148 matches found
Input validation
Fossil before 2.14.2 and 2.15.x before 2.15.2 often skips the hostname check during TLS certificate validation...
CVE-2021-36377
Fossil before 2.14.2 and 2.15.x before 2.15.2 often skips the hostname check during TLS certificate validation...
CVE-2021-36377
Fossil before 2.14.2 and 2.15.x before 2.15.2 often skips the hostname check during TLS certificate validation...
CVE-2021-36377
Fossil before 2.14.2 and 2.15.x before 2.15.2 often skips the hostname check during TLS certificate validation...
CVE-2021-36377
Fossil before 2.14.2 and 2.15.x before 2.15.2 often skips the hostname check during TLS certificate validation...
CVE-2021-36377
CVE-2021-36377 affects Fossil prior to 2.14.2 and 2.15.x before 2.15.2, where TLS hostname verification can be bypassed due to hostname checks being skipped during certificate validation. Impact: potential MITM spoofing of Fossil repositories and information disclosure. Remediation: upgrade Fossi...
CVE-2021-36377
Fossil before 2.14.2 and 2.15.x before 2.15.2 often skips the hostname check during TLS certificate validation...
Fossil 信任管理问题漏洞
Fossil is a simple, highly reliable distributed software configuration management system. A security vulnerability exists in Fossil that stems from a hostname check that is commonly skipped during certificate validation. This issue affects: versions prior to 2.15, versions prior to 2.14. No detai...
Friday Squid Blogging: Fossil of Squid Eating and Being Eaten
We now have a fossil of a squid eating a crustacean while it is being eaten by a shark. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here...
Friday Squid Blogging: 500-Million-Year-Old Cephalopod
The oldest known cephalopod -- the ancestor of all modern octopuses, squid, cuttlefish and nautiluses -- is 500 million years old. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here...
Friday Squid Blogging: Vampire Squid Fossil
A 30-million-year-old vampire squid fossil was found, lost, and then re-found in Hungary. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here...
Fedora 32 : fossil (2020-50be892d25)
Upgrade to fossil 2.12.1 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. C Tenable Network Securit...
Fedora 33 : fossil (2020-ac6cf99f87)
Upgrade to fossil 2.12.1 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. C Tenable Network Securit...
[SECURITY] Fedora 33 Update: fossil-2.12.1-1.fc33
Fossil is a simple, high-reliability, distributed software configuration management with distributed bug tracking, distributed wiki and built-in web interface...
[SECURITY] Fedora 32 Update: fossil-2.12.1-1.fc32
Fossil is a simple, high-reliability, distributed software configuration management with distributed bug tracking, distributed wiki and built-in web interface...
Fedora: Security Advisory for fossil (FEDORA-2020-50be892d25)
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Fedora: Security Advisory for fossil (FEDORA-2020-ac6cf99f87)
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Fossil: Multiple vulnerabilities
Background Fossil is a simple, high-reliability, distributed software configuration management system. Description Multiple vulnerabilities have been discovered in Fossil. Please review the CVE identifiers referenced below for details. Impact A remote attacker could entice a user to open a...
GLSA-202011-04 : Fossil: Multiple vulnerabilities
The remote host is affected by the vulnerability described in GLSA-202011-04 Fossil: Multiple vulnerabilities Multiple vulnerabilities have been discovered in Fossil. Please review the CVE identifiers referenced below for details. Impact : A remote attacker could entice a user to open a specially...
openSUSE Security Update : fossil (openSUSE-2020-1478)
This update for fossil fixes the following issues : - fossil 2.12.1 : - CVE-2020-24614: Remote authenticated users with check-in or administrative privileges could have executed arbitrary code boo1175760 - Security fix in the 'fossil git export' command. New 'safety-net' features were added to...