10096 matches found
CVE-2017-17458
In Mercurial before 4.4.1, it is possible that a specially malformed repository can cause Git subrepositories to run arbitrary code in the form of a .git/hooks/post-update script checked into the repository. Typical use of Mercurial prevents construction of such repositories, but they can be...
CVE-2017-17458
CVE-2017-17458 affects Mercurial prior to 4.4.1. A specially malformed repository can cause Git subrepositories to execute arbitrary code via a checked-in .git/hooks/post-update script. This condition can occur despite typical Mercurial usage preventing such repositories, though they can be creat...
Fedora Update for git FEDORA-2017-742be0e59c
The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
WebDavC2 - A WebDAV C2 Tool
WebDavC2 is a PoC of using the WebDAV protocol with PROPFIND only requests to serve as a C2 communication channel between an agent, running on the target system, and a controller acting as the actuel C2 server. Architecture WebDavC2 is composed of: a controller, written in Python, which acts as t...
MGASA-2017-0440 Updated git packages fix security vulnerability
Git through 2.14.2 mishandles layers of tree objects, which allows remote attackers to cause a denial of service memory consumption via a crafted repository, aka a Git bomb. This can also have an impact of disk consumption; however, an affected process typically would not survive its attempt to...
Updated git packages fix security vulnerability
Git through 2.14.2 mishandles layers of tree objects, which allows remote attackers to cause a denial of service memory consumption via a crafted repository, aka a Git bomb. This can also have an impact of disk consumption; however, an affected process typically would not survive its attempt to...
Internet Bug Bounty: Mercurial git subrepo lead to arbritary command injection
Hi IBB, I'd like to submit a issue exist in Mercurial. It is possible that a specially malformed repository can cause Git subrepositories to run arbitrary code in the form of a .git/hooks/post-update script checked in to the repository in Mercurial 4.4 and earlier. Typical use of Mercurial preven...
Fedora 26 : git (2017-742be0e59c)
Previous versions of git mishandled layers of tree objects, which allowed remote attackers to cause a denial of service memory consumption via a crafted repository, aka a git bomb. This can also have an impact of disk consumption; however, an affected process typically would not survive its attem...
[SECURITY] Fedora 26 Update: git-2.13.6-2.fc26
Git is a fast, scalable, distributed revision control system with an unusually rich command set that provides both high-level operations and full access to internals. The git rpm installs common set of tools which are usually using with small amount of dependencies. To install all git packages,...
HOWTO: Prevent your AWS credentials and other secrets from being exposed in code repositories
Uber had AWS credentials exposed on GitHub. As thousands of other companies do. It has been known for a while that nuggets such as private keys and credentials can be found with the GitHub search functionality or with Google dorks so looking for sensitive information in GitHub repositories is not...
[SECURITY] Fedora 25 Update: rpkg-1.51-2.fc25
Python library for interacting with rpm+git...
[SECURITY] Fedora 25 Update: fedpkg-1.30-4.fc25
Provides the fedpkg command for working with dist-git...
[SECURITY] Fedora 26 Update: rpkg-1.51-2.fc26
Python library for interacting with rpm+git...
[SECURITY] Fedora 26 Update: fedpkg-1.30-4.fc26
Provides the fedpkg command for working with dist-git...
Fedora Update for git FEDORA-2017-2c7ddf53d3
The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora Update for git-annex FEDORA-2017-fb1ae91f46
The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] Fedora 27 Update: git-2.14.3-2.fc27
Git is a fast, scalable, distributed revision control system with an unusually rich command set that provides both high-level operations and full access to internals. The git rpm installs common set of tools which are usually using with small amount of dependencies. To install all git packages,...
[SECURITY] Fedora 27 Update: rpkg-1.51-2.fc27
Python library for interacting with rpm+git...
[SECURITY] Fedora 27 Update: fedpkg-1.30-4.fc27
Provides the fedpkg command for working with dist-git...
[SECURITY] Fedora 27 Update: git-annex-6.20170925-3.fc27
Git-annex allows managing files with git, without checking the file contents into git. While that may seem paradoxical, it is useful when dealing with f iles larger than git can currently easily handle, whether due to limitations in memory, time, or disk space. It can store large files in many...