1764 matches found
emacs, mercurial security update
CentOS Errata and Security Advisory CESA-2017:2489 An update for mercurial is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severi...
asterisk -- Unauthorized data disclosure and shell access command injection in app_minivm
The Asterisk project reports: AST-2017-005 - A change was made to the strict RTP support in the RTP stack to better tolerate late media when a reinvite occurs. When combined with the symmetric RTP support this introduced an avenue where media could be hijacked. Instead of only learning a new...
CentOS 7 : git (CESA-2017:2484)
An update for git is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the C...
mod_dav_svn, subversion security update
CentOS Errata and Security Advisory CESA-2017:2480 An update for subversion is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...
emacs, git, gitk, gitweb, perl security update
CentOS Errata and Security Advisory CESA-2017:2484 An update for git is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...
Scientific Linux Security Update : git on SL7.x x86_64 (20170817)
Security Fixes : - A shell command injection flaw related to the handling of 'ssh' URLs has been discovered in Git. An attacker could use this flaw to execute shell commands with the privileges of the user running the Git client, for example, when performing a 'clone' action on a malicious...
Scientific Linux Security Update : subversion on SL7.x x86_64 (20170816)
Security Fixes : - A shell command injection flaw related to the handling of 'svn+ssh' URLs has been discovered in Subversion. An attacker could use this flaw to execute shell commands with the privileges of the user running the Subversion client, for example when performing a 'checkout' or...
Scientific Linux Security Update : mercurial on SL7.x x86_64 (20170817)
Security Fixes : - A vulnerability was found in the way Mercurial handles path auditing and caches the results. An attacker could abuse a repository with a series of commits mixing symlinks and regular files/directories to trick Mercurial into writing outside of a given repository. CVE-2017-10001...
Debian DLA-1061-1 : newsbeuter security update
Jeriko One discovered that newsbeuter, a text-mode RSS feed reader, did not properly escape the title and description of a news article when bookmarking it. This allowed a remote attacker to run an arbitrary shell command on the client machine. For Debian 7 'Wheezy', these problems have been fixe...
MGASA-2017-0284 Updated cvs package fixes security vulnerability
It was discovered that CVS, a centralised version control system, did not correctly handle maliciously constructed repository URLs, which allowed an attacker to run an arbitrary shell command CVE-2017-12836...
Updated cvs package fixes security vulnerability
It was discovered that CVS, a centralised version control system, did not correctly handle maliciously constructed repository URLs, which allowed an attacker to run an arbitrary shell command CVE-2017-12836...
[SECURITY] [DSA 3947-1] newsbeuter security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3947-1 [email protected] https://www.debian.org/security/ Sebastien Delafond August 18, 2017 https://www.debian.org/security/faq -...
[SECURITY] [DSA 3947-1] newsbeuter security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3947-1 [email protected] https://www.debian.org/security/ Sebastien Delafond August 18, 2017 https://www.debian.org/security/faq -...
Scientific Linux Security Update : git on SL6.x i386/x86_64 (20170817)
Security Fixes : - A shell command injection flaw related to the handling of 'ssh' URLs has been discovered in Git. An attacker could use this flaw to execute shell commands with the privileges of the user running the Git client, for example, when performing a 'clone' action on a malicious...
CentOS Update for emacs-git CESA-2017:2485 centos6
Check the version of emacs-git SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882761";...
RHEL 7 : mercurial (RHSA-2017:2489)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2017:2489 advisory. Mercurial is a fast, lightweight source control management system designed for efficient handling of very large distributed projects. Securi...
Oracle Linux 6 : git (ELSA-2017-2485)
The remote Oracle Linux 6 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2017-2485 advisory. 1.7.1-9 - prevent command injection via malicious ssh URLs Resolves: CVE-2017-1000117 Tenable has extracted the preceding description block directly from the...
Important: Red Hat Security Advisory: rh-git29-git security update
An update for rh-git29-git is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...
git: Command injection via malicious ssh URLs
A shell command injection flaw related to the handling of "ssh" URLs has been discovered in Git. An attacker could use this flaw to execute shell commands with the privileges of the user running the Git client, for example, when performing a "clone" action on a malicious repository or a legitimat...
Important: Red Hat Security Advisory: mercurial security update
An update for mercurial is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...