86_64',\n 'rhel-7-server-tus-source-rpms',\n 'rhel-7-server-tus-source-rpms__7_DOT_7__x86_64',\n 'rhel-ha-for-rhel-7-server-tus-debug-rpms',\n 'rhel-ha-for-rhel-7-server-tus-debug-rpms__7_DOT_7__x86_64',\n 'rhel-ha-for-rhel-7-server-tus-rpms',\n 'rhel-ha-for-rhel-7-server-tus-rpms__7_DOT_7__x86_64',\n 'rhel-ha-for-rhel-7-server-tus-source-rpms',\n 'rhel-ha-for-rhel-7-server-tus-source-rpms__7_DOT_7__x86_64'\n ]\n};\n\nvar repo_sets = rhel_get_valid_repo_sets(repositories:repositories);\nvar enterprise_linux_flag = rhel_repo_sets_has_enterprise_linux(repo_sets:repo_sets);\nif(repo_sets == RHEL_REPOS_NO_OVERLAP_MESSAGE) audit(AUDIT_PACKAGE_LIST_MISSING, RHEL_REPO_AUDIT_PACKAGE_LIST_DETAILS);\n\nvar pkgs = [\n {'reference':'emacs-git-1.8.3.1-21.el7_7', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_7_client', 'enterprise_linux_7_computenode', 'enterprise_linux_7_server', 'enterprise_linux_7_workstation', 'rhel_aus_7_7_server', 'rhel_e4s_7_6_server', 'rhel_e4s_7_7_server', 'rhel_eus_7_7_computenode', 'rhel_eus_7_7_server', 'rhel_extras_7', 'rhel_extras_oracle_java_7', 'rhel_extras_rt_7', 'rhel_extras_sap_7', 'rhel_extras_sap_e4s_7_7', 'rhel_extras_sap_eus_7_7', 'rhel_extras_sap_hana_7', 'rhel_extras_sap_hana_e4s_7_7', 'rhel_extras_sap_hana_eus_7_7', 'rhel_tus_7_7_server']},\n {'reference':'emacs-git-el-1.8.3.1-21.el7_7', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_7_client', 'enterprise_linux_7_computenode', 'enterprise_linux_7_server', 'enterprise_linux_7_workstation', 'rhel_aus_7_7_server', 'rhel_e4s_7_6_server', 'rhel_e4s_7_7_server', 'rhel_eus_7_7_computenode', 'rhel_eus_7_7_server', 'rhel_extras_7', 'rhel_extras_oracle_java_7', 'rhel_extras_rt_7', 'rhel_extras_sap_7', 'rhel_extras_sap_e4s_7_7', 'rhel_extras_sap_eus_7_7', 'rhel_extras_sap_hana_7', 'rhel_extras_sap_hana_e4s_7_7', 'rhel_extras_sap_hana_eus_7_7', 'rhel_tus_7_7_server']},\n {'reference':'git-1.8.3.1-21.el7_7', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_7_client', 'enterprise_linux_7_computenode', 'enterprise_linux_7_server', 'enterprise_linux_7_workstation', 'rhel_aus_7_7_server', 'rhel_e4s_7_6_server', 'rhel_e4s_7_7_server', 'rhel_eus_7_7_computenode', 'rhel_eus_7_7_server', 'rhel_extras_7', 'rhel_extras_oracle_java_7', 'rhel_extras_rt_7', 'rhel_extras_sap_7', 'rhel_extras_sap_e4s_7_7', 'rhel_extras_sap_eus_7_7', 'rhel_extras_sap_hana_7', 'rhel_extras_sap_hana_e4s_7_7', 'rhel_extras_sap_hana_eus_7_7', 'rhel_tus_7_7_server']},\n {'reference':'git-1.8.3.1-21.el7_7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_7_client', 'enterprise_linux_7_computenode', 'enterprise_linux_7_server', 'enterprise_linux_7_workstation', 'rhel_aus_7_7_server', 'rhel_e4s_7_6_server', 'rhel_e4s_7_7_server', 'rhel_eus_7_7_computenode', 'rhel_eus_7_7_server', 'rhel_extras_7', 'rhel_extras_oracle_java_7', 'rhel_extras_rt_7', 'rhel_extras_sap_7', 'rhel_extras_sap_e4s_7_7', 'rhel_extras_sap_eus_7_7', 'rhel_extras_sap_hana_7', 'rhel_extras_sap_hana_e4s_7_7', 'rhel_extras_sap_hana_eus_7_7', 'rhel_tus_7_7_server']},\n {'reference':'git-all-1.8.3.1-21.el7_7', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_7_client', 'enterprise_linux_7_computenode', 'enterprise_linux_7_server', 'enterprise_linux_7_workstation', 'rhel_aus_7_7_server', 'rhel_e4s_7_6_server', 'rhel_e4s_7_7_server', 'rhel_eus_7_7_computenode', 'rhel_eus_7_7_server', 'rhel_extras_7', 'rhel_extras_oracle_java_7', 'rhel_extras_rt_7', 'rhel_extras_sap_7', 'rhel_extras_sap_e4s_7_7', 'rhel_extras_sap_eus_7_7', 'rhel_extras_sap_hana_7', 'rhel_extras_sap_hana_e4s_7_7', 'rhel_extras_sap_hana_eus_7_7', 'rhel_tus_7_7_server']},\n {'reference':'git-bzr-1.8.3.1-21.el7_7', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_7_client', 'enterprise_linux_7_computenode', 'enterprise_linux_7_server', 'enterprise_linux_7_workstation', 'rhel_aus_7_7_server', 'rhel_e4s_7_6_server', 'rhel_e4s_7_7_server', 'rhel_eus_7_7_computenode', 'rhel_eus_7_7_server', 'rhel_extras_7', 'rhel_extras_oracle_java_7', 'rhel_extras_rt_7', 'rhel_extras_sap_7', 'rhel_extras_sap_e4s_7_7', 'rhel_extras_sap_eus_7_7', 'rhel_extras_sap_hana_7', 'rhel_extras_sap_hana_e4s_7_7', 'rhel_extras_sap_hana_eus_7_7', 'rhel_tus_7_7_server']},\n {'reference':'git-cvs-1.8.3.1-21.el7_7', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_7_client', 'enterprise_linux_7_computenode', 'enterprise_linux_7_server', 'enterprise_linux_7_workstation', 'rhel_aus_7_7_server', 'rhel_e4s_7_6_server', 'rhel_e4s_7_7_server', 'rhel_eus_7_7_computenode', 'rhel_eus_7_7_server', 'rhel_extras_7', 'rhel_extras_oracle_java_7', 'rhel_extras_rt_7', 'rhel_extras_sap_7', 'rhel_extras_sap_e4s_7_7', 'rhel_extras_sap_eus_7_7', 'rhel_extras_sap_hana_7', 'rhel_extras_sap_hana_e4s_7_7', 'rhel_extras_sap_hana_eus_7_7', 'rhel_tus_7_7_server']},\n {'reference':'git-daemon-1.8.3.1-21.el7_7', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_7_client', 'enterprise_linux_7_computenode', 'enterprise_linux_7_server', 'enterprise_linux_7_workstation', 'rhel_aus_7_7_server', 'rhel_e4s_7_6_server', 'rhel_e4s_7_7_server', 'rhel_eus_7_7_computenode', 'rhel_eus_7_7_server', 'rhel_extras_7', 'rhel_extras_oracle_java_7', 'rhel_extras_rt_7', 'rhel_extras_sap_7', 'rhel_extras_sap_e4s_7_7', 'rhel_extras_sap_eus_7_7', 'rhel_extras_sap_hana_7', 'rhel_extras_sap_hana_e4s_7_7', 'rhel_extras_sap_hana_eus_7_7', 'rhel_tus_7_7_server']},\n {'reference':'git-daemon-1.8.3.1-21.el7_7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_7_client', 'enterprise_linux_7_computenode', 'enterprise_linux_7_server', 'enterprise_linux_7_workstation', 'rhel_aus_7_7_server', 'rhel_e4s_7_6_server', 'rhel_e4s_7_7_server', 'rhel_eus_7_7_computenode', 'rhel_eus_7_7_server', 'rhel_extras_7', 'rhel_extras_oracle_java_7', 'rhel_extras_rt_7', 'rhel_extras_sap_7', 'rhel_extras_sap_e4s_7_7', 'rhel_extras_sap_eus_7_7', 'rhel_extras_sap_hana_7', 'rhel_extras_sap_hana_e4s_7_7', 'rhel_extras_sap_hana_eus_7_7', 'rhel_tus_7_7_server']},\n {'reference':'git-email-1.8.3.1-21.el7_7', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_7_client', 'enterprise_linux_7_computenode', 'enterprise_linux_7_server', 'enterprise_linux_7_workstation', 'rhel_aus_7_7_server', 'rhel_e4s_7_6_server', 'rhel_e4s_7_7_server', 'rhel_eus_7_7_computenode', 'rhel_eus_7_7_server', 'rhel_extras_7', 'rhel_extras_oracle_java_7', 'rhel_extras_rt_7', 'rhel_extras_sap_7', 'rhel_extras_sap_e4s_7_7', 'rhel_extras_sap_eus_7_7', 'rhel_extras_sap_hana_7', 'rhel_extras_sap_hana_e4s_7_7', 'rhel_extras_sap_hana_eus_7_7', 'rhel_tus_7_7_server']},\n {'reference':'git-gnome-keyring-1.8.3.1-21.el7_7', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_7_client', 'enterprise_linux_7_computenode', 'enterprise_linux_7_server', 'enterprise_linux_7_workstation', 'rhel_aus_7_7_server', 'rhel_e4s_7_6_server', 'rhel_e4s_7_7_server', 'rhel_eus_7_7_computenode', 'rhel_eus_7_7_server', 'rhel_extras_7', 'rhel_extras_oracle_java_7', 'rhel_extras_rt_7', 'rhel_extras_sap_7', 'rhel_extras_sap_e4s_7_7', 'rhel_extras_sap_eus_7_7', 'rhel_extras_sap_hana_7', 'rhel_extras_sap_hana_e4s_7_7', 'rhel_extras_sap_hana_eus_7_7', 'rhel_tus_7_7_server']},\n {'reference':'git-gnome-keyring-1.8.3.1-21.el7_7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_7_client', 'enterprise_linux_7_computenode', 'enterprise_linux_7_server', 'enterprise_linux_7_workstation', 'rhel_aus_7_7_server', 'rhel_e4s_7_6_server', 'rhel_e4s_7_7_server', 'rhel_eus_7_7_computenode', 'rhel_eus_7_7_server', 'rhel_extras_7', 'rhel_extras_oracle_java_7', 'rhel_extras_rt_7', 'rhel_extras_sap_7', 'rhel_extras_sap_e4s_7_7', 'rhel_extras_sap_eus_7_7', 'rhel_extras_sap_hana_7', 'rhel_extras_sap_hana_e4s_7_7', 'rhel_extras_sap_hana_eus_7_7', 'rhel_tus_7_7_server']},\n {'reference':'git-gui-1.8.3.1-21.el7_7', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_7_client', 'enterprise_linux_7_computenode', 'enterprise_linux_7_server', 'enterprise_linux_7_workstation', 'rhel_aus_7_7_server', 'rhel_e4s_7_6_server', 'rhel_e4s_7_7_server', 'rhel_eus_7_7_computenode', 'rhel_eus_7_7_server', 'rhel_extras_7', 'rhel_extras_oracle_java_7', 'rhel_extras_rt_7', 'rhel_extras_sap_7', 'rhel_extras_sap_e4s_7_7', 'rhel_extras_sap_eus_7_7', 'rhel_extras_sap_hana_7', 'rhel_extras_sap_hana_e4s_7_7', 'rhel_extras_sap_hana_eus_7_7', 'rhel_tus_7_7_server']},\n {'reference':'git-hg-1.8.3.1-21.el7_7', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_7_client', 'enterprise_linux_7_computenode', 'enterprise_linux_7_server', 'enterprise_linux_7_workstation', 'rhel_aus_7_7_server', 'rhel_e4s_7_6_server', 'rhel_e4s_7_7_server', 'rhel_eus_7_7_computenode', 'rhel_eus_7_7_server', 'rhel_extras_7', 'rhel_extras_oracle_java_7', 'rhel_extras_rt_7', 'rhel_extras_sap_7', 'rhel_extras_sap_e4s_7_7', 'rhel_extras_sap_eus_7_7', 'rhel_extras_sap_hana_7', 'rhel_extras_sap_hana_e4s_7_7', 'rhel_extras_sap_hana_eus_7_7', 'rhel_tus_7_7_server']},\n {'reference':'git-instaweb-1.8.3.1-21.el7_7', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_7_client', 'enterprise_linux_7_computenode', 'enterprise_linux_7_server', 'enterprise_linux_7_workstation', 'rhel_aus_7_7_server', 'rhel_e4s_7_6_server', 'rhel_e4s_7_7_server', 'rhel_eus_7_7_computenode', 'rhel_eus_7_7_server', 'rhel_extras_7', 'rhel_extras_oracle_java_7', 'rhel_extras_rt_7', 'rhel_extras_sap_7', 'rhel_extras_sap_e4s_7_7', 'rhel_extras_sap_eus_7_7', 'rhel_extras_sap_hana_7', 'rhel_extras_sap_hana_e4s_7_7', 'rhel_extras_sap_hana_eus_7_7', 'rhel_tus_7_7_server']},\n {'reference':'git-p4-1.8.3.1-21.el7_7', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_7_client', 'enterprise_linux_7_computenode', 'enterprise_linux_7_server', 'enterprise_linux_7_workstation', 'rhel_aus_7_7_server', 'rhel_e4s_7_6_server', 'rhel_e4s_7_7_server', 'rhel_eus_7_7_computenode', 'rhel_eus_7_7_server', 'rhel_extras_7', 'rhel_extras_oracle_java_7', 'rhel_extras_rt_7', 'rhel_extras_sap_7', 'rhel_extras_sap_e4s_7_7', 'rhel_extras_sap_eus_7_7', 'rhel_extras_sap_hana_7', 'rhel_extras_sap_hana_e4s_7_7', 'rhel_extras_sap_hana_eus_7_7', 'rhel_tus_7_7_server']},\n {'reference':'git-svn-1.8.3.1-21.el7_7', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_7_client', 'enterprise_linux_7_computenode', 'enterprise_linux_7_server', 'enterprise_linux_7_workstation', 'rhel_aus_7_7_server', 'rhel_e4s_7_6_server', 'rhel_e4s_7_7_server', 'rhel_eus_7_7_computenode', 'rhel_eus_7_7_server', 'rhel_extras_7', 'rhel_extras_oracle_java_7', 'rhel_extras_rt_7', 'rhel_extras_sap_7', 'rhel_extras_sap_e4s_7_7', 'rhel_extras_sap_eus_7_7', 'rhel_extras_sap_hana_7', 'rhel_extras_sap_hana_e4s_7_7', 'rhel_extras_sap_hana_eus_7_7', 'rhel_tus_7_7_server']},\n {'reference':'git-svn-1.8.3.1-21.el7_7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_7_client', 'enterprise_linux_7_computenode', 'enterprise_linux_7_server', 'enterprise_linux_7_workstation', 'rhel_aus_7_7_server', 'rhel_e4s_7_6_server', 'rhel_e4s_7_7_server', 'rhel_eus_7_7_computenode', 'rhel_eus_7_7_server', 'rhel_extras_7', 'rhel_extras_oracle_java_7', 'rhel_extras_rt_7', 'rhel_extras_sap_7', 'rhel_extras_sap_e4s_7_7', 'rhel_extras_sap_eus_7_7', 'rhel_extras_sap_hana_7', 'rhel_extras_sap_hana_e4s_7_7', 'rhel_extras_sap_hana_eus_7_7', 'rhel_tus_7_7_server']},\n {'reference':'gitk-1.8.3.1-21.el7_7', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_7_client', 'enterprise_linux_7_computenode', 'enterprise_linux_7_server', 'enterprise_linux_7_workstation', 'rhel_aus_7_7_server', 'rhel_e4s_7_6_server', 'rhel_e4s_7_7_server', 'rhel_eus_7_7_computenode', 'rhel_eus_7_7_server', 'rhel_extras_7', 'rhel_extras_oracle_java_7', 'rhel_extras_rt_7', 'rhel_extras_sap_7', 'rhel_extras_sap_e4s_7_7', 'rhel_extras_sap_eus_7_7', 'rhel_extras_sap_hana_7', 'rhel_extras_sap_hana_e4s_7_7', 'rhel_extras_sap_hana_eus_7_7', 'rhel_tus_7_7_server']},\n {'reference':'gitweb-1.8.3.1-21.el7_7', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_7_client', 'enterprise_linux_7_computenode', 'enterprise_linux_7_server', 'enterprise_linux_7_workstation', 'rhel_aus_7_7_server', 'rhel_e4s_7_6_server', 'rhel_e4s_7_7_server', 'rhel_eus_7_7_computenode', 'rhel_eus_7_7_server', 'rhel_extras_7', 'rhel_extras_oracle_java_7', 'rhel_extras_rt_7', 'rhel_extras_sap_7', 'rhel_extras_sap_e4s_7_7', 'rhel_extras_sap_eus_7_7', 'rhel_extras_sap_hana_7', 'rhel_extras_sap_hana_e4s_7_7', 'rhel_extras_sap_hana_eus_7_7', 'rhel_tus_7_7_server']},\n {'reference':'perl-Git-1.8.3.1-21.el7_7', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_7_client', 'enterprise_linux_7_computenode', 'enterprise_linux_7_server', 'enterprise_linux_7_workstation', 'rhel_aus_7_7_server', 'rhel_e4s_7_6_server', 'rhel_e4s_7_7_server', 'rhel_eus_7_7_computenode', 'rhel_eus_7_7_server', 'rhel_extras_7', 'rhel_extras_oracle_java_7', 'rhel_extras_rt_7', 'rhel_extras_sap_7', 'rhel_extras_sap_e4s_7_7', 'rhel_extras_sap_eus_7_7', 'rhel_extras_sap_hana_7', 'rhel_extras_sap_hana_e4s_7_7', 'rhel_extras_sap_hana_eus_7_7', 'rhel_tus_7_7_server']},\n {'reference':'perl-Git-SVN-1.8.3.1-21.el7_7', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_7_client', 'enterprise_linux_7_computenode', 'enterprise_linux_7_server', 'enterprise_linux_7_workstation', 'rhel_aus_7_7_server', 'rhel_e4s_7_6_server', 'rhel_e4s_7_7_server', 'rhel_eus_7_7_computenode', 'rhel_eus_7_7_server', 'rhel_extras_7', 'rhel_extras_oracle_java_7', 'rhel_extras_rt_7', 'rhel_extras_sap_7', 'rhel_extras_sap_e4s_7_7', 'rhel_extras_sap_eus_7_7', 'rhel_extras_sap_hana_7', 'rhel_extras_sap_hana_e4s_7_7', 'rhel_extras_sap_hana_eus_7_7', 'rhel_tus_7_7_server']}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n var repo_list = NULL;\n if (!empty_or_null(package_array['repo_list'])) repo_list = package_array['repo_list'];\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'RHEL' + package_array['release'];\n if (!empty_or_null(package_array['sp']) && !enterprise_linux_flag) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference &&\n release &&\n (rhel_decide_repo_check(repo_list:repo_list, repo_sets:repo_sets) || (!exists_check || rpm_exists(release:release, rpm:exists_check))) &&\n rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n}\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(repo_sets)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'emacs-git / emacs-git-el / git / git-all / git-bzr / git-cvs / etc');\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-02-19T12:49:16", "description": "The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has git packages installed that are affected by a vulnerability:\n\n - A flaw was discovered where git improperly validates submodules' names used to construct git metadata paths and does not prevent them from being nested in existing directories used to store another submodule's metadata.\n A remote attacker could abuse this flaw to trick a victim user into cloning a malicious repository containing submodules, which, when recursively cloned, would trigger the flaw and remotely execute code on the victim's machine. (CVE-2019-1387)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2020-04-21T00:00:00", "type": "nessus", "title": "NewStart CGSL CORE 5.04 / MAIN 5.04 : git Vulnerability (NS-SA-2020-0014)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1387"], "modified": "2021-01-14T00:00:00", "cpe": [], "id": "NEWSTART_CGSL_NS-SA-2020-0014_GIT.NASL", "href": "https://www.tenable.com/plugins/nessus/135761", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\n\n# The descriptive text and package checks in this plugin were\n# extracted from ZTE advisory NS-SA-2020-0014. The text\n# itself is copyright (C) ZTE, Inc.\n\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(135761);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2019-1387\");\n\n script_name(english:\"NewStart CGSL CORE 5.04 / MAIN 5.04 : git Vulnerability (NS-SA-2020-0014)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote machine is affected by a vulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has git packages installed that are affected by a\nvulnerability:\n\n - A flaw was discovered where git improperly validates\n submodules' names used to construct git metadata paths\n and does not prevent them from being nested in existing\n directories used to store another submodule's metadata.\n A remote attacker could abuse this flaw to trick a\n victim user into cloning a malicious repository\n containing submodules, which, when recursively cloned,\n would trigger the flaw and remotely execute code on the\n victim's machine. (CVE-2019-1387)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/notice/NS-SA-2020-0014\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the vulnerable CGSL git packages. Note that updated packages may not be available yet. Please contact ZTE for\nmore information.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-1387\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/03/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/03/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/04/21\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"NewStart CGSL Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/ZTE-CGSL/release\", \"Host/ZTE-CGSL/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/ZTE-CGSL/release\");\nif (isnull(release) || release !~ \"^CGSL (MAIN|CORE)\") audit(AUDIT_OS_NOT, \"NewStart Carrier Grade Server Linux\");\n\nif (release !~ \"CGSL CORE 5.04\" &&\n release !~ \"CGSL MAIN 5.04\")\n audit(AUDIT_OS_NOT, 'NewStart CGSL CORE 5.04 / NewStart CGSL MAIN 5.04');\n\nif (!get_kb_item(\"Host/ZTE-CGSL/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"NewStart Carrier Grade Server Linux\", cpu);\n\nflag = 0;\n\npkgs = {\n \"CGSL CORE 5.04\": [\n \"emacs-git-1.8.3.1-21.el7_7\",\n \"emacs-git-el-1.8.3.1-21.el7_7\",\n \"git-1.8.3.1-21.el7_7\",\n \"git-all-1.8.3.1-21.el7_7\",\n \"git-bzr-1.8.3.1-21.el7_7\",\n \"git-cvs-1.8.3.1-21.el7_7\",\n \"git-daemon-1.8.3.1-21.el7_7\",\n \"git-debuginfo-1.8.3.1-21.el7_7\",\n \"git-email-1.8.3.1-21.el7_7\",\n \"git-gnome-keyring-1.8.3.1-21.el7_7\",\n \"git-gui-1.8.3.1-21.el7_7\",\n \"git-hg-1.8.3.1-21.el7_7\",\n \"git-instaweb-1.8.3.1-21.el7_7\",\n \"git-p4-1.8.3.1-21.el7_7\",\n \"git-svn-1.8.3.1-21.el7_7\",\n \"gitk-1.8.3.1-21.el7_7\",\n \"gitweb-1.8.3.1-21.el7_7\",\n \"perl-Git-1.8.3.1-21.el7_7\",\n \"perl-Git-SVN-1.8.3.1-21.el7_7\"\n ],\n \"CGSL MAIN 5.04\": [\n \"emacs-git-1.8.3.1-21.el7_7\",\n \"emacs-git-el-1.8.3.1-21.el7_7\",\n \"git-1.8.3.1-21.el7_7\",\n \"git-all-1.8.3.1-21.el7_7\",\n \"git-bzr-1.8.3.1-21.el7_7\",\n \"git-cvs-1.8.3.1-21.el7_7\",\n \"git-daemon-1.8.3.1-21.el7_7\",\n \"git-debuginfo-1.8.3.1-21.el7_7\",\n \"git-email-1.8.3.1-21.el7_7\",\n \"git-gnome-keyring-1.8.3.1-21.el7_7\",\n \"git-gui-1.8.3.1-21.el7_7\",\n \"git-hg-1.8.3.1-21.el7_7\",\n \"git-instaweb-1.8.3.1-21.el7_7\",\n \"git-p4-1.8.3.1-21.el7_7\",\n \"git-svn-1.8.3.1-21.el7_7\",\n \"gitk-1.8.3.1-21.el7_7\",\n \"gitweb-1.8.3.1-21.el7_7\",\n \"perl-Git-1.8.3.1-21.el7_7\",\n \"perl-Git-SVN-1.8.3.1-21.el7_7\"\n ]\n};\npkg_list = pkgs[release];\n\nforeach (pkg in pkg_list)\n if (rpm_check(release:\"ZTE \" + release, reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"git\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-02-19T12:46:54", "description": "According to the version of the git packages installed, the EulerOS installation on the remote host is affected by the following vulnerability :\n\n - An issue was found in Git before v2.24.1, v2.23.1, v2.22.2, v2.21.1, v2.20.2, v2.19.3, v2.18.2, v2.17.3, v2.16.6, v2.15.4, and v2.14.6. Recursive clones are currently affected by a vulnerability that is caused by too-lax validation of submodule names, allowing very targeted attacks via remote code execution in recursive clones.(CVE-2019-1387)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2020-04-15T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP3 : git (EulerOS-SA-2020-1386)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1387"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:git", "p-cpe:/a:huawei:euleros:perl-Git", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2020-1386.NASL", "href": "https://www.tenable.com/plugins/nessus/135515", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(135515);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2019-1387\"\n );\n\n script_name(english:\"EulerOS 2.0 SP3 : git (EulerOS-SA-2020-1386)\");\n script_summary(english:\"Checks the rpm output for the updated package.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the version of the git packages installed, the EulerOS\ninstallation on the remote host is affected by the following\nvulnerability :\n\n - An issue was found in Git before v2.24.1, v2.23.1,\n v2.22.2, v2.21.1, v2.20.2, v2.19.3, v2.18.2, v2.17.3,\n v2.16.6, v2.15.4, and v2.14.6. Recursive clones are\n currently affected by a vulnerability that is caused by\n too-lax validation of submodule names, allowing very\n targeted attacks via remote code execution in recursive\n clones.(CVE-2019-1387)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-1386\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?77b1d39c\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected git package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/04/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/04/15\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:git\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:perl-Git\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(3)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP3\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP3\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"git-1.8.3.1-20.h3\",\n \"perl-Git-1.8.3.1-20.h3\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"3\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"git\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-05-20T14:56:14", "description": "According to the versions of the git packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - Cygwin Git is a patch set for the git command line tool for the cygwin environment. A specially crafted repository that contains symbolic links as well as files with backslash characters in the file name may cause just-checked out code to be executed while checking out a repository using Git on Cygwin. The problem will be patched in the Cygwin Git v2.31.1-2 release. At time of writing, the vulnerability is present in the upstream Git source code; any Cygwin user who compiles Git for themselves from upstream sources should manually apply a patch to mitigate the vulnerability. As mitigation users should not clone or pull from repositories from untrusted sources. CVE-2019-1354 was an equivalent vulnerability in Git for Visual Studio. (CVE-2021-29468)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2022-04-21T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP10 : git (EulerOS-SA-2022-1520)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1354", "CVE-2021-29468"], "modified": "2022-04-21T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:git", "p-cpe:/a:huawei:euleros:git-help", "p-cpe:/a:huawei:euleros:perl-Git", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2022-1520.NASL", "href": "https://www.tenable.com/plugins/nessus/160043", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(160043);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/21\");\n\n script_cve_id(\"CVE-2021-29468\");\n\n script_name(english:\"EulerOS 2.0 SP10 : git (EulerOS-SA-2022-1520)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the git packages installed, the EulerOS installation on the remote host is affected by the\nfollowing vulnerabilities :\n\n - Cygwin Git is a patch set for the git command line tool for the cygwin environment. A specially crafted\n repository that contains symbolic links as well as files with backslash characters in the file name may\n cause just-checked out code to be executed while checking out a repository using Git on Cygwin. The\n problem will be patched in the Cygwin Git v2.31.1-2 release. At time of writing, the vulnerability is\n present in the upstream Git source code; any Cygwin user who compiles Git for themselves from upstream\n sources should manually apply a patch to mitigate the vulnerability. As mitigation users should not clone\n or pull from repositories from untrusted sources. CVE-2019-1354 was an equivalent vulnerability in Git for\n Visual Studio. (CVE-2021-29468)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security\nadvisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional\nissues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2022-1520\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?361903e3\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected git packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-29468\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/04/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/04/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/04/21\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:git\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:git-help\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:perl-Git\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar release = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nvar uvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP10\");\n\nvar sp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(10)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP10\");\n\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP10\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nvar flag = 0;\n\nvar pkgs = [\n \"git-2.27.0-2.h6.eulerosv2r10\",\n \"git-help-2.27.0-2.h6.eulerosv2r10\",\n \"perl-Git-2.27.0-2.h6.eulerosv2r10\"\n];\n\nforeach (var pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"10\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"git\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-05-20T14:54:52", "description": "According to the versions of the git packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - Cygwin Git is a patch set for the git command line tool for the cygwin environment. A specially crafted repository that contains symbolic links as well as files with backslash characters in the file name may cause just-checked out code to be executed while checking out a repository using Git on Cygwin. The problem will be patched in the Cygwin Git v2.31.1-2 release. At time of writing, the vulnerability is present in the upstream Git source code; any Cygwin user who compiles Git for themselves from upstream sources should manually apply a patch to mitigate the vulnerability. As mitigation users should not clone or pull from repositories from untrusted sources. CVE-2019-1354 was an equivalent vulnerability in Git for Visual Studio. (CVE-2021-29468)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2022-04-20T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP10 : git (EulerOS-SA-2022-1519)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1354", "CVE-2021-29468"], "modified": "2022-04-20T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:git", "p-cpe:/a:huawei:euleros:git-help", "p-cpe:/a:huawei:euleros:perl-Git", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2022-1519.NASL", "href": "https://www.tenable.com/plugins/nessus/160010", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(160010);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/20\");\n\n script_cve_id(\"CVE-2021-29468\");\n\n script_name(english:\"EulerOS 2.0 SP10 : git (EulerOS-SA-2022-1519)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the git packages installed, the EulerOS installation on the remote host is affected by the\nfollowing vulnerabilities :\n\n - Cygwin Git is a patch set for the git command line tool for the cygwin environment. A specially crafted\n repository that contains symbolic links as well as files with backslash characters in the file name may\n cause just-checked out code to be executed while checking out a repository using Git on Cygwin. The\n problem will be patched in the Cygwin Git v2.31.1-2 release. At time of writing, the vulnerability is\n present in the upstream Git source code; any Cygwin user who compiles Git for themselves from upstream\n sources should manually apply a patch to mitigate the vulnerability. As mitigation users should not clone\n or pull from repositories from untrusted sources. CVE-2019-1354 was an equivalent vulnerability in Git for\n Visual Studio. (CVE-2021-29468)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security\nadvisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional\nissues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2022-1519\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?e5dbe090\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected git packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-29468\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/04/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/04/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/04/20\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:git\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:git-help\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:perl-Git\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar release = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nvar uvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP10\");\n\nvar sp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(10)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP10\");\n\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP10\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nvar flag = 0;\n\nvar pkgs = [\n \"git-2.27.0-2.h6.eulerosv2r10\",\n \"git-help-2.27.0-2.h6.eulerosv2r10\",\n \"perl-Git-2.27.0-2.h6.eulerosv2r10\"\n];\n\nforeach (var pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"10\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"git\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-04-16T14:05:51", "description": "The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has git packages installed that are affected by multiple vulnerabilities:\n\n - An issue was found in Git before v2.24.1, v2.23.1, v2.22.2, v2.21.1, v2.20.2, v2.19.3, v2.18.2, v2.17.3, v2.16.6, v2.15.4, and v2.14.6. Recursive clones are currently affected by a vulnerability that is caused by too-lax validation of submodule names, allowing very targeted attacks via remote code execution in recursive clones. (CVE-2019-1387)\n\n - Affected versions of Git have a vulnerability whereby Git can be tricked into sending private credentials to a host controlled by an attacker. Git uses external credential helper programs to store and retrieve passwords or other credentials from secure storage provided by the operating system. Specially-crafted URLs that contain an encoded newline can inject unintended values into the credential helper protocol stream, causing the credential helper to retrieve the password for one server (e.g., good.example.com) for an HTTP request being made to another server (e.g., evil.example.com), resulting in credentials for the former being sent to the latter. There are no restrictions on the relationship between the two, meaning that an attacker can craft a URL that will present stored credentials for any host to a host of their choosing. The vulnerability can be triggered by feeding a malicious URL to git clone. However, the affected URLs look rather suspicious; the likely vector would be through systems which automatically clone URLs not visible to the user, such as Git submodules, or package systems built around Git. The problem has been patched in the versions published on April 14th, 2020, going back to v2.17.x. Anyone wishing to backport the change further can do so by applying commit 9a6bbee (the full release includes extra checks for git fsck, but that commit is sufficient to protect clients against the vulnerability). The patched versions are: 2.17.4, 2.18.3, 2.19.4, 2.20.3, 2.21.2, 2.22.3, 2.23.2, 2.24.2, 2.25.3, 2.26.1.\n (CVE-2020-5260)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2020-12-09T00:00:00", "type": "nessus", "title": "NewStart CGSL CORE 5.05 / MAIN 5.05 : git Multiple Vulnerabilities (NS-SA-2020-0113)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1387", "CVE-2020-5260"], "modified": "2020-12-10T00:00:00", "cpe": [], "id": "NEWSTART_CGSL_NS-SA-2020-0113_GIT.NASL", "href": "https://www.tenable.com/plugins/nessus/143890", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from ZTE advisory NS-SA-2020-0113. The text\n# itself is copyright (C) ZTE, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(143890);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/12/10\");\n\n script_cve_id(\"CVE-2019-1387\", \"CVE-2020-5260\");\n\n script_name(english:\"NewStart CGSL CORE 5.05 / MAIN 5.05 : git Multiple Vulnerabilities (NS-SA-2020-0113)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote machine is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has git packages installed that are affected by\nmultiple vulnerabilities:\n\n - An issue was found in Git before v2.24.1, v2.23.1, v2.22.2, v2.21.1, v2.20.2, v2.19.3, v2.18.2, v2.17.3,\n v2.16.6, v2.15.4, and v2.14.6. Recursive clones are currently affected by a vulnerability that is caused\n by too-lax validation of submodule names, allowing very targeted attacks via remote code execution in\n recursive clones. (CVE-2019-1387)\n\n - Affected versions of Git have a vulnerability whereby Git can be tricked into sending private credentials\n to a host controlled by an attacker. Git uses external credential helper programs to store and retrieve\n passwords or other credentials from secure storage provided by the operating system. Specially-crafted\n URLs that contain an encoded newline can inject unintended values into the credential helper protocol\n stream, causing the credential helper to retrieve the password for one server (e.g., good.example.com) for\n an HTTP request being made to another server (e.g., evil.example.com), resulting in credentials for the\n former being sent to the latter. There are no restrictions on the relationship between the two, meaning\n that an attacker can craft a URL that will present stored credentials for any host to a host of their\n choosing. The vulnerability can be triggered by feeding a malicious URL to git clone. However, the\n affected URLs look rather suspicious; the likely vector would be through systems which automatically clone\n URLs not visible to the user, such as Git submodules, or package systems built around Git. The problem has\n been patched in the versions published on April 14th, 2020, going back to v2.17.x. Anyone wishing to\n backport the change further can do so by applying commit 9a6bbee (the full release includes extra checks\n for git fsck, but that commit is sufficient to protect clients against the vulnerability). The patched\n versions are: 2.17.4, 2.18.3, 2.19.4, 2.20.3, 2.21.2, 2.22.3, 2.23.2, 2.24.2, 2.25.3, 2.26.1.\n (CVE-2020-5260)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/notice/NS-SA-2020-0113\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the vulnerable CGSL git packages. Note that updated packages may not be available yet. Please contact ZTE for\nmore information.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-1387\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/12/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/12/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/12/09\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"NewStart CGSL Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/ZTE-CGSL/release\", \"Host/ZTE-CGSL/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item('Host/ZTE-CGSL/release');\nif (isnull(release) || release !~ \"^CGSL (MAIN|CORE)\") audit(AUDIT_OS_NOT, 'NewStart Carrier Grade Server Linux');\n\nif (release !~ \"CGSL CORE 5.05\" &&\n release !~ \"CGSL MAIN 5.05\")\n audit(AUDIT_OS_NOT, 'NewStart CGSL CORE 5.05 / NewStart CGSL MAIN 5.05');\n\nif (!get_kb_item('Host/ZTE-CGSL/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'NewStart Carrier Grade Server Linux', cpu);\n\nflag = 0;\n\npkgs = {\n 'CGSL CORE 5.05': [\n 'emacs-git-1.8.3.1-22.el7_8',\n 'emacs-git-el-1.8.3.1-22.el7_8',\n 'git-1.8.3.1-22.el7_8',\n 'git-all-1.8.3.1-22.el7_8',\n 'git-bzr-1.8.3.1-22.el7_8',\n 'git-cvs-1.8.3.1-22.el7_8',\n 'git-daemon-1.8.3.1-22.el7_8',\n 'git-debuginfo-1.8.3.1-22.el7_8',\n 'git-email-1.8.3.1-22.el7_8',\n 'git-gnome-keyring-1.8.3.1-22.el7_8',\n 'git-gui-1.8.3.1-22.el7_8',\n 'git-hg-1.8.3.1-22.el7_8',\n 'git-instaweb-1.8.3.1-22.el7_8',\n 'git-p4-1.8.3.1-22.el7_8',\n 'git-svn-1.8.3.1-22.el7_8',\n 'gitk-1.8.3.1-22.el7_8',\n 'gitweb-1.8.3.1-22.el7_8',\n 'perl-Git-1.8.3.1-22.el7_8',\n 'perl-Git-SVN-1.8.3.1-22.el7_8'\n ],\n 'CGSL MAIN 5.05': [\n 'emacs-git-1.8.3.1-22.el7_8',\n 'emacs-git-el-1.8.3.1-22.el7_8',\n 'git-1.8.3.1-22.el7_8',\n 'git-all-1.8.3.1-22.el7_8',\n 'git-bzr-1.8.3.1-22.el7_8',\n 'git-cvs-1.8.3.1-22.el7_8',\n 'git-daemon-1.8.3.1-22.el7_8',\n 'git-debuginfo-1.8.3.1-22.el7_8',\n 'git-email-1.8.3.1-22.el7_8',\n 'git-gnome-keyring-1.8.3.1-22.el7_8',\n 'git-gui-1.8.3.1-22.el7_8',\n 'git-hg-1.8.3.1-22.el7_8',\n 'git-instaweb-1.8.3.1-22.el7_8',\n 'git-p4-1.8.3.1-22.el7_8',\n 'git-svn-1.8.3.1-22.el7_8',\n 'gitk-1.8.3.1-22.el7_8',\n 'gitweb-1.8.3.1-22.el7_8',\n 'perl-Git-1.8.3.1-22.el7_8',\n 'perl-Git-SVN-1.8.3.1-22.el7_8'\n ]\n};\npkg_list = pkgs[release];\n\nforeach (pkg in pkg_list)\n if (rpm_check(release:'ZTE ' + release, reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'git');\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-05-19T17:14:54", "description": "Gitlab reports :\n\nPath traversal with potential remote code execution\n\nDisclosure of private code via Elasticsearch integration\n\nUpdate Git dependency", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2019-12-12T00:00:00", "type": "nessus", "title": "FreeBSD : Gitlab -- Multiple Vulnerabilities (21944144-1b90-11ea-a2d4-001b217b3468)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-19604", "CVE-2019-19628", "CVE-2019-19629"], "modified": "2022-05-18T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:gitlab-ce", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_219441441B9011EAA2D4001B217B3468.NASL", "href": "https://www.tenable.com/plugins/nessus/131970", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2022 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(131970);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/18\");\n\n script_cve_id(\"CVE-2019-19604\", \"CVE-2019-19628\", \"CVE-2019-19629\");\n\n script_name(english:\"FreeBSD : Gitlab -- Multiple Vulnerabilities (21944144-1b90-11ea-a2d4-001b217b3468)\");\n script_summary(english:\"Checks for updated packages in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote FreeBSD host is missing one or more security-related\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Gitlab reports :\n\nPath traversal with potential remote code execution\n\nDisclosure of private code via Elasticsearch integration\n\nUpdate Git dependency\"\n );\n # https://about.gitlab.com/blog/2019/12/10/critical-security-release-gitlab-12-5-4-released/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?bbe21853\"\n );\n # https://vuxml.freebsd.org/freebsd/21944144-1b90-11ea-a2d4-001b217b3468.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?6889ae03\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-19604\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:gitlab-ce\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/12/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/12/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/12/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"gitlab-ce>=12.5.0<12.5.4\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"gitlab-ce>=12.4.0<12.4.6\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"gitlab-ce>=10.5.0<12.3.9\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:pkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "ubuntu": [{"lastseen": "2022-01-04T11:32:19", "description": "Joern Schneeweisz and Nicolas Joly discovered that Git contained various \nsecurity flaws. An attacker could possibly use these issues to overwrite \narbitrary paths, execute arbitrary code, and overwrite files in the .git \ndirectory.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2019-12-10T00:00:00", "type": "ubuntu", "title": "Git vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1349", "CVE-2019-1350", "CVE-2019-1348", "CVE-2019-1353", "CVE-2019-1387", "CVE-2019-19604", "CVE-2019-1354", "CVE-2019-1351", "CVE-2019-1352"], "modified": "2019-12-10T00:00:00", "id": "USN-4220-1", "href": "https://ubuntu.com/security/notices/USN-4220-1", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "cloudfoundry": [{"lastseen": "2021-08-11T17:40:57", "description": "# \n\n## Severity\n\nMedium\n\n## Vendor\n\nCanonical Ubuntu\n\n## Versions Affected\n\n * Canonical Ubuntu 18.04\n\n## Description\n\nJoern Schneeweisz and Nicolas Joly discovered that Git contained various security flaws. An attacker could possibly use these issues to overwrite arbitrary paths, execute arbitrary code, and overwrite files in the .git directory.\n\nCVEs contained in this USN include: CVE-2019-1348, CVE-2019-1349, CVE-2019-1350, CVE-2019-1351, CVE-2019-1352, CVE-2019-1353, CVE-2019-1354, CVE-2019-1387, CVE-2019-19604\n\n## Affected Cloud Foundry Products and Versions\n\n_Severity is medium unless otherwise noted._\n\n * All versions of Cloud Foundry cflinuxfs3 prior to 0.151.0\n\n## Mitigation\n\nUsers of affected products are strongly encouraged to follow one of the mitigations below:\n\n * The Cloud Foundry project recommends that Cloud Foundry deployments run with cflinuxfs3 version 0.151.0 or later.\n\n## References\n\n * [USN-4220-1](<https://usn.ubuntu.com/4220-1>)\n * [CVE-2019-1348](<https://people.canonical.com/~ubuntu-security/cve/CVE-2019-1348>)\n * [CVE-2019-1349](<https://people.canonical.com/~ubuntu-security/cve/CVE-2019-1349>)\n * [CVE-2019-1350](<https://people.canonical.com/~ubuntu-security/cve/CVE-2019-1350>)\n * [CVE-2019-1351](<https://people.canonical.com/~ubuntu-security/cve/CVE-2019-1351>)\n * [CVE-2019-1352](<https://people.canonical.com/~ubuntu-security/cve/CVE-2019-1352>)\n * [CVE-2019-1353](<https://people.canonical.com/~ubuntu-security/cve/CVE-2019-1353>)\n * [CVE-2019-1354](<https://people.canonical.com/~ubuntu-security/cve/CVE-2019-1354>)\n * [CVE-2019-1387](<https://people.canonical.com/~ubuntu-security/cve/CVE-2019-1387>)\n * [CVE-2019-19604](<https://people.canonical.com/~ubuntu-security/cve/CVE-2019-19604>)\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2019-12-18T00:00:00", "type": "cloudfoundry", "title": "USN-4220-1: Git vulnerabilities | Cloud Foundry", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1348", "CVE-2019-1349", "CVE-2019-1350", "CVE-2019-1351", "CVE-2019-1352", "CVE-2019-1353", "CVE-2019-1354", "CVE-2019-1387", "CVE-2019-19604"], "modified": "2019-12-18T00:00:00", "id": "CFOUNDRY:47217BCBAA274835470BD1E2FB8551A6", "href": "https://www.cloudfoundry.org/blog/usn-4220-1/", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "fedora": [{"lastseen": "2021-07-28T18:41:38", "description": "Git is a fast, scalable, distributed revision control system with an unusually rich command set that provides both high-level operations and full access to internals. The git rpm installs common set of tools which are usually using with small amount of dependencies. To install all git packages, including tools for integrating with other SCMs, install the git-all meta-package. ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2020-01-04T22:16:13", "type": "fedora", "title": "[SECURITY] Fedora 30 Update: git-2.21.1-1.fc30", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1348", "CVE-2019-1349", "CVE-2019-1350", "CVE-2019-1351", "CVE-2019-1352", "CVE-2019-1353", "CVE-2019-1354", "CVE-2019-1387", "CVE-2019-19604"], "modified": "2020-01-04T22:16:13", "id": "FEDORA:AA26E60748E3", "href": "", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-07-28T18:41:38", "description": "Git is a fast, scalable, distributed revision control system with an unusually rich command set that provides both high-level operations and full access to internals. The git rpm installs common set of tools which are usually using with small amount of dependencies. To install all git packages, including tools for integrating with other SCMs, install the git-all meta-package. ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2019-12-18T01:56:26", "type": "fedora", "title": "[SECURITY] Fedora 31 Update: git-2.24.1-1.fc31", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1348", "CVE-2019-1349", "CVE-2019-1350", "CVE-2019-1351", "CVE-2019-1352", "CVE-2019-1353", "CVE-2019-1354", "CVE-2019-1387", "CVE-2019-19604"], "modified": "2019-12-18T01:56:26", "id": "FEDORA:7F5D560D020C", "href": "", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-07-28T18:41:38", "description": "libgit2 is a portable, pure C implementation of the Git core methods provided as a re-entrant linkable library with a solid API, allowing you to write native speed custom Git applications in any language with bindings. ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2019-12-17T01:46:03", "type": "fedora", "title": "[SECURITY] Fedora 31 Update: libgit2-0.28.4-1.fc31", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1348", "CVE-2019-1349", "CVE-2019-1350", "CVE-2019-1351", "CVE-2019-1352", "CVE-2019-1353", "CVE-2019-1354", "CVE-2019-1387"], "modified": "2019-12-17T01:46:03", "id": "FEDORA:369A460A2174", "href": "", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "gentoo": [{"lastseen": "2022-01-17T19:02:38", "description": "### Background\n\nGit is a free and open source distributed version control system designed to handle everything from small to very large projects with speed and efficiency. \n\n### Description\n\nMultiple vulnerabilities have been discovered in Git. Please review the CVE identifiers referenced below for details. \n\n### Impact\n\nAn attacker could possibly overwrite arbitrary paths, execute arbitrary code, and overwrite files in the .git directory. \n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll Git 2.21.x users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=dev-vcs/git-2.21.1\"\n \n\nAll Git 2.23.x users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=dev-vcs/git-2.23.1-r1\"\n \n\nAll Git 2.24.x users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=dev-vcs/git-2.24.1\"", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2020-03-15T00:00:00", "type": "gentoo", "title": "Git: Multiple vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1348", "CVE-2019-1349", "CVE-2019-1350", "CVE-2019-1351", "CVE-2019-1352", "CVE-2019-1353", "CVE-2019-1354", "CVE-2019-1387", "CVE-2019-19604"], "modified": "2020-03-20T00:00:00", "id": "GLSA-202003-30", "href": "https://security.gentoo.org/glsa/202003-30", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-01-17T19:02:25", "description": "### Background\n\nlibgit2 is a portable, pure C implementation of the Git core methods provided as a re-entrant linkable library with a solid API. \n\n### Description\n\nMultiple vulnerabilities have been discovered in libgit2. Please review the CVE identifiers referenced below for details. \n\n### Impact\n\nAn attacker could possibly overwrite arbitrary paths, execute arbitrary code, and overwrite files in the .git directory. \n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll libgit2 users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=dev-libs/libgit2-0.28.4\"", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 5.9}, "published": "2020-03-19T00:00:00", "type": "gentoo", "title": "libgit2: Multiple vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1348", "CVE-2019-1350", "CVE-2019-1387"], "modified": "2020-03-19T00:00:00", "id": "GLSA-202003-42", "href": "https://security.gentoo.org/glsa/202003-42", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "amazon": [{"lastseen": "2021-07-29T02:25:48", "description": "**Issue Overview:**\n\nGit mistakes some paths for relative paths allowing writing outside of the worktree while cloning (CVE-2019-1351)\n\nNTFS protections inactive when running Git in the Windows Subsystem for Linux (CVE-2019-1353)\n\nremote code execution in recursive clones with nested submodules (CVE-2019-1387)\n\nArbitrary path overwriting via export-marks command option (CVE-2019-1348)\n\nFiles inside the .git directory may be overwritten during cloning via NTFS Alternate Data Streams (CVE-2019-1352)\n\nrecursive submodule cloning allows using git directory twice with synonymous directory name written in .git/ (CVE-2019-1349)\n\nIncorrect quoting of command-line arguments allowed remote code execution during a recursive clone (CVE-2019-1350)\n\nGit does not refuse to write out tracked files with backlashes in filenames (CVE-2019-1354)\n\nRecursive clone followed by a submodule update could execute code contained within repository without the user explicitly consent Arbitrary command execution is possible in Git before 2.20.2, 2.21.x before 2.21.1, 2.22.x before 2.22.2, 2.23.x before 2.23.1, and 2.24.x before 2.24.1 because a \"git submodule update\" operation can run commands found in the .gitmodules file of a malicious repository.(CVE-2019-19604)\n\n \n**Affected Packages:** \n\n\ngit\n\n \n**Issue Correction:** \nRun _yum update git_ to update your system. \n\n\n \n\n\n**New Packages:**\n \n \n aarch64: \n \u00a0\u00a0\u00a0 git-2.23.1-1.amzn2.0.1.aarch64 \n \u00a0\u00a0\u00a0 git-core-2.23.1-1.amzn2.0.1.aarch64 \n \u00a0\u00a0\u00a0 git-daemon-2.23.1-1.amzn2.0.1.aarch64 \n \u00a0\u00a0\u00a0 git-subtree-2.23.1-1.amzn2.0.1.aarch64 \n \u00a0\u00a0\u00a0 git-debuginfo-2.23.1-1.amzn2.0.1.aarch64 \n \n i686: \n \u00a0\u00a0\u00a0 git-2.23.1-1.amzn2.0.1.i686 \n \u00a0\u00a0\u00a0 git-core-2.23.1-1.amzn2.0.1.i686 \n \u00a0\u00a0\u00a0 git-daemon-2.23.1-1.amzn2.0.1.i686 \n \u00a0\u00a0\u00a0 git-subtree-2.23.1-1.amzn2.0.1.i686 \n \u00a0\u00a0\u00a0 git-debuginfo-2.23.1-1.amzn2.0.1.i686 \n \n noarch: \n \u00a0\u00a0\u00a0 git-all-2.23.1-1.amzn2.0.1.noarch \n \u00a0\u00a0\u00a0 git-core-doc-2.23.1-1.amzn2.0.1.noarch \n \u00a0\u00a0\u00a0 git-cvs-2.23.1-1.amzn2.0.1.noarch \n \u00a0\u00a0\u00a0 git-email-2.23.1-1.amzn2.0.1.noarch \n \u00a0\u00a0\u00a0 gitk-2.23.1-1.amzn2.0.1.noarch \n \u00a0\u00a0\u00a0 gitweb-2.23.1-1.amzn2.0.1.noarch \n \u00a0\u00a0\u00a0 git-gui-2.23.1-1.amzn2.0.1.noarch \n \u00a0\u00a0\u00a0 git-instaweb-2.23.1-1.amzn2.0.1.noarch \n \u00a0\u00a0\u00a0 git-p4-2.23.1-1.amzn2.0.1.noarch \n \u00a0\u00a0\u00a0 perl-Git-2.23.1-1.amzn2.0.1.noarch \n \u00a0\u00a0\u00a0 perl-Git-SVN-2.23.1-1.amzn2.0.1.noarch \n \u00a0\u00a0\u00a0 git-svn-2.23.1-1.amzn2.0.1.noarch \n \n src: \n \u00a0\u00a0\u00a0 git-2.23.1-1.amzn2.0.1.src \n \n x86_64: \n \u00a0\u00a0\u00a0 git-2.23.1-1.amzn2.0.1.x86_64 \n \u00a0\u00a0\u00a0 git-core-2.23.1-1.amzn2.0.1.x86_64 \n \u00a0\u00a0\u00a0 git-daemon-2.23.1-1.amzn2.0.1.x86_64 \n \u00a0\u00a0\u00a0 git-subtree-2.23.1-1.amzn2.0.1.x86_64 \n \u00a0\u00a0\u00a0 git-debuginfo-2.23.1-1.amzn2.0.1.x86_64 \n \n \n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2019-12-13T19:06:00", "type": "amazon", "title": "Important: git", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1348", "CVE-2019-1349", "CVE-2019-1350", "CVE-2019-1351", "CVE-2019-1352", "CVE-2019-1353", "CVE-2019-1354", "CVE-2019-1387", "CVE-2019-19604"], "modified": "2020-03-23T18:13:00", "id": "ALAS2-2019-1371", "href": "https://alas.aws.amazon.com/AL2/ALAS-2019-1371.html", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-09-27T19:29:55", "description": "**Issue Overview:**\n\nThe --export-marks option of git fast-import is exposed also via the in-stream command feature export-marks=... and it allows overwriting arbitrary paths.(CVE-2019-1348)\n\nWhen submodules are cloned recursively, under certain circumstances Git could be fooled into using the same Git directory twice. We now require the directory to be empty.(CVE-2019-1349)\n\nIncorrect quoting of command-line arguments allowed remote code execution during a recursive clone in conjunction with SSH URLs. (CVE-2019-1350)\n\nWhile the only permitted drive letters for physical drives on Windows are letters of the US-English alphabet, this restriction does not apply to virtual drives assigned viah subst <letter>:<path>. Git mistook such paths for relative paths, allowing writing outside of the worktree while cloning. (CVE-2019-13510)\n\nGit was unaware of NTFS Alternate Data Streams, allowing files inside the .git/ directory to be overwritten during a clone.(CVE-2019-1352)\n\nWhen running Git in the Windows Subsystem for Linux (also known as \"WSL\") while accessing a working directory on a regular Windows drive, none of the NTFS protections were active. (CVE-2019-1353)\n\nFilenames on Linux/Unix can contain backslashes. On Windows, backslashes are directory separators. Git did not use to refuse to write out tracked files with such filenames.(CVE-2019-1354)\n\nRecursive clones are currently affected by a vulnerability that is caused by too-lax validation of submodule names, allowing very targeted attacks via remote code execution in recursive clones.(CVE-2019-1387)\n\n \n**Affected Packages:** \n\n\ngit\n\n \n**Issue Correction:** \nRun _yum update git_ to update your system. \n\n\n \n\n\n**New Packages:**\n \n \n i686: \n \u00a0\u00a0\u00a0 git-daemon-2.14.6-1.61.amzn1.i686 \n \u00a0\u00a0\u00a0 git-debuginfo-2.14.6-1.61.amzn1.i686 \n \u00a0\u00a0\u00a0 git-2.14.6-1.61.amzn1.i686 \n \u00a0\u00a0\u00a0 git-svn-2.14.6-1.61.amzn1.i686 \n \n noarch: \n \u00a0\u00a0\u00a0 perl-Git-2.14.6-1.61.amzn1.noarch \n \u00a0\u00a0\u00a0 git-bzr-2.14.6-1.61.amzn1.noarch \n \u00a0\u00a0\u00a0 git-email-2.14.6-1.61.amzn1.noarch \n \u00a0\u00a0\u00a0 emacs-git-el-2.14.6-1.61.amzn1.noarch \n \u00a0\u00a0\u00a0 perl-Git-SVN-2.14.6-1.61.amzn1.noarch \n \u00a0\u00a0\u00a0 git-p4-2.14.6-1.61.amzn1.noarch \n \u00a0\u00a0\u00a0 git-all-2.14.6-1.61.amzn1.noarch \n \u00a0\u00a0\u00a0 git-hg-2.14.6-1.61.amzn1.noarch \n \u00a0\u00a0\u00a0 emacs-git-2.14.6-1.61.amzn1.noarch \n \u00a0\u00a0\u00a0 gitweb-2.14.6-1.61.amzn1.noarch \n \u00a0\u00a0\u00a0 git-cvs-2.14.6-1.61.amzn1.noarch \n \n src: \n \u00a0\u00a0\u00a0 git-2.14.6-1.61.amzn1.src \n \n x86_64: \n \u00a0\u00a0\u00a0 git-svn-2.14.6-1.61.amzn1.x86_64 \n \u00a0\u00a0\u00a0 git-daemon-2.14.6-1.61.amzn1.x86_64 \n \u00a0\u00a0\u00a0 git-debuginfo-2.14.6-1.61.amzn1.x86_64 \n \u00a0\u00a0\u00a0 git-2.14.6-1.61.amzn1.x86_64 \n \n \n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2019-12-09T22:06:00", "type": "amazon", "title": "Important: git", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1348", "CVE-2019-1349", "CVE-2019-1350", "CVE-2019-1351", "CVE-2019-13510", "CVE-2019-1352", "CVE-2019-1353", "CVE-2019-1354", "CVE-2019-1387"], "modified": "2019-12-11T05:55:00", "id": "ALAS-2019-1325", "href": "https://alas.aws.amazon.com/ALAS-2019-1325.html", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "oraclelinux": [{"lastseen": "2021-07-30T06:24:20", "description": "[2.18.2-1]\n- Update to release 2.18.2\n- Remote code execution in recursive clones with nested submodules\n Resolves: CVE-2019-1387\n- Fixes CVE-2019-1348, CVE-2019-1349, CVE-2019-1350, CVE-2019-1351,\n CVE-2019-1352, CVE-2019-1353, CVE-2019-1354", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2019-12-19T00:00:00", "type": "oraclelinux", "title": "git security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1348", "CVE-2019-1349", "CVE-2019-1350", "CVE-2019-1351", "CVE-2019-1352", "CVE-2019-1353", "CVE-2019-1354", "CVE-2019-1387"], "modified": "2019-12-19T00:00:00", "id": "ELSA-2019-4356", "href": "http://linux.oracle.com/errata/ELSA-2019-4356.html", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-07-28T14:24:42", "description": "[1.8.3.1-21]\n- Fix CVE-2019-1387", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 5.9}, "published": "2020-01-16T00:00:00", "type": "oraclelinux", "title": "git security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1387"], "modified": "2020-01-16T00:00:00", "id": "ELSA-2020-0124", "href": "http://linux.oracle.com/errata/ELSA-2020-0124.html", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "debian": [{"lastseen": "2022-02-18T23:59:26", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-4581-1 security@debian.org\nhttps://www.debian.org/security/ Salvatore Bonaccorso\nDecember 10, 2019 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : git\nCVE ID : CVE-2019-1348 CVE-2019-1349 CVE-2019-1352 CVE-2019-1353\n CVE-2019-1387 CVE-2019-19604\n\nSeveral vulnerabilities have been discovered in git, a fast, scalable,\ndistributed revision control system.\n\nCVE-2019-1348\n\n It was reported that the --export-marks option of git fast-import is\n exposed also via the in-stream command feature export-marks=...,\n allowing to overwrite arbitrary paths.\n\nCVE-2019-1387\n\n It was discovered that submodule names are not validated strictly\n enough, allowing very targeted attacks via remote code execution\n when performing recursive clones.\n\nCVE-2019-19604\n\n Joern Schneeweisz reported a vulnerability, where a recursive clone\n followed by a submodule update could execute code contained within\n the repository without the user explicitly having asked for that. It\n is now disallowed for `.gitmodules` to have entries that set\n `submodule.<name>.update=!command`.\n\nIn addition this update addresses a number of security issues which are\nonly an issue if git is operating on an NTFS filesystem (CVE-2019-1349,\nCVE-2019-1352 and CVE-2019-1353).\n\nFor the oldstable distribution (stretch), these problems have been fixed\nin version 1:2.11.0-3+deb9u5.\n\nFor the stable distribution (buster), these problems have been fixed in\nversion 1:2.20.1-2+deb10u1.\n\nWe recommend that you upgrade your git packages.\n\nFor the detailed security status of git please refer to its security\ntracker page at:\nhttps://security-tracker.debian.org/tracker/git\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2019-12-10T19:56:55", "type": "debian", "title": "[SECURITY] [DSA 4581-1] git security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1348", "CVE-2019-1349", "CVE-2019-1352", "CVE-2019-1353", "CVE-2019-1387", "CVE-2019-19604"], "modified": "2019-12-10T19:56:55", "id": "DEBIAN:DSA-4581-1:59E3E", "href": "https://lists.debian.org/debian-security-announce/2019/msg00234.html", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-10-23T08:49:31", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-4581-1 security@debian.org\nhttps://www.debian.org/security/ Salvatore Bonaccorso\nDecember 10, 2019 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : git\nCVE ID : CVE-2019-1348 CVE-2019-1349 CVE-2019-1352 CVE-2019-1353\n CVE-2019-1387 CVE-2019-19604\n\nSeveral vulnerabilities have been discovered in git, a fast, scalable,\ndistributed revision control system.\n\nCVE-2019-1348\n\n It was reported that the --export-marks option of git fast-import is\n exposed also via the in-stream command feature export-marks=...,\n allowing to overwrite arbitrary paths.\n\nCVE-2019-1387\n\n It was discovered that submodule names are not validated strictly\n enough, allowing very targeted attacks via remote code execution\n when performing recursive clones.\n\nCVE-2019-19604\n\n Joern Schneeweisz reported a vulnerability, where a recursive clone\n followed by a submodule update could execute code contained within\n the repository without the user explicitly having asked for that. It\n is now disallowed for `.gitmodules` to have entries that set\n `submodule.<name>.update=!command`.\n\nIn addition this update addresses a number of security issues which are\nonly an issue if git is operating on an NTFS filesystem (CVE-2019-1349,\nCVE-2019-1352 and CVE-2019-1353).\n\nFor the oldstable distribution (stretch), these problems have been fixed\nin version 1:2.11.0-3+deb9u5.\n\nFor the stable distribution (buster), these problems have been fixed in\nversion 1:2.20.1-2+deb10u1.\n\nWe recommend that you upgrade your git packages.\n\nFor the detailed security status of git please refer to its security\ntracker page at:\nhttps://security-tracker.debian.org/tracker/git\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2019-12-10T19:56:55", "type": "debian", "title": "[SECURITY] [DSA 4581-1] git security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1348", "CVE-2019-1349", "CVE-2019-1352", "CVE-2019-1353", "CVE-2019-1387", "CVE-2019-19604"], "modified": "2019-12-10T19:56:55", "id": "DEBIAN:DSA-4581-1:62A65", "href": "https://lists.debian.org/debian-security-announce/2019/msg00234.html", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-10-22T11:32:58", "description": "Package : git\nVersion : 1:2.1.4-2.1+deb8u8\nCVE ID : CVE-2019-1348 CVE-2019-1349 CVE-2019-1352 CVE-2019-1353 \n CVE-2019-1387\n\n\nSeveral vulnerabilities have been discovered in git, a fast, scalable,\ndistributed revision control system.\n\nCVE-2019-1348\n\n It was reported that the --export-marks option of git fast-import is\n exposed also via the in-stream command feature export-marks=...,\n allowing to overwrite arbitrary paths.\n\nCVE-2019-1387\n\n It was discovered that submodule names are not validated strictly\n enough, allowing very targeted attacks via remote code execution\n when performing recursive clones.\n\nIn addition this update addresses a number of security issues which are\nonly an issue if git is operating on an NTFS filesystem (CVE-2019-1349,\nCVE-2019-1352 and CVE-2019-1353).\n\nFor Debian 8 "Jessie", these problems have been fixed in version\n1:2.1.4-2.1+deb8u8.\n\nWe recommend that you upgrade your git packages.\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS\nAttachment:\nsignature.asc\nDescription: PGP signature\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2020-01-23T14:27:34", "type": "debian", "title": "[SECURITY] [DLA 2059-1] git security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1348", "CVE-2019-1349", "CVE-2019-1352", "CVE-2019-1353", "CVE-2019-1387"], "modified": "2020-01-23T14:27:34", "id": "DEBIAN:DLA-2059-1:DD97F", "href": "https://lists.debian.org/debian-lts-announce/2020/01/msg00019.html", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-03-26T18:37:20", "description": "- -------------------------------------------------------------------------\nDebian LTS Advisory DLA-2936-1 debian-lts@lists.debian.org\nhttps://www.debian.org/lts/security/ Utkarsh Gupta\nMarch 07, 2022 https://wiki.debian.org/LTS\n- -------------------------------------------------------------------------\n\nPackage : libgit2\nVersion : 0.25.1+really0.24.6-1+deb9u1\nCVE ID : CVE-2018-8098 CVE-2018-8099 CVE-2018-10887 CVE-2018-10888\n CVE-2018-15501 CVE-2020-12278 CVE-2020-12279\nDebian Bug : 892961 892962 903508 903509\n\nMultiple vulnerabilities were found in libgit2, a low-level Git library,\nand are as follows:\n\nCVE-2018-8098\n\n Integer overflow in the index.c:read_entry() function while\n decompressing a compressed prefix length in libgit2 before\n v0.26.2 allows an attacker to cause a denial of service\n (out-of-bounds read) via a crafted repository index file.\n\nCVE-2018-8099\n\n Incorrect returning of an error code in the index.c:read_entry()\n function leads to a double free in libgit2 before v0.26.2, which\n allows an attacker to cause a denial of service via a crafted\n repository index file.\n\nCVE-2018-10887\n\n It has been discovered that an unexpected sign extension in\n git_delta_apply function in delta-apply.c file may lead to an\n integer overflow which in turn leads to an out of bound read,\n allowing to read before the base object. An attacker may use\n this flaw to leak memory addresses or cause a Denial of Service.\n\nCVE-2018-10888\n\n A missing check in git_delta_apply function in delta-apply.c file,\n may lead to an out-of-bound read while reading a binary delta file.\n An attacker may use this flaw to cause a Denial of Service.\n\nCVE-2018-15501\n\n In ng_pkt in transports/smart_pkt.c in libgit2, a remote attacker\n can send a crafted smart-protocol "ng" packet that lacks a '\\0'\n byte to trigger an out-of-bounds read that leads to DoS.\n\nCVE-2020-12278\n\n path.c mishandles equivalent filenames that exist because of NTFS\n Alternate Data Streams. This may allow remote code execution when\n cloning a repository. This issue is similar to CVE-2019-1352.\n\nCVE-2020-12279\n\n checkout.c mishandles equivalent filenames that exist because of\n NTFS short names. This may allow remote code execution when cloning\n a repository. This issue is similar to CVE-2019-1353.\n\nFor Debian 9 stretch, these problems have been fixed in version\n0.25.1+really0.24.6-1+deb9u1.\n\nWe recommend that you upgrade your libgit2 packages.\n\nFor the detailed security status of libgit2 please refer to\nits security tracker page at:\nhttps://security-tracker.debian.org/tracker/libgit2\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-03-21T00:39:43", "type": "debian", "title": "[SECURITY] [DLA 2936-1] libgit2 security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-10887", "CVE-2018-10888", "CVE-2018-15501", "CVE-2018-8098", "CVE-2018-8099", "CVE-2019-1352", "CVE-2019-1353", "CVE-2020-12278", "CVE-2020-12279"], "modified": "2022-03-21T00:39:43", "id": "DEBIAN:DLA-2936-1:BE105", "href": "https://lists.debian.org/debian-lts-announce/2022/03/msg00031.html", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "archlinux": [{"lastseen": "2021-07-28T14:33:59", "description": "Arch Linux Security Advisory ASA-201912-6\n=========================================\n\nSeverity: High\nDate : 2019-12-18\nCVE-ID : CVE-2019-1348 CVE-2019-1349 CVE-2019-1352 CVE-2019-1387\nCVE-2019-19604\nPackage : git\nType : arbitrary code execution\nRemote : Yes\nLink : https://security.archlinux.org/AVG-1073\n\nSummary\n=======\n\nThe package git before version 2.24.1-1 is vulnerable to arbitrary code\nexecution.\n\nResolution\n==========\n\nUpgrade to 2.24.1-1.\n\n# pacman -Syu \"git>=2.24.1-1\"\n\nThe problems have been fixed upstream in version 2.24.1.\n\nWorkaround\n==========\n\nNone.\n\nDescription\n===========\n\n- CVE-2019-1348 (arbitrary code execution)\n\nA security issue has been found in git before 2.24.1 where the\n--export-marks option of git fast-import is exposed also via the in-\nstream command feature export-marks=... and it allows overwriting\narbitrary paths.\n\n- CVE-2019-1349 (arbitrary code execution)\n\nA security issue has been found in git before 2.24.1 when using\nsubmodule paths that refer to the same file system entity (e.g. using\nthe NTFS Alternate Data Streams attack mentioned in CVE-2019-1352 where\nfiles would be written to the `.git/` directory using a synonymous\ndirectory name), it was possible to \"squat\" on the `git~1` shortname on\nNTFS drives, opening attacks via `git~2`. This also affects Git when\nrun as a Linux application inside the Windows Subsystem for Linux.\n\n- CVE-2019-1352 (arbitrary code execution)\n\nA security issue has been found in git before 2.24.1 where it was\nunaware of NTFS Alternate Data Streams, allowing files inside the .git/\ndirectory to be overwritten during a clone.\n\n- CVE-2019-1387 (arbitrary code execution)\n\nA security issue has been found in git before 2.24.1 where recursive\nclones are currently affected by a vulnerability that is caused by too-\nlax validation of submodule names, allowing very targeted attacks via\nremote code execution in recursive clones.\n\n- CVE-2019-19604 (arbitrary code execution)\n\nA security issue has been found in git before 2.24.1, and it is now\ndisallowed for `.gitmodules` to have entries that set\n`submodule.<name>.update=!command`. This fixes the vulnerability in Git\nv2.20.0 and later where a recursive clone followed by a submodule\nupdate could execute code contained within the repository without the\nuser explicitly having asked for that.\n\nImpact\n======\n\nA remote attacker can overwrite files and execute code by abusing NTFS\npath, submodules and fast-import.\n\nReferences\n==========\n\nhttps://github.com/git/git/commit/68061e3470210703cb15594194718d35094afdc0\nhttps://lkml.org/lkml/2019/12/10/905\nhttps://github.com/git/git/commit/0060fd1511b94c918928fa3708f69a3f33895a4a\nhttps://github.com/git/git/commit/7c3745fc6185495d5765628b4dfe1bd2c25a2981\nhttps://github.com/git/git/commit/a8dee3ca610f5a1d403634492136c887f83b59d2\nhttps://github.com/git/git/commit/c1547450748fcbac21675f2681506d2d80351a19\nhttps://security.archlinux.org/CVE-2019-1348\nhttps://security.archlinux.org/CVE-2019-1349\nhttps://security.archlinux.org/CVE-2019-1352\nhttps://security.archlinux.org/CVE-2019-1387\nhttps://security.archlinux.org/CVE-2019-19604", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 5.9}, "published": "2019-12-18T00:00:00", "type": "archlinux", "title": "[ASA-201912-6] git: arbitrary code execution", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1348", "CVE-2019-1349", "CVE-2019-1352", "CVE-2019-1387", "CVE-2019-19604"], "modified": "2019-12-18T00:00:00", "id": "ASA-201912-6", "href": "https://security.archlinux.org/ASA-201912-6", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-07-28T14:33:59", "description": "Arch Linux Security Advisory ASA-201912-5\n=========================================\n\nSeverity: High\nDate : 2019-12-18\nCVE-ID : CVE-2019-1348 CVE-2019-1349 CVE-2019-1352 CVE-2019-1387\nPackage : libgit2\nType : arbitrary code execution\nRemote : Yes\nLink : https://security.archlinux.org/AVG-1075\n\nSummary\n=======\n\nThe package libgit2 before version 1:0.28.4-1 is vulnerable to\narbitrary code execution.\n\nResolution\n==========\n\nUpgrade to 1:0.28.4-1.\n\n# pacman -Syu \"libgit2>=1:0.28.4-1\"\n\nThe problems have been fixed upstream in version 0.28.4.\n\nWorkaround\n==========\n\nNone.\n\nDescription\n===========\n\n- CVE-2019-1348 (arbitrary code execution)\n\nA security issue has been found in git before 2.24.1 where the\n--export-marks option of git fast-import is exposed also via the in-\nstream command feature export-marks=... and it allows overwriting\narbitrary paths.\n\n- CVE-2019-1349 (arbitrary code execution)\n\nA security issue has been found in git before 2.24.1 when using\nsubmodule paths that refer to the same file system entity (e.g. using\nthe NTFS Alternate Data Streams attack mentioned in CVE-2019-1352 where\nfiles would be written to the `.git/` directory using a synonymous\ndirectory name), it was possible to \"squat\" on the `git~1` shortname on\nNTFS drives, opening attacks via `git~2`. This also affects Git when\nrun as a Linux application inside the Windows Subsystem for Linux.\n\n- CVE-2019-1352 (arbitrary code execution)\n\nA security issue has been found in git before 2.24.1 where it was\nunaware of NTFS Alternate Data Streams, allowing files inside the .git/\ndirectory to be overwritten during a clone.\n\n- CVE-2019-1387 (arbitrary code execution)\n\nA security issue has been found in git before 2.24.1 where recursive\nclones are currently affected by a vulnerability that is caused by too-\nlax validation of submodule names, allowing very targeted attacks via\nremote code execution in recursive clones.\n\nImpact\n======\n\nA remote attacker can overwrite files and execute code by abusing NTFS\npath, submodules and fast-import.\n\nReferences\n==========\n\nhttps://github.com/git/git/commit/68061e3470210703cb15594194718d35094afdc0\nhttps://lkml.org/lkml/2019/12/10/905\nhttps://github.com/git/git/commit/0060fd1511b94c918928fa3708f69a3f33895a4a\nhttps://github.com/git/git/commit/7c3745fc6185495d5765628b4dfe1bd2c25a2981\nhttps://github.com/git/git/commit/a8dee3ca610f5a1d403634492136c887f83b59d2\nhttps://security.archlinux.org/CVE-2019-1348\nhttps://security.archlinux.org/CVE-2019-1349\nhttps://security.archlinux.org/CVE-2019-1352\nhttps://security.archlinux.org/CVE-2019-1387", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 5.9}, "published": "2019-12-18T00:00:00", "type": "archlinux", "title": "[ASA-201912-5] libgit2: arbitrary code execution", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1348", "CVE-2019-1349", "CVE-2019-1352", "CVE-2019-1387"], "modified": "2019-12-18T00:00:00", "id": "ASA-201912-5", "href": "https://security.archlinux.org/ASA-201912-5", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "debiancve": [{"lastseen": "2022-05-10T07:41:11", "description": "A remote code execution vulnerability exists when Git for Visual Studio improperly sanitizes input, aka 'Git for Visual Studio Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1349, CVE-2019-1352, CVE-2019-1354, CVE-2019-1387.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2020-01-24T21:15:00", "type": "debiancve", "title": "CVE-2019-1350", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1349", "CVE-2019-1350", "CVE-2019-1352", "CVE-2019-1354", "CVE-2019-1387"], "modified": "2020-01-24T21:15:00", "id": "DEBIANCVE:CVE-2019-1350", "href": "https://security-tracker.debian.org/tracker/CVE-2019-1350", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-05-10T07:41:11", "description": "A remote code execution vulnerability exists when Git for Visual Studio improperly sanitizes input, aka 'Git for Visual Studio Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1350, CVE-2019-1352, CVE-2019-1354, CVE-2019-1387.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2020-01-24T21:15:00", "type": "debiancve", "title": "CVE-2019-1349", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1349", "CVE-2019-1350", "CVE-2019-1352", "CVE-2019-1354", "CVE-2019-1387"], "modified": "2020-01-24T21:15:00", "id": "DEBIANCVE:CVE-2019-1349", "href": "https://security-tracker.debian.org/tracker/CVE-2019-1349", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-05-10T07:41:11", "description": "A remote code execution vulnerability exists when Git for Visual Studio improperly sanitizes input, aka 'Git for Visual Studio Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1349, CVE-2019-1350, CVE-2019-1354, CVE-2019-1387.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2020-01-24T21:15:00", "type": "debiancve", "title": "CVE-2019-1352", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1349", "CVE-2019-1350", "CVE-2019-1352", "CVE-2019-1354", "CVE-2019-1387"], "modified": "2020-01-24T21:15:00", "id": "DEBIANCVE:CVE-2019-1352", "href": "https://security-tracker.debian.org/tracker/CVE-2019-1352", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-05-10T07:41:11", "description": "A remote code execution vulnerability exists when Git for Visual Studio improperly sanitizes input, aka 'Git for Visual Studio Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1349, CVE-2019-1350, CVE-2019-1352, CVE-2019-1387.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2020-01-24T21:15:00", "type": "debiancve", "title": "CVE-2019-1354", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1349", "CVE-2019-1350", "CVE-2019-1352", "CVE-2019-1354", "CVE-2019-1387"], "modified": "2020-01-24T21:15:00", "id": "DEBIANCVE:CVE-2019-1354", "href": "https://security-tracker.debian.org/tracker/CVE-2019-1354", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-05-10T07:41:11", "description": "Arbitrary command execution is possible in Git before 2.20.2, 2.21.x before 2.21.1, 2.22.x before 2.22.2, 2.23.x before 2.23.1, and 2.24.x before 2.24.1 because a \"git submodule update\" operation can run commands found in the .gitmodules file of a malicious repository.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2019-12-11T00:15:00", "type": "debiancve", "title": "CVE-2019-19604", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-19604"], "modified": "2019-12-11T00:15:00", "id": "DEBIANCVE:CVE-2019-19604", "href": "https://security-tracker.debian.org/tracker/CVE-2019-19604", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-05-10T07:41:11", "description": "An issue was found in Git before v2.24.1, v2.23.1, v2.22.2, v2.21.1, v2.20.2, v2.19.3, v2.18.2, v2.17.3, v2.16.6, v2.15.4, and v2.14.6. The --export-marks option of git fast-import is exposed also via the in-stream command feature export-marks=... and it allows overwriting arbitrary paths.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "baseScore": 3.3, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2020-01-24T22:15:00", "type": "debiancve", "title": "CVE-2019-1348", "bulletinFamily": "info", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 3.6, "vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1348"], "modified": "2020-01-24T22:15:00", "id": "DEBIANCVE:CVE-2019-1348", "href": "https://security-tracker.debian.org/tracker/CVE-2019-1348", "cvss": {"score": 3.6, "vector": "AV:L/AC:L/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2022-05-10T07:41:11", "description": "An issue was found in Git before v2.24.1, v2.23.1, v2.22.2, v2.21.1, v2.20.2, v2.19.3, v2.18.2, v2.17.3, v2.16.6, v2.15.4, and v2.14.6. When running Git in the Windows Subsystem for Linux (also known as \"WSL\") while accessing a working directory on a regular Windows drive, none of the NTFS protections were active.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-01-24T22:15:00", "type": "debiancve", "title": "CVE-2019-1353", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1353"], "modified": "2020-01-24T22:15:00", "id": "DEBIANCVE:CVE-2019-1353", "href": "https://security-tracker.debian.org/tracker/CVE-2019-1353", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-05-10T07:41:11", "description": "A tampering vulnerability exists when Git for Visual Studio improperly handles virtual drive paths, aka 'Git for Visual Studio Tampering Vulnerability'.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-01-24T21:15:00", "type": "debiancve", "title": "CVE-2019-1351", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1351"], "modified": "2020-01-24T21:15:00", "id": "DEBIANCVE:CVE-2019-1351", "href": "https://security-tracker.debian.org/tracker/CVE-2019-1351", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2022-05-10T07:41:11", "description": "An issue was found in Git before v2.24.1, v2.23.1, v2.22.2, v2.21.1, v2.20.2, v2.19.3, v2.18.2, v2.17.3, v2.16.6, v2.15.4, and v2.14.6. Recursive clones are currently affected by a vulnerability that is caused by too-lax validation of submodule names, allowing very targeted attacks via remote code execution in recursive clones.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2019-12-18T21:15:00", "type": "debiancve", "title": "CVE-2019-1387", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1387"], "modified": "2019-12-18T21:15:00", "id": "DEBIANCVE:CVE-2019-1387", "href": "https://security-tracker.debian.org/tracker/CVE-2019-1387", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-05-05T07:34:38", "description": "An issue was discovered in libgit2 before 0.28.4 and 0.9x before 0.99.0. checkout.c mishandles equivalent filenames that exist because of NTFS short names. This may allow remote code execution when cloning a repository. This issue is similar to CVE-2019-1353.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-04-27T17:15:00", "type": "debiancve", "title": "CVE-2020-12279", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1353", "CVE-2020-12279"], "modified": "2020-04-27T17:15:00", "id": "DEBIANCVE:CVE-2020-12279", "href": "https://security-tracker.debian.org/tracker/CVE-2020-12279", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-05-05T07:34:38", "description": "An issue was discovered in libgit2 before 0.28.4 and 0.9x before 0.99.0. path.c mishandles equivalent filenames that exist because of NTFS Alternate Data Streams. This may allow remote code execution when cloning a repository. This issue is similar to CVE-2019-1352.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-04-27T17:15:00", "type": "debiancve", "title": "CVE-2020-12278", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1352", "CVE-2020-12278"], "modified": "2020-04-27T17:15:00", "id": "DEBIANCVE:CVE-2020-12278", "href": "https://security-tracker.debian.org/tracker/CVE-2020-12278", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "cve": [{"lastseen": "2022-03-23T20:17:59", "description": "A remote code execution vulnerability exists when Git for Visual Studio improperly sanitizes input, aka 'Git for Visual Studio Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1350, CVE-2019-1352, CVE-2019-1354, CVE-2019-1387.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2020-01-24T21:15:00", "type": "cve", "title": "CVE-2019-1349", "cwe": ["CWE-20"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1349", "CVE-2019-1350", "CVE-2019-1352", "CVE-2019-1354", "CVE-2019-1387"], "modified": "2020-01-28T01:15:00", "cpe": [], "id": "CVE-2019-1349", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-1349", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "cpe23": []}, {"lastseen": "2022-03-23T20:18:11", "description": "A remote code execution vulnerability exists when Git for Visual Studio improperly sanitizes input, aka 'Git for Visual Studio Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1349, CVE-2019-1352, CVE-2019-1354, CVE-2019-1387.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2020-01-24T21:15:00", "type": "cve", "title": "CVE-2019-1350", "cwe": ["CWE-20"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1349", "CVE-2019-1350", "CVE-2019-1352", "CVE-2019-1354", "CVE-2019-1387"], "modified": "2020-01-28T01:15:00", "cpe": [], "id": "CVE-2019-1350", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-1350", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "cpe23": []}, {"lastseen": "2022-03-23T20:18:35", "description": "A remote code execution vulnerability exists when Git for Visual Studio improperly sanitizes input, aka 'Git for Visual Studio Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1349, CVE-2019-1350, CVE-2019-1354, CVE-2019-1387.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2020-01-24T21:15:00", "type": "cve", "title": "CVE-2019-1352", "cwe": ["CWE-20"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1349", "CVE-2019-1350", "CVE-2019-1352", "CVE-2019-1354", "CVE-2019-1387"], "modified": "2020-01-28T01:15:00", "cpe": [], "id": "CVE-2019-1352", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-1352", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "cpe23": []}, {"lastseen": "2022-03-23T20:19:06", "description": "A remote code execution vulnerability exists when Git for Visual Studio improperly sanitizes input, aka 'Git for Visual Studio Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1349, CVE-2019-1350, CVE-2019-1352, CVE-2019-1387.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2020-01-24T21:15:00", "type": "cve", "title": "CVE-2019-1354", "cwe": ["CWE-20"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1349", "CVE-2019-1350", "CVE-2019-1352", "CVE-2019-1354", "CVE-2019-1387"], "modified": "2020-01-28T01:15:00", "cpe": [], "id": "CVE-2019-1354", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-1354", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "cpe23": []}, {"lastseen": "2022-04-01T16:32:48", "description": "Arbitrary command execution is possible in Git before 2.20.2, 2.21.x before 2.21.1, 2.22.x before 2.22.2, 2.23.x before 2.23.1, and 2.24.x before 2.24.1 because a \"git submodule update\" operation can run commands found in the .gitmodules file of a malicious repository.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2019-12-11T00:15:00", "type": "cve", "title": "CVE-2019-19604", "cwe": ["CWE-78", "CWE-862"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-19604"], "modified": "2022-04-01T15:50:00", "cpe": ["cpe:/o:fedoraproject:fedora:30", "cpe:/o:debian:debian_linux:9.0", "cpe:/o:fedoraproject:fedora:31", "cpe:/o:opensuse:leap:15.1", "cpe:/o:debian:debian_linux:10.0"], "id": "CVE-2019-19604", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-19604", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*", "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T20:17:42", "description": "An issue was found in Git before v2.24.1, v2.23.1, v2.22.2, v2.21.1, v2.20.2, v2.19.3, v2.18.2, v2.17.3, v2.16.6, v2.15.4, and v2.14.6. The --export-marks option of git fast-import is exposed also via the in-stream command feature export-marks=... and it allows overwriting arbitrary paths.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "baseScore": 3.3, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2020-01-24T22:15:00", "type": "cve", "title": "CVE-2019-1348", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 3.6, "vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1348"], "modified": "2021-01-26T14:47:00", "cpe": ["cpe:/o:opensuse:leap:15.1"], "id": "CVE-2019-1348", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-1348", "cvss": {"score": 3.6, "vector": "AV:L/AC:L/Au:N/C:N/I:P/A:P"}, "cpe23": ["cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T20:18:49", "description": "An issue was found in Git before v2.24.1, v2.23.1, v2.22.2, v2.21.1, v2.20.2, v2.19.3, v2.18.2, v2.17.3, v2.16.6, v2.15.4, and v2.14.6. When running Git in the Windows Subsystem for Linux (also known as \"WSL\") while accessing a working directory on a regular Windows drive, none of the NTFS protections were active.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-01-24T22:15:00", "type": "cve", "title": "CVE-2019-1353", "cwe": ["NVD-CWE-Other"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1353"], "modified": "2021-01-26T14:47:00", "cpe": ["cpe:/o:opensuse:leap:15.1"], "id": "CVE-2019-1353", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-1353", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T20:18:22", "description": "A tampering vulnerability exists when Git for Visual Studio improperly handles virtual drive paths, aka 'Git for Visual Studio Tampering Vulnerability'.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-01-24T21:15:00", "type": "cve", "title": "CVE-2019-1351", "cwe": ["CWE-706"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1351"], "modified": "2020-08-24T17:37:00", "cpe": ["cpe:/o:opensuse:leap:15.1"], "id": "CVE-2019-1351", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-1351", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}, "cpe23": ["cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T20:24:51", "description": "An issue was found in Git before v2.24.1, v2.23.1, v2.22.2, v2.21.1, v2.20.2, v2.19.3, v2.18.2, v2.17.3, v2.16.6, v2.15.4, and v2.14.6. Recursive clones are currently affected by a vulnerability that is caused by too-lax validation of submodule names, allowing very targeted attacks via remote code execution in recursive clones.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2019-12-18T21:15:00", "type": "cve", "title": "CVE-2019-1387", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1387"], "modified": "2021-01-26T14:47:00", "cpe": ["cpe:/a:git-scm:git:2.21.0", "cpe:/a:git-scm:git:2.24.0", "cpe:/a:git-scm:git:2.23.0"], "id": "CVE-2019-1387", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-1387", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:git-scm:git:2.23.0:*:*:*:*:*:*:*", "cpe:2.3:a:git-scm:git:2.24.0:*:*:*:*:*:*:*", "cpe:2.3:a:git-scm:git:2.21.0:*:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T16:55:30", "description": "Cygwin Git is a patch set for the git command line tool for the cygwin environment. A specially crafted repository that contains symbolic links as well as files with backslash characters in the file name may cause just-checked out code to be executed while checking out a repository using Git on Cygwin. The problem will be patched in the Cygwin Git v2.31.1-2 release. At time of writing, the vulnerability is present in the upstream Git source code; any Cygwin user who compiles Git for themselves from upstream sources should manually apply a patch to mitigate the vulnerability. As mitigation users should not clone or pull from repositories from untrusted sources. CVE-2019-1354 was an equivalent vulnerability in Git for Visual Studio.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2021-04-29T21:15:00", "type": "cve", "title": "CVE-2021-29468", "cwe": ["CWE-20"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1354", "CVE-2021-29468"], "modified": "2021-05-11T16:17:00", "cpe": ["cpe:/a:cygwin:git:2.31.1-1"], "id": "CVE-2021-29468", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-29468", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:cygwin:git:2.31.1-1:*:*:*:*:*:*:*"]}, {"lastseen": "2022-04-26T00:49:47", "description": "An issue was discovered in libgit2 before 0.28.4 and 0.9x before 0.99.0. checkout.c mishandles equivalent filenames that exist because of NTFS short names. This may allow remote code execution when cloning a repository. This issue is similar to CVE-2019-1353.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-04-27T17:15:00", "type": "cve", "title": "CVE-2020-12279", "cwe": ["CWE-706"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1353", "CVE-2020-12279"], "modified": "2022-04-25T20:42:00", "cpe": ["cpe:/o:debian:debian_linux:9.0"], "id": "CVE-2020-12279", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-12279", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"]}, {"lastseen": "2022-04-26T00:49:50", "description": "An issue was discovered in libgit2 before 0.28.4 and 0.9x before 0.99.0. path.c mishandles equivalent filenames that exist because of NTFS Alternate Data Streams. This may allow remote code execution when cloning a repository. This issue is similar to CVE-2019-1352.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-04-27T17:15:00", "type": "cve", "title": "CVE-2020-12278", "cwe": ["CWE-706"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1352", "CVE-2020-12278"], "modified": "2022-04-25T20:41:00", "cpe": ["cpe:/o:debian:debian_linux:9.0"], "id": "CVE-2020-12278", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-12278", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"]}], "redhatcve": [{"lastseen": "2022-05-18T16:07:55", "description": "A remote code execution vulnerability exists when Git for Visual Studio improperly sanitizes input, aka 'Git for Visual Studio Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1349, CVE-2019-1350, CVE-2019-1354, CVE-2019-1387.\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2019-12-11T00:50:56", "type": "redhatcve", "title": "CVE-2019-1352", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1349", "CVE-2019-1350", "CVE-2019-1352", "CVE-2019-1354", "CVE-2019-1387"], "modified": "2022-05-18T15:49:04", "id": "RH:CVE-2019-1352", "href": "https://access.redhat.com/security/cve/cve-2019-1352", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-09-02T22:37:59", "description": "A remote code execution vulnerability exists when Git for Visual Studio improperly sanitizes input, aka 'Git for Visual Studio Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1349, CVE-2019-1350, CVE-2019-1352, CVE-2019-1387.\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 5.9}, "published": "2019-12-11T00:51:03", "type": "redhatcve", "title": "CVE-2019-1354", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1349", "CVE-2019-1350", "CVE-2019-1352", "CVE-2019-1354", "CVE-2019-1387"], "modified": "2020-12-09T09:08:38", "id": "RH:CVE-2019-1354", "href": "https://access.redhat.com/security/cve/cve-2019-1354", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-09-02T22:38:00", "description": "A remote code execution vulnerability exists when Git for Visual Studio improperly sanitizes input, aka 'Git for Visual Studio Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1349, CVE-2019-1352, CVE-2019-1354, CVE-2019-1387.\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 5.9}, "published": "2019-12-11T00:21:07", "type": "redhatcve", "title": "CVE-2019-1350", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1349", "CVE-2019-1350", "CVE-2019-1352", "CVE-2019-1354", "CVE-2019-1387"], "modified": "2020-12-09T09:10:54", "id": "RH:CVE-2019-1350", "href": "https://access.redhat.com/security/cve/cve-2019-1350", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-09-02T22:38:01", "description": "A security bypass was discovered in git, which allows arbitrary commands to be executed during the update of git submodules. A remote attacker may trick a victim user into cloning a malicious repository that initially looks fine, allowing access to bypass the security mechanisms that prevent the execution of arbitrary commands during the submodule initialization. After following an update of the repository and the submodules done by the victim user, vulnerable versions of git may use the update setting in the .gitmodules file and execute arbitrary commands.\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 5.9}, "published": "2019-12-11T00:51:04", "type": "redhatcve", "title": "CVE-2019-19604", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-19604"], "modified": "2021-05-13T05:51:42", "id": "RH:CVE-2019-19604", "href": "https://access.redhat.com/security/cve/cve-2019-19604", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-05-18T16:07:55", "description": "A flaw was found in the git fast-import command where it provides the export-marks feature that may unexpectedly overwrite arbitrary paths. An attacker can abuse this flaw if they can control the input passed to the fast-import command by using the export-marks feature and overwrite arbitrary files, but would not have complete control on the content of the file.\n#### Mitigation\n\nAvoid running `git fast-import` on untrusted input. \n\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "baseScore": 3.3, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2019-12-11T00:21:07", "type": "redhatcve", "title": "CVE-2019-1348", "bulletinFamily": "info", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 3.6, "vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1348"], "modified": "2022-05-18T15:48:52", "id": "RH:CVE-2019-1348", "href": "https://access.redhat.com/security/cve/cve-2019-1348", "cvss": {"score": 3.6, "vector": "AV:L/AC:L/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2021-09-02T22:38:00", "description": "An issue was found in Git before v2.24.1, v2.23.1, v2.22.2, v2.21.1, v2.20.2, v2.19.3, v2.18.2, v2.17.3, v2.16.6, v2.15.4, and v2.14.6. When running Git in the Windows Subsystem for Linux (also known as \"WSL\") while accessing a working directory on a regular Windows drive, none of the NTFS protections were active.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2019-12-11T00:50:56", "type": "redhatcve", "title": "CVE-2019-1353", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1353"], "modified": "2020-08-18T14:05:56", "id": "RH:CVE-2019-1353", "href": "https://access.redhat.com/security/cve/cve-2019-1353", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-09-02T22:38:00", "description": "A tampering vulnerability exists when Git for Visual Studio improperly handles virtual drive paths, aka 'Git for Visual Studio Tampering Vulnerability'.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 3.6}, "published": "2019-12-11T00:21:00", "type": "redhatcve", "title": "CVE-2019-1351", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1351"], "modified": "2020-12-09T09:08:34", "id": "RH:CVE-2019-1351", "href": "https://access.redhat.com/security/cve/cve-2019-1351", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2022-05-18T16:07:54", "description": "An improper input validation flaw was discovered in git in the way it handles git submodules. A remote attacker could abuse this flaw to trick a victim user into recursively cloning a malicious repository, which, under certain circumstances, could fool git into using the same git directory twice and potentially cause remote code execution.\n#### Mitigation\n\nAvoid running `git clone --recurse-submodules` and `git submodule update` with untrusted repositories. \n\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2019-12-11T00:21:00", "type": "redhatcve", "title": "CVE-2019-1349", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1349"], "modified": "2022-05-18T15:49:01", "id": "RH:CVE-2019-1349", "href": "https://access.redhat.com/security/cve/cve-2019-1349", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-05-18T16:07:53", "description": "A flaw was discovered where git improperly validates submodules' names used to construct git metadata paths and does not prevent them from being nested in existing directories used to store another submodule's metadata. A remote attacker could abuse this flaw to trick a victim user into cloning a malicious repository containing submodules, which, when recursively cloned, would trigger the flaw and remotely execute code on the victim's machine.\n#### Mitigation\n\nAvoid running `git clone --recurse-submodules` and `git submodule update` with untrusted repositories. \n\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2020-04-09T07:30:43", "type": "redhatcve", "title": "CVE-2019-1387", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1387"], "modified": "2022-05-18T15:50:10", "id": "RH:CVE-2019-1387", "href": "https://access.redhat.com/security/cve/cve-2019-1387", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-09-02T22:39:29", "description": "An issue was discovered in libgit2 before 0.28.4 and 0.9x before 0.99.0. checkout.c mishandles equivalent filenames that exist because of NTFS short names. This may allow remote code execution when cloning a repository. This issue is similar to CVE-2019-1353.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2020-04-29T14:10:02", "type": "redhatcve", "title": "CVE-2020-12279", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1353", "CVE-2020-12279"], "modified": "2020-08-17T22:56:11", "id": "RH:CVE-2020-12279", "href": "https://access.redhat.com/security/cve/cve-2020-12279", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-09-02T22:39:28", "description": "An issue was discovered in libgit2 before 0.28.4 and 0.9x before 0.99.0. path.c mishandles equivalent filenames that exist because of NTFS Alternate Data Streams. This may allow remote code execution when cloning a repository. This issue is similar to CVE-2019-1352.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2020-04-29T14:10:31", "type": "redhatcve", "title": "CVE-2020-12278", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1352", "CVE-2020-12278"], "modified": "2020-08-17T22:56:06", "id": "RH:CVE-2020-12278", "href": "https://access.redhat.com/security/cve/cve-2020-12278", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "kaspersky": [{"lastseen": "2021-08-18T11:06:48", "description": "### *Detect date*:\n12/10/2019\n\n### *Severity*:\nCritical\n\n### *Description*:\nMultiple vulnerabilities were found in Microsoft Developer Tools. Malicious users can exploit these vulnerabilities to execute arbitrary code, spoof user interface.\n\n### *Affected products*:\nMicrosoft Visual Studio 2017 version 15.9 (includes 15.1 - 15.8) \nMicrosoft Visual Studio 2019 version 16.0 \nMicrosoft Visual Studio 2017 version 15.0 \nMicrosoft Visual Studio 2019 version 16.4 (includes 16.0 - 16.3) \nMicrosoft Visual Studio Live Share extension\n\n### *Solution*:\nInstall necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)\n\n### *Original advisories*:\n[CVE-2019-1352](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-1352>) \n[CVE-2019-1351](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-1351>) \n[CVE-2019-1387](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-1387>) \n[CVE-2019-1350](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-1350>) \n[CVE-2019-1354](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-1354>) \n[CVE-2019-1486](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-1486>) \n[CVE-2019-1349](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-1349>) \n\n\n### *Impacts*:\nACE \n\n### *Related products*:\n[Microsoft Visual Studio](<https://threats.kaspersky.com/en/product/Microsoft-Visual-Studio/>)\n\n### *CVE-IDS*:\n[CVE-2019-1352](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1352>)9.3Critical \n[CVE-2019-1351](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1351>)5.0Critical \n[CVE-2019-1387](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1387>)6.8High \n[CVE-2019-1350](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1350>)9.3Critical \n[CVE-2019-1354](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1354>)9.3Critical \n[CVE-2019-1486](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1486>)5.8High \n[CVE-2019-1349](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1349>)9.3Critical\n\n### *Microsoft official advisories*:", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 5.9}, "published": "2019-12-10T00:00:00", "type": "kaspersky", "title": "KLA11618 Multiple vulnerabilities in Microsoft Developer Tools", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1349", "CVE-2019-1350", "CVE-2019-1351", "CVE-2019-1352", "CVE-2019-1354", "CVE-2019-1387", "CVE-2019-1486"], "modified": "2020-06-03T00:00:00", "id": "KLA11618", "href": "https://threats.kaspersky.com/en/vulnerability/KLA11618/", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "mageia": [{"lastseen": "2022-04-18T11:19:34", "description": "The updated packages fix security vulnerabilities: The --export-marks option of git fast-import is exposed also via the in-stream command feature export-marks=... and it allows overwriting arbitrary paths. (CVE-2019-1348) When submodules are cloned recursively, under certain circumstances Git could be fooled into using the same Git directory twice. We now require the directory to be empty. (CVE-2019-1349) Recursive clones are currently affected by a vulnerability that is caused by too-lax validation of submodule names, allowing very targeted attacks via remote code execution in recursive clones. (CVE-2019-1387) Arbitrary command execution is possible in Git before before 2.21.1, because a \"git submodule update\" operation can run commands found in the .gitmodules file of a malicious repository. (CVE-2019-19604) \n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2019-12-15T18:03:05", "type": "mageia", "title": "Updated git packages fix security vulnerabilities\n", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1348", "CVE-2019-1349", "CVE-2019-1387", "CVE-2019-19604"], "modified": "2019-12-15T18:03:05", "id": "MGASA-2019-0393", "href": "https://advisories.mageia.org/MGASA-2019-0393.html", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-04-18T11:19:34", "description": "libgit2 has been updated to version 0.28.4 to fix several security issues: * A carefully constructed commit object with a very large number of parents may lead to potential out-of-bounds writes or potential denial of service. * CVE-2019-1348: the fast-import stream command \"feature export-marks=path\" allows writing to arbitrary file paths. As libgit2 does not offer any interface for fast-import, it is not susceptible to this vulnerability. * CVE-2019-1350: recursive clones may lead to arbitrary remote code executing due to improper quoting of command line arguments. As libgit2 uses libssh2, which does not require us to perform command line parsing, it is not susceptible to this vulnerability. * CVE-2019-1387: it is possible to let a submodule's git directory point into a sibling's submodule directory, which may result in overwriting parts of the Git repository and thus lead to arbitrary command execution. As libgit2 doesn't provide any way to do submodule clones natively, it is not susceptible to this vulnerability. Users of libgit2 that have implemented recursive submodule clones manually are encouraged to review their implementation for this vulnerability. \n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2019-12-15T18:03:05", "type": "mageia", "title": "Updated libgit2 packages fix security vulnerabilities\n", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1348", "CVE-2019-1350", "CVE-2019-1387"], "modified": "2019-12-15T18:03:05", "id": "MGASA-2019-0391", "href": "https://advisories.mageia.org/MGASA-2019-0391.html", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "redhat": [{"lastseen": "2021-10-19T20:37:49", "description": "Git is a distributed revision control system with a decentralized architecture. As opposed to centralized version control systems with a client-server model, Git ensures that each working copy of a Git repository is an exact copy with complete revision history. This not only allows the user to work on and contribute to projects without the need to have permission to push the changes to their official repositories, but also makes it possible for the user to work with no network connection.\n\nThe following packages have been upgraded to a later upstream version: git (2.18.2). (BZ#1784057)\n\nSecurity Fix(es):\n\n* git: Remote code execution in recursive clones with nested submodules (CVE-2019-1387)\n\n* git: Arbitrary path overwriting via export-marks in-stream command feature (CVE-2019-1348)\n\n* git: Recursive submodule cloning allows using git directory twice with synonymous directory name written in .git/ (CVE-2019-1349)\n\n* git: Files inside the .git directory may be overwritten during cloning via NTFS Alternate Data Streams (CVE-2019-1352)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 5.9}, "published": "2020-01-27T08:04:40", "type": "redhat", "title": "(RHSA-2020:0228) Important: git security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1348", "CVE-2019-1349", "CVE-2019-1352", "CVE-2019-1387"], "modified": "2020-01-27T08:29:38", "id": "RHSA-2020:0228", "href": "https://access.redhat.com/errata/RHSA-2020:0228", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-10-19T20:40:42", "description": "Git is a distributed revision control system with a decentralized architecture. As opposed to centralized version control systems with a client-server model, Git ensures that each working copy of a Git repository is an exact copy with complete revision history. This not only allows the user to work on and contribute to projects without the need to have permission to push the changes to their official repositories, but also makes it possible for the user to work with no network connection.\n\nThe following packages have been upgraded to a later upstream version: git (2.18.2). (BZ#1784058)\n\nSecurity Fix(es):\n\n* git: Remote code execution in recursive clones with nested submodules (CVE-2019-1387)\n\n* git: Arbitrary path overwriting via export-marks in-stream command feature (CVE-2019-1348)\n\n* git: Recursive submodule cloning allows using git directory twice with synonymous directory name written in .git/ (CVE-2019-1349)\n\n* git: Files inside the .git directory may be overwritten during cloning via NTFS Alternate Data Streams (CVE-2019-1352)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 5.9}, "published": "2019-12-19T18:18:24", "type": "redhat", "title": "(RHSA-2019:4356) Important: git security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1348", "CVE-2019-1349", "CVE-2019-1352", "CVE-2019-1387"], "modified": "2019-12-19T18:36:31", "id": "RHSA-2019:4356", "href": "https://access.redhat.com/errata/RHSA-2019:4356", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-10-19T20:37:14", "description": "Git is a distributed revision control system with a decentralized architecture. As opposed to centralized version control systems with a client-server model, Git ensures that each working copy of a Git repository is an exact copy with complete revision history. This not only allows the user to work on and contribute to projects without the need to have permission to push the changes to their official repositories, but also makes it possible for the user to work with no network connection.\n\nThe following packages have been upgraded to a later upstream version: rh-git218-git (2.18.2). (BZ#1784060, BZ#1784368, BZ#1784528)\n\nSecurity Fix(es):\n\n* git: Remote code execution in recursive clones with nested submodules (CVE-2019-1387)\n\n* git: Arbitrary path overwriting via export-marks in-stream command feature (CVE-2019-1348)\n\n* git: Recursive submodule cloning allows using git directory twice with synonymous directory name written in .git/ (CVE-2019-1349)\n\n* git: Files inside the .git directory may be overwritten during cloning via NTFS Alternate Data Streams (CVE-2019-1352)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 5.9}, "published": "2020-01-02T08:21:54", "type": "redhat", "title": "(RHSA-2020:0002) Important: rh-git218-git security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1348", "CVE-2019-1349", "CVE-2019-1352", "CVE-2019-1387"], "modified": "2020-01-02T08:44:13", "id": "RHSA-2020:0002", "href": "https://access.redhat.com/errata/RHSA-2020:0002", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-10-19T20:36:04", "description": "Git is a distributed revision control system with a decentralized architecture. As opposed to centralized version control systems with a client-server model, Git ensures that each working copy of a Git repository is an exact copy with complete revision history. This not only allows the user to work on and contribute to projects without the need to have permission to push the changes to their official repositories, but also makes it possible for the user to work with no network connection.\n\nSecurity Fix(es):\n\n* git: Remote code execution in recursive clones with nested submodules (CVE-2019-1387)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 5.9}, "published": "2020-01-16T10:47:10", "type": "redhat", "title": "(RHSA-2020:0124) Important: git security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1387"], "modified": "2020-01-16T11:53:32", "id": "RHSA-2020:0124", "href": "https://access.redhat.com/errata/RHSA-2020:0124", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-10-19T20:40:07", "description": "Red Hat CodeReady Workspaces 2.1.0 provides a cloud developer-workspace server and a browser-based IDE built for teams and organizations. CodeReady Workspaces runs in OpenShift and is well-suited for container-based development.\n\nThis major release is based on Eclipse Che 7.9 and offers security fixes and a number of enhancements and new features, including:\n\nSecurity fix:\n\n* JWT proxy bypass allows access to workspace pods of other users (CVE-2020-10689)\n\nEnhancements and new features:\n\n* Improved code samples for default devfiles\n* Improved naming of default stacks\n* Updated .NET sample (including debugger) to version 3.1\n* Enabled offline devfile registry\n\nFor more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section.\n\nThis update includes updated container images, which are based on an updated Red Hat Enterprise Linux image that contains fixes for the following issues:\n\nCVE-2019-1348, CVE-2019-1349, CVE-2019-1352, CVE-2019-1387, CVE-2019-13734, CVE-2019-15030, CVE-2019-15031, CVE-2019-16775, CVE-2019-16776, CVE-2019-16777, CVE-2019-18397, CVE-2019-18408, CVE-2019-18660, CVE-2019-19527, CVE-2020-1712, CVE-2020-10531", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 5.9}, "published": "2020-04-14T18:30:55", "type": "redhat", "title": "(RHSA-2020:1475) Moderate: Red Hat CodeReady Workspaces 2.1.0 release", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1348", "CVE-2019-1349", "CVE-2019-1352", "CVE-2019-13734", "CVE-2019-1387", "CVE-2019-15030", "CVE-2019-15031", "CVE-2019-16775", "CVE-2019-16776", "CVE-2019-16777", "CVE-2019-18397", "CVE-2019-18408", "CVE-2019-18660", "CVE-2019-19527", "CVE-2020-10531", "CVE-2020-10689", "CVE-2020-1712"], "modified": "2020-04-14T18:43:09", "id": "RHSA-2020:1475", "href": "https://access.redhat.com/errata/RHSA-2020:1475", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "qualysblog": [{"lastseen": "2019-12-14T23:21:47", "description": "This month's Patch Tuesday is rather light and addresses 36 vulnerabilities, with only 7 labeled as Critical. Five of the seven Critical vulns are in Git for Visual Studio. The others are for Hyper-V and Win32k. Also, there is one actively attacked \"Important\" vuln in Win32k. Adobe released patches today covering Acrobat/Reader, ColdFusion, Photoshop, and Brackets.\n\n### Workstation Patches\n\nWin32k patches ([CVE-2019-1468](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1468>) and [CVE-2019-1458](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1458>)) should be prioritized for workstation-type devices, meaning any system that is used for email or to access the internet via a browser. This includes multi-user servers that are used as remote desktops for users.\n\nThough listed as Important, Microsoft has disclosed that CVE-2019-1458 is actively attacked in the wild.\n\n### Hyper-V Hypervisor Escapes\n\nA remote code execution vulnerability ([CVE-2019-1471](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1471>)) is patched in Hyper-V that would allow an authenticated user on a guest system to run arbitrary code on the host system. Microsoft notes that exploitation of this vulnerability is less likely, but these patches should still be prioritized for all Hyper-V systems.\n\n### Git for Visual Studio\n\nMicrosoft patched 5 vulnerabilities ([CVE-2019-1354](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1354>), [CVE-2019-1350](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1350>), [CVE-2019-1352](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1352>), [CVE-2019-1387](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1387>), and [CVE-2019-1349](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1349>)) in Git for Visual Studio. Exploitation requires that a user clones a malicious repo. Based on the details provided, the vulnerabilities appear to all be Command Injection. These patches should be prioritized for any Visual Studio installations that use Git.\n\n### Adobe\n\nAdobe's Patch Tuesday covers Acrobat/Reader, ColdFusion, Photoshop, and Brackets. The patches for [Acrobat/Reader](<https://helpx.adobe.com/security/products/acrobat/apsb19-55.html>) (21 vulns) and [ColdFusion](<https://helpx.adobe.com/security/products/coldfusion/apsb19-58.html>) (1 vuln) are listed as [Priority 2](<https://helpx.adobe.com/security/severity-ratings.html>), while the patches for [Photoshop](<https://helpx.adobe.com/security/products/photoshop/apsb19-56.html>) (2 vulns) and [Brackets](<https://helpx.adobe.com/security/products/brackets/apsb19-57.html>) (1 vuln) are labeled [Priority 3](<https://helpx.adobe.com/security/severity-ratings.html>). The Acrobat/Reader patches should be prioritized for Workstations with this software installed, and the ColdFusion patches should be prioritized on ColdFusion servers.", "cvss3": {}, "published": "2019-12-10T19:04:23", "type": "qualysblog", "title": "December 2019 Patch Tuesday \u2013 36 Vulns, 7 Critical, Actively Attacked Win32k vuln, Adobe vulns", "bulletinFamily": "blog", "cvss2": {}, "cvelist": ["CVE-2019-1349", "CVE-2019-1350", "CVE-2019-1352", "CVE-2019-1354", "CVE-2019-1387", "CVE-2019-1458", "CVE-2019-1468", "CVE-2019-1471"], "modified": "2019-12-10T19:04:23", "id": "QUALYSBLOG:D1C46696E4E69F5182E6FECCD3884846", "href": "https://blog.qualys.com/laws-of-vulnerabilities/2019/12/10/december-2019-patch-tuesday-36-vulns-7-critical-actively-attacked-win32k-vuln-adobe-vulns", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "threatpost": [{"lastseen": "2020-10-09T22:40:13", "description": "Microsoft has issued fixes for 36 CVEs for December 2019 Patch Tuesday across a range of products, with seven of them rated critical in severity \u2013 and one that\u2019s already being exploited in the wild as a zero-day bug.\n\nThe computing giant\u2019s [scheduled security update](<https://portal.msrc.microsoft.com/en-us/security-guidance/releasenotedetail/2019-Dec>) this month is relatively light, and includes patches for Microsoft Windows, Internet Explorer, Microsoft Office and related apps, SQL Server, Visual Studio and Skype for Business. In all, December Patch Tuesday addressed seven bugs that are rated critical, 28 that are rated important, and one that rated moderate in severity.\n\n## Zero-Day Bug Exploited in the Wild\n\n[CVE-2019-1458](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1458?ranMID=43674&ranEAID=je6NUbpObpQ&ranSiteID=je6NUbpObpQ-ar.N8FRT6gAnfwe0LIsu3w&epi=je6NUbpObpQ-ar.N8FRT6gAnfwe0LIsu3w&irgwc=1&OCID=AID2000142_aff_7795_1243925&tduid=\\(ir__6kyw1a3v19kfrhwjkk0sohzn0n2xgdsljxwdqz2h00\\)\\(7795\\)\\(1243925\\)\\(je6NUbpObpQ-ar.N8FRT6gAnfwe0LIsu3w\\)\\(\\)&irclickid=_6kyw1a3v19kfrhwjkk0sohzn0n2xgdsljxwdqz2h00>) is an elevation-of-privilege vulnerability in Win32k, which has a live zero-day exploit circulating in the wild. The exploit allows attackers to gain higher privileges on the attacked machine and avoid protection mechanisms in the Google Chrome browser, researchers said.\n\n\u201cAn attacker could exploit the flaw to execute arbitrary code in kernel mode on the victim\u2019s system,\u201d said Satnam Narang, senior research engineer at Tenable, via email. \u201cFrom there, the attacker could perform a variety of actions, such as creating a new account with full user rights, installing programs, and viewing, changing or deleting data.\u201d\n\n[](<https://attendee.gotowebinar.com/register/7725318633369800449?source=INART>)\n\nThe one caveat is that to exploit the flaw, an attacker would need to have previously compromised the system using another vulnerability \u2013 thus, it\u2019s rated only as important in severity and carries a CVSSv3 base score of 7.8 out of 10. However, since it has been exploited in the wild as a zero-day, IT security staff should prioritize the patch, researchers said.\n\n\u201cThis is one of many vulnerabilities that Microsoft resolved in 2019 that were being exploited but were not rated as a critical severity,\u201d said Chris Goettl, director of product management, Security, at Ivanti, via email. \u201cIf your vulnerability-management criteria use vendor severity or CVSS score as criteria for determining what should be updated, you should re-evaluate your criteria to ensure exploited vulnerabilities like this do not slip past your prioritization process.\u201d\n\nThe zero-day was found by Kaspersky researchers as a result of a separate zero-day exploit for Google Chrome that was seen in November, being used to execute arbitrary code on a victim\u2019s machine. The newly discovered Windows EoP was embedded into a previously discovered Google Chrome exploit, the firm said: \u201cIt was used to gain higher privileges in the infected machine as well as to escape the Chrome process sandbox \u2013 a component built to protect the browser and the victim\u2019s computer from malicious attacks.\u201d\n\nThe exploits are being used by a threat group called \u201cWizardOpium.\u201d\n\nMicrosoft has addressed the vulnerability by correcting how Win32k handles objects in memory. The flaw is also similar to the CVE-2019-0859 bug reported in April, for which an exploit was developed and found being sold on [underground markets](<https://securelist.com/new-win32k-zero-day-cve-2019-0859/90435/>).\n\n## Critical Bugs\n\nIn terms of the critical bugs included in this month\u2019s Patch Tuesday, a critical remote code-execution (RCE) vulnerability in Win32k Graphics ([CVE-2019-1468](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1468?ranMID=43674&ranEAID=je6NUbpObpQ&ranSiteID=je6NUbpObpQ-mFIAATdHZaWiphGfgHHVaQ&epi=je6NUbpObpQ-mFIAATdHZaWiphGfgHHVaQ&irgwc=1&OCID=AID2000142_aff_7795_1243925&tduid=\\(ir__6kyw1a3v19kfrhwjkk0sohzn0n2xgdsnx6wdqz2h00\\)\\(7795\\)\\(1243925\\)\\(je6NUbpObpQ-mFIAATdHZaWiphGfgHHVaQ\\)\\(\\)&irclickid=_6kyw1a3v19kfrhwjkk0sohzn0n2xgdsnx6wdqz2h00>)) would allow an adversary to create a new account with full user rights, install programs, and view, change or delete data. It exists due to the Windows font library improperly handling specially crafted embedded fonts. Attack vectors would be via a malicious document, or by luring users to a specially crafted website containing the exploit code.\n\n\u201cTo exploit the vulnerability, an attacker would need to run a specially crafted application on the guest operating system, resulting in execution of arbitrary code on the host operating system,\u201d said Narang.\n\nAlso on the RCE front, critical-rated [CVE-2019-1471](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1471>) in Windows Hyper-V exists due to improper validation of inputs from an authenticated user on the guest operating system by the host server.\n\n\u201cThis critical-rated patch fixes a bug in Hyper-V that would allow a user on a guest OS to execute arbitrary code on the underlying host OS,\u201d explained Dustin Childs, researcher with Trend Micro\u2019s Zero-Day Initiative. \u201cBugs like this have been demonstrated at Pwn2Own in the past, and they\u2019re always fun to watch. Considering how much modern computing depends on virtualization, it\u2019s likely we\u2019ll continue to see research that focuses on exploiting the hypervisor from a guest OS.\u201d\n\nMicrosoft also announced five critical vulnerabilities for Microsoft\u2019s Git for Visual Studio 2017 and 2019 (CVE-2019-1349, CVE-2019-1350, CVE-2019-1352, CVE-2019-1354, CVE-2019-1387).\n\nThe description for all of them [is identical:](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1349>) an RCE bug that exists when Git for Visual Studio client improperly sanitizes input (sanitization is the process of modifying input to ensure that it is actually valid).\n\n\u201cAs Visual Studio is one of the most popular development environments used today to design and build applications, this exploit puts engineering organizations on the front lines of a potential attack,\u201d explained Richard Melick, senior technology product manager at Automox, via email. \u201cIf left unpatched, engineering and development groups would be at risk to being the point of entry for malware deployment, lateral movement through the network, rogue account creation, and theft of proprietary application code.\u201d\n\nIn order to exploit any of these Visual Studio vulnerabilities, an attacker would need to use the Git client to download a malicious repository to the victim\u2019s endpoint.\n\n\u201cWhile not common, it is still possible using fairly simple techniques,\u201d Melick said. \u201cBy running intelligence gathering in channels like LinkedIn and job listings, an attacker could learn about an organization\u2019s use of Visual Studio and the details of the open-source projects in play. From there, entry into the network could come through a common phishing email technique to the engineering for help troubleshooting a compatibility issue with their open-source software, providing a link to the Git repository, or even for an interview as an example of previous work. The engineering team would then download the malicious repo, allowing the malicious code to execute, giving attacker access.\u201d\n\n## Additional Notes\n\nOne other bug that stood out to researchers in the update is [CVE-2019-1469](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1469>), an important-rated Win32k information disclosure vulnerability that exists when a Win32k component improperly provides kernel information.\n\n\u201cA successful attack through this vulnerability could result in private data being revealed to an attacker, providing necessary information to further compromise the victim\u2019s system,\u201d Melick said. \u201cA successful attack relies on access to the machine to load a specially crafted application.\u201d\n\nAnd finally, it\u2019s also worth mentioning that there is only one Patch Tuesday left (in January) until Windows 7 and Server 2008\\2008 R2 reach end-of-life and Microsoft stops issuing security fixes for them.\n\n\u201cThere is no doubt we are going to see a similar situation to the Windows XP end-of-service with a large number of these machines still in use and not updated,\u201d Melick said. \u201cIt is safe to assume that many of these machines in this bucket are falling under unmanaged or mission-critical categories with no clear path to update.\u201d\n\nAlso on Patch Tuesday, [Adobe issued 17 critical vulnerabilities](<https://threatpost.com/adobe-fixes-critical-acrobat-photoshop-brackets-flaws/150970/>) in Acrobat Reader, Photoshop and Brackets, which could lead to arbitrary code execution if exploited.\n\n[**Free Threatpost Webinar:**](<https://attendee.gotowebinar.com/register/7725318633369800449?source=art>) **_Risk around third-party vendors is real and can lead to data disasters. We rely on third-party vendors, but that doesn\u2019t mean forfeiting security. _**[**_Join us on Dec. 18th at 2 pm EST_**](<https://attendee.gotowebinar.com/register/7725318633369800449?source=art>)**_ as Threatpost looks at managing third-party relationship risks with industry experts Dr. Larry Ponemon, of Ponemon Institute; Harlan Carvey, with Digital Guardian and Flashpoint\u2019s Lance James. _**[**_Click here to register_**](<https://attendee.gotowebinar.com/register/7725318633369800449?source=art>)**_._**\n", "cvss3": {}, "published": "2019-12-10T21:21:24", "type": "threatpost", "title": "Microsoft Zaps Actively Exploited Zero-Day Bug", "bulletinFamily": "info", "cvss2": {}, "cvelist": ["CVE-2019-0859", "CVE-2019-1349", "CVE-2019-1350", "CVE-2019-1352", "CVE-2019-1354", "CVE-2019-1387", "CVE-2019-1458", "CVE-2019-1468", "CVE-2019-1469", "CVE-2019-1471"], "modified": "2019-12-10T21:21:24", "id": "THREATPOST:7E0D83AD71F0D13E7AF6CC3E38AC5F6F", "href": "https://threatpost.com/microsoft-actively-exploited-zero-day-bug/150992/", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "symantec": [{"lastseen": "2021-06-08T18:57:41", "description": "### Description\n\nGit is prone to an arbitrary code-execution vulnerability. A remote attacker may exploit this issue to execute arbitrary code in the context of the affected application. Failed attempts will likely cause a denial-of-service condition. Git versions prior to 2.20.2, 2.21.x through and prior to 2.21.1, 2.22.x through and prior to 2.22.2, 2.23.x through and prior to 2.23.1, and 2.24.x through and prior to 2.24.1 are vulnerable.\n\n### Technologies Affected\n\n * GIT GIT 1.1.4 \n * GIT GIT 1.1.5 \n * GIT GIT 1.4.4.5 \n * GIT GIT 1.5.2 4 \n * GIT GIT 1.5.4 6 \n * GIT GIT 1.5.4 7 \n * GIT GIT 1.5.5 5 \n * GIT GIT 1.5.5 6 \n * GIT GIT 1.5.5 \n * GIT GIT 1.5.6 .3 \n * GIT GIT 1.5.6 .4 \n * GIT GIT 1.5.6 5 \n * GIT GIT 1.5.6 6 \n * GIT GIT 1.5.6 \n * GIT GIT 1.6.0 5 \n * GIT GIT 1.6.0 6 \n * GIT GIT 1.6.3.2 \n * GIT GIT 1.7.2 \n * GIT GIT 1.7.3.3 \n * GIT GIT 1.7.3.4 \n * GIT GIT 1.8 \n * GIT GIT 1.8.1.3 \n * GIT GIT 1.8.1.4 \n * GIT GIT 1.8.5.0 \n * GIT GIT 1.8.5.5 \n * GIT GIT 1.8.5.6 \n * GIT GIT 1.9.0 \n * GIT GIT 1.9.2 \n * GIT GIT 1.9.3 \n * GIT GIT 1.9.4 \n * GIT GIT 1.9.5 \n * GIT GIT 2.0.0 \n * GIT GIT 2.0.4 \n * GIT GIT 2.0.5 \n * GIT GIT 2.1.0 \n * GIT GIT 2.1.3 \n * GIT GIT 2.1.4 \n * GIT GIT 2.10.0 \n * GIT GIT 2.10.3 \n * GIT GIT 2.10.4 \n * GIT GIT 2.10.5 \n * GIT GIT 2.11.0 \n * GIT GIT 2.11.2 \n * GIT GIT 2.11.3 \n * GIT GIT 2.11.4 \n * GIT GIT 2.12 \n * GIT GIT 2.12.0 \n * GIT GIT 2.12.3 \n * GIT GIT 2.12.4 \n * GIT GIT 2.12.5 \n * GIT GIT 2.13.0 \n * GIT GIT 2.13.1 \n * GIT GIT 2.13.2 \n * GIT GIT 2.13.3 \n * GIT GIT 2.13.4 \n * GIT GIT 2.13.5 \n * GIT GIT 2.13.6 \n * GIT GIT 2.13.7 \n * GIT GIT 2.14.0 \n * GIT GIT 2.14.1 \n * GIT GIT 2.14.2 \n * GIT GIT 2.14.3 \n * GIT GIT 2.14.4 \n * GIT GIT 2.14.5 \n * GIT GIT 2.15.0 \n * GIT GIT 2.15.1 \n * GIT GIT 2.15.2 \n * GIT GIT 2.15.3 \n * GIT GIT 2.16.0 \n * GIT GIT 2.16.3 \n * GIT GIT 2.16.4 \n * GIT GIT 2.16.5 \n * GIT GIT 2.17.0 \n * GIT GIT 2.17.1 \n * GIT GIT 2.17.2 \n * GIT GIT 2.18.0 \n * GIT GIT 2.18.1 \n * GIT GIT 2.19.0 \n * GIT GIT 2.19.1 \n * GIT GIT 2.19.2 \n * GIT GIT 2.19.3 \n * GIT GIT 2.2.0 \n * GIT GIT 2.2.1 \n * GIT GIT 2.20.0 \n * GIT GIT 2.20.1 \n * GIT GIT 2.21.0 \n * GIT GIT 2.22.0 \n * GIT GIT 2.22.1 \n * GIT GIT 2.23.0 \n * GIT GIT 2.24.0 \n * GIT GIT 2.3.0 \n * GIT GIT 2.3.1 \n * GIT GIT 2.3.10 \n * GIT GIT 2.3.2 \n * GIT GIT 2.3.3 \n * GIT GIT 2.3.4 \n * GIT GIT 2.3.5 \n * GIT GIT 2.3.6 \n * GIT GIT 2.3.7 \n * GIT GIT 2.3.8 \n * GIT GIT 2.3.9 \n * GIT GIT 2.4.1 \n * GIT GIT 2.4.10 \n * GIT GIT 2.4.12 \n * GIT GIT 2.4.2 \n * GIT GIT 2.4.3 \n * GIT GIT 2.4.4 \n * GIT GIT 2.4.5 \n * GIT GIT 2.4.6 \n * GIT GIT 2.4.7 \n * GIT GIT 2.4.8 \n * GIT GIT 2.4.9 \n * GIT GIT 2.5.0 \n * GIT GIT 2.5.1 \n * GIT GIT 2.5.2 \n * GIT GIT 2.5.3 \n * GIT GIT 2.5.4 \n * GIT GIT 2.5.6 \n * GIT GIT 2.6.0 \n * GIT GIT 2.6.1 \n * GIT GIT 2.6.7 \n * GIT GIT 2.7.0 \n * GIT GIT 2.7.1 \n * GIT GIT 2.7.5 \n * GIT GIT 2.7.6 \n * GIT GIT 2.8.0 \n * GIT GIT 2.8.5 \n * GIT GIT 2.8.6 \n * GIT GIT 2.9.0 \n * GIT GIT 2.9.4 \n * GIT GIT 2.9.5 \n * Ubuntu Ubuntu Linux 16.04 LTS \n * Ubuntu Ubuntu Linux 18.04 LTS \n * Ubuntu Ubuntu Linux 19.04 \n * Ubuntu Ubuntu Linux 19.10 \n\n### Recommendations\n\n**Block external access at the network boundary, unless external parties require service.** \nIf global access isn't needed, filter access to the affected computer at the network boundary. Restricting access to only trusted computers and networks might greatly reduce the likelihood of a successful exploit.\n\n**Run all software as a nonprivileged user with minimal access rights.** \nTo reduce the impact of latent vulnerabilities, always run nonadministrative software as an unprivileged user with minimal access rights.\n\nUpdates are available. Please see the references or vendor advisory for more information.\n", "edition": 2, "cvss3": {}, "published": "2019-12-10T00:00:00", "type": "symantec", "title": "Git CVE-2019-19604 Arbitrary Code Execution Vulnerability", "bulletinFamily": "software", "cvss2": {}, "cvel
