87 matches found
Information disclosure
git-annex is vulnerable to an Information Exposure when decrypting files. A malicious server for a special remote could trick git-annex into decrypting a file that was encrypted to the user's gpg key. This attack could be used to expose encrypted data that was never stored in git-annex...
CVE-2018-10859
git-annex is vulnerable to an Information Exposure when decrypting files. A malicious server for a special remote could trick git-annex into decrypting a file that was encrypted to the user's gpg key. This attack could be used to expose encrypted data that was never stored in git-annex...
CVE-2018-10859
git-annex is vulnerable to an Information Exposure when decrypting files. A malicious server for a special remote could trick git-annex into decrypting a file that was encrypted to the user's gpg key. This attack could be used to expose encrypted data that was never stored in git-annex...
CVE-2018-10859
git-annex is vulnerable to an Information Exposure when decrypting files. A malicious server for a special remote could trick git-annex into decrypting a file that was encrypted to the user's gpg key. This attack could be used to expose encrypted data that was never stored in git-annex...
UBUNTU-CVE-2018-10859
git-annex is vulnerable to an Information Exposure when decrypting files. A malicious server for a special remote could trick git-annex into decrypting a file that was encrypted to the user's gpg key. This attack could be used to expose encrypted data that was never stored in git-annex...
CVE-2018-10859
git-annex is vulnerable to an Information Exposure when decrypting files. A malicious server for a special remote could trick git-annex into decrypting a file that was encrypted to the user's gpg key. This attack could be used to expose encrypted data that was never stored in git-annex...
CVE-2018-10859
git-annex (CVE-2018-10859) is vulnerable to Information Exposure when decrypting files. A malicious server on a special remote could trick git-annex into decrypting data encrypted to the user’s gpg key, exposing encrypted data not stored in git-annex. Public advisories show fixes in git-annex aro...
CVE-2018-10859
git-annex is vulnerable to an Information Exposure when decrypting files. A malicious server for a special remote could trick git-annex into decrypting a file that was encrypted to the user's gpg key. This attack could be used to expose encrypted data that was never stored in git-annex...
Fedora Update for git-annex FEDORA-2018-7e8c49a451
The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora Update for git-annex FEDORA-2018-e22c8eb218
The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 27 : git-annex (2018-7e8c49a451)
Update to 6.20180626 Security fix for CVE-2018-10857 and CVE-2018-10859 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introduci...
[SECURITY] Fedora 28 Update: git-annex-6.20180626-1.fc28
Git-annex allows managing files with git, without checking the file contents into git. While that may seem paradoxical, it is useful when dealing with f iles larger than git can currently easily handle, whether due to limitations in memory, time, or disk space. It can store large files in many...
[SECURITY] Fedora 27 Update: git-annex-6.20180626-1.fc27
Git-annex allows managing files with git, without checking the file contents into git. While that may seem paradoxical, it is useful when dealing with f iles larger than git can currently easily handle, whether due to limitations in memory, time, or disk space. It can store large files in many...
Security update for git-annex (moderate)
This update for git-annex to version 6.20180626 fixes the following issues: - CVE-2018-10857: Prevent file content disclosure by refusing to download content that cannot be verified with a hash, from encrypted special remotes and glacier bsc1098062. - CVE-2018-10859: Prevent local gpg encrypted...
Security update for git-annex (moderate)
This update for git-annex to version 6.20180626 fixes the following issues: - CVE-2018-10857: Prevent file content disclosure by refusing to download content that cannot be verified with a hash, from encrypted special remotes and glacier bsc1098062. - CVE-2018-10859: Prevent local gpg encrypted...
openSUSE Security Update : git-annex (openSUSE-2018-697)
This update for git-annex to version 6.20180626 fixes the following issues : - CVE-2018-10857: Prevent file content disclosure by refusing to download content that cannot be verified with a hash, from encrypted special remotes and glacier bsc1098062. - CVE-2018-10859: Prevent local gpg encrypted...
openSUSE: Security Advisory for git-annex (openSUSE-SU-2018:1896-1)
The remote host is missing an update for the Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
PT-2018-10145
Name of the Vulnerable Software and Affected Versions git-annex affected versions not specified Description The issue concerns a private data exposure and exfiltration attack in git-annex. It could expose the content of files located outside the git-annex repository or content from a private web...
PT-2018-10146
Name of the Vulnerable Software and Affected Versions git-annex affected versions not specified Description The issue concerns an Information Exposure when decrypting files. A malicious server for a special remote could trick git-annex into decrypting a file that was encrypted to the user's GPG...
[ASA-201807-2] git-annex: multiple issues
Arch Linux Security Advisory ASA-201807-2 ========================================= Severity: High Date : 2018-07-04 CVE-ID : CVE-2018-10857 CVE-2018-10859 Package : git-annex Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-725 Summary ======= The package git-annex...