PT-2018-10146

Name of the Vulnerable Software and Affected Versions git-annex affected versions not specified Description The issue concerns an Information Exposure when decrypting files. A malicious server for a special remote could trick git-annex into decrypting a file that was encrypted to the user's GPG...

openSUSE: Security Advisory for git-annex (openSUSE-SU-2018:1896-1)

The remote host is missing an update for the Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

openSUSE Security Update : git-annex (openSUSE-2018-697)

This update for git-annex to version 6.20180626 fixes the following issues : - CVE-2018-10857: Prevent file content disclosure by refusing to download content that cannot be verified with a hash, from encrypted special remotes and glacier bsc1098062. - CVE-2018-10859: Prevent local gpg encrypted...

[SECURITY] Fedora 28 Update: libgit2-0.26.4-1.fc28

libgit2 is a portable, pure C implementation of the Git core methods provided as a re-entrant linkable library with a solid API, allowing you to write native speed custom Git applications in any language with bindings...

[SECURITY] Fedora 27 Update: libgit2-0.26.4-1.fc27

libgit2 is a portable, pure C implementation of the Git core methods provided as a re-entrant linkable library with a solid API, allowing you to write native speed custom Git applications in any language with bindings...

[ASA-201807-2] git-annex: multiple issues

Arch Linux Security Advisory ASA-201807-2 ========================================= Severity: High Date : 2018-07-04 CVE-ID : CVE-2018-10857 CVE-2018-10859 Package : git-annex Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-725 Summary ======= The package git-annex...

SUSE-SU-2018:1872-1 Security update for git

This update for git to version 2.16.4 fixes several issues. These security issues were fixed: - CVE-2018-11233: Path sanity-checks on NTFS allowed attackers to read arbitrary memory bsc1095218 - CVE-2018-11235: Arbitrary code execution when recursively cloning a malicious repository bsc1095219...

EulerOS 2.0 SP3 : git (EulerOS-SA-2018-1216)

According to the version of the git packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - arbitrary code execution when recursively cloning a malicious repository CVE-2018-11235 Note that Tenable Network Security has extracted the preceding...

EulerOS 2.0 SP2 : git (EulerOS-SA-2018-1215)

According to the version of the git packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - arbitrary code execution when recursively cloning a malicious repository CVE-2018-11235 Note that Tenable Network Security has extracted the preceding...

CentOS 7 : git (CESA-2018:1957)

An update for git is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the C...

[SECURITY] Fedora 28 Update: pass-1.7.2-1.fc28

Stores, retrieves, generates, and synchronizes passwords securely using gpg and git...

[SECURITY] Fedora 27 Update: pass-1.7.2-1.fc27

Stores, retrieves, generates, and synchronizes passwords securely using gpg and git...

CentOS Update for emacs-git CESA-2018:1957 centos7

Check the version of emacs-git SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882913";...

emacs, git, gitk, gitweb, perl security update

CentOS Errata and Security Advisory CESA-2018:1957 An update for git is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

Scientific Linux Security Update : git on SL7.x x86_64 (20180620)

Security Fixes : - git: arbitrary code execution when recursively cloning a malicious repository CVE-2018-11235 C Tenable Network Security, Inc. The descriptive text is C Scientific Linux. include'compat.inc'; if description scriptid110655; scriptversion"1.7";...

git: arbitrary code execution when recursively cloning a malicious repository

In Git before 2.13.7, 2.14.x before 2.14.4, 2.15.x before 2.15.2, 2.16.x before 2.16.4, and 2.17.x before 2.17.1, remote code execution can occur. With a crafted .gitmodules file, a malicious project can execute an arbitrary script on a machine that runs "git clone --recurse-submodules" because...

Important: Red Hat Security Advisory: git security update

An update for git is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the C...

Oracle Linux 7 : git (ELSA-2018-1957)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2018-1957 advisory. - Backport fix for CVE-2018-1123 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus has no...

RHEL 7 : git (RHSA-2018:1957)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2018:1957 advisory. Git is a distributed revision control system with a decentralized architecture. As opposed to centralized version control systems with a client-serve...

git security update

1.8.3.1-14 - Backport fix for CVE-2018-1123 - Thanks to Jonathan Nieder for backporting to 2.1.x and to Steve Beattie for backporting to 1.9.1...