53 matches found
Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2018-2.0-0053
An update of 'git' packages of Photon OS has been released...
MGASA-2018-0267 Updated git packages fix security vulnerabilities
It was possible to trick the code that sanity-checks paths on NTFS into reading random piece of memory CVE-2018-11233. Submodule "names" come from the untrusted .gitmodules file, but we blindly append them to $GITDIR/modules to create our on-disk repo paths. This means you can do bad things by...
MGASA-2017-0440 Updated git packages fix security vulnerability
Git through 2.14.2 mishandles layers of tree objects, which allows remote attackers to cause a denial of service memory consumption via a crafted repository, aka a Git bomb. This can also have an impact of disk consumption; however, an affected process typically would not survive its attempt to...
MGASA-2017-0404 Updated git packages fix security vulnerability
The git subcommand cvsserver is a Perl script which makes excessive use of the backtick operator to invoke git. Unfortunately user input is used within some of those invocations, which can be a OS Command Injection vulnerability CVE-2017-14867...
MGASA-2017-0266 Updated git packages fix security vulnerability
Joern Schneeweisz discovered that git, a distributed revision control system, did not correctly handle maliciously constructed ssh:// URLs. This allowed an attacker to run an arbitrary shell command, for instance via git submodules CVE-2017-1000117...
[slackware-security] git
New git packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, 14.2, and -current to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: patches/packages/git-2.14.1-i586-1slack14.2.txz: Upgraded. Fixes security issues: A "ssh://..." URL can result in a "ssh"...
MGASA-2017-0153 Updated git packages fix security vulnerability
Timo Schmid of ERNW GmbH discovered that the Git git-shell, a restricted login shell for Git-only SSH access, allows a user to run an interactive pager by causing it to spawn "git upload-pack --help" CVE-2017-8386...
MGASA-2016-0119 Updated git packages fix security vulnerability
There is a buffer overflow vulnerability possibly leading to remote code execution in git. It can happen while pushing or cloning a repository with a large filename or a large number of nested trees CVE-2016-2315, CVE-2016-2324. The git package has been updated to version 2.7.4, which fixes this...
Mandriva Linux Security Advisory : git (MDVSA-2015:169)
Updated git packages fix security vulnerability : It was reported that git, when used as a client on a case-insensitive filesystem, could allow the overwrite of the .git/config file when the client performed a git pull. Because git permitted committing .Git/config or any case variation, on the pu...
MGASA-2014-0546 Updated git packages fix security vulnerability
It was reported that git, when used as a client on a case-insensitive filesystem, could allow the overwrite of the .git/config file when the client performed a "git pull". Because git permitted committing .Git/config or any case variation, on the pull this would replace the user's .git/config. If...
openSUSE Security Update : git (openSUSE-SU-2013:0380-1)
git imap-send was fixed to do SSL host verification. This can be disabled if necessary in the config file. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update openSUSE-2013-170. The text descripti...
Slackware Advisory SSA:2009-051-02 git
The remote host is missing an update as announced via advisory SSA:2009-051-02. OpenVAS Vulnerability Test $Id: esoftslkssa200905102.nasl 6598 2017-07-07 09:36:44Z cfischer $ Description: Auto-generated from the corresponding slackware advisory Authors: Thomas Reinke Copyright: Copyright c 2012...
PT-2010-5655 · Git +1 · Git +1
Name of the Vulnerable Software and Affected Versions: Git versions prior to 1.7.2.1 git-email affected versions not specified gitk affected versions not specified git-svn affected versions not specified git-arch affected versions not specified gitweb affected versions not specified git-cvs...