136 matches found
OPENSUSE-SU-2021:3300-1 Security update for git
This update for git fixes the following issues: - CVE-2021-40330: Fixed unexpected cross-protocol requests via newline character in gitconnectgit repository path bsc1189992...
SUSE-SU-2021:3300-1 Security update for git
This update for git fixes the following issues: - CVE-2021-40330: Fixed unexpected cross-protocol requests via newline character in gitconnectgit repository path bsc1189992...
openSUSE Security Update : git (openSUSE-2021-405)
This update for git fixes the following issues : - On case-insensitive filesystems, with support for symbolic links, if Git is configured globally to apply delay-capable clean/smudge filters such as Git LFS, Git could be fooled into running remote code during a clone. bsc1183026, CVE-2021-21300...
CVE-2020-28086
pass through 1.7.3 has a possibility of using a password for an unintended resource. For exploitation to occur, the user must do a git pull, decrypt a password, and log into a remote service with the password. If an attacker controls the central Git server or one of the other members' machines, a...
FreeBSD : malicious URLs can cause git to send a stored credential to wrong server (67765237-8470-11ea-a283-b42e99a1b9c3)
git security advisory reports : Git uses external 'credential helper' programs to store and retrieve passwords or other credentials from secure storage provided by the operating system. Specially crafted URLs that are considered illegal as of the recently published Git versions can cause Git to...
OPENSUSE-SU-2020:0598-1 Security update for git
This update for git fixes the following issues: Security issues fixed: CVE-2020-11008: Specially crafted URLs may have tricked the credentials helper to providing credential information that is not appropriate for the protocol in use and host being contacted bsc1169936 git was updated to 2.26.1...
Important: Red Hat Security Advisory: git security update
An update for git is now available for Red Hat Enterprise Linux 8.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is availab...
Fedora 31 : git (2020-cdef88bb89)
Security fix for CVE-2020-5260 From the upstream release notes : With a crafted URL that contains a newline in it, the credential helper machinery can be fooled to give credential information for a wrong host. The attack has been made impossible by forbidding a newline character in any value pass...
OPENSUSE-SU-2020:0524-1 Security update for git
This update for git fixes the following issues: - CVE-2020-5260: With a crafted URL that contains a newline in it, the credential helper machinery can be fooled to give credential information for a wrong host bsc1168930. This update was imported from the SUSE:SLE-15:Update update project...
Security update for git (important)
openSUSE Security Update: Security update for git Announcement ID: openSUSE-SU-2020:0524-1 Rating: important References: 1168930 Cross-References: CVE-2020-5260 Affected Products: openSUSE Leap 15.1 An update that fixes one vulnerability is now available. Description: This update for git fixes th...
SUSE-SU-2020:0991-1 Security update for git
This update for git fixes the following issues: - CVE-2020-5260: With a crafted URL that contains a newline in it, the credential helper machinery can be fooled to give credential information for a wrong host bsc1168930...
Important: Red Hat Security Advisory: git security update
An update for git is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the C...
git security update
1.8.3.1-21 - Fix CVE-2019-1387...
SUSE-SU-2019:3311-1 Security update for git
This update for git fixes the following issues: Security issues fixed: - CVE-2019-1349: Fixed issue on Windows, when submodules are cloned recursively, under certain circumstances Git could be fooled into using the same Git directory twice bsc1158787. - CVE-2019-19604: Fixed a recursive clone...
CVE-2019-19604
Arbitrary command execution is possible in Git before 2.20.2, 2.21.x before 2.21.1, 2.22.x before 2.22.2, 2.23.x before 2.23.1, and 2.24.x before 2.24.1 because a "git submodule update" operation can run commands found in the .gitmodules file of a malicious repository...
CVE-2019-19604
Arbitrary command execution is possible in Git before 2.20.2, 2.21.x before 2.21.1, 2.22.x before 2.22.2, 2.23.x before 2.23.1, and 2.24.x before 2.24.1 because a "git submodule update" operation can run commands found in the .gitmodules file of a malicious repository...
Important: git
Issue Overview: Git before 2.19.2 on Linux and UNIX executes commands from the current working directory as if '.' were at the end of $PATH in certain cases involving the runcommand API and run-command.c, because there was a dangerous change from execvp to execv during 2017.CVE-2018-19486 Affecte...
Important: Red Hat Security Advisory: rh-git29-git security update
An update for rh-git29-git is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...
Important: git
Issue Overview: Git before 2.14.5, allows remote code execution during processing of a recursive "git clone" of a superproject if a .gitmodules file has a URL field beginning with a '-' character.CVE-2018-17456 Affected Packages: git Note: This advisory is applicable to Amazon Linux 2 AL2 Core...
SUSE-SU-2018:1566-2 Security update for git
This update for git fixes several issues. These security issues were fixed: - CVE-2018-11233: Path sanity-checks on NTFS allowed attackers to read arbitrary memory bsc1095218 - CVE-2018-11235: Arbitrary code execution when recursively cloning a malicious repository bsc1095219...