Git 'path_name()' heap buffer overflow vulnerability (CNVD-2016-01735)

Git is a free, open source distributed version control system. A security vulnerability exists in versions of Git prior to 2.7.1, which can be exploited by an attacker to cause a denial of service heap buffer overflow...

openSUSE Security Update : git (openSUSE-2016-355)

This update for git fixes a buffer overflow issue that had the potential to be abused for remote execution of arbitrary code CVE-2016-2315, CVE-2016-2324, bsc971328. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from...

openSUSE: Security Advisory for git (openSUSE-SU-2016:0802-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security update for git (important)

This update for git fixes a buffer overflow issue that had the potential to be abused for remote execution of arbitrary code CVE-2016-2315, CVE-2016-2324, bsc971328...

v2. 7. 1 The following version of the Git in the presence of vulnerabilities, or may lead to remote code execution-vulnerability warning-the black bar safety net

It is understood that the security researchers in 2. 7. 1 version before all versions of the Git found a security vulnerability in its server and client are the presence of this vulnerability. An attacker can exploit this vulnerability to cause the target system to a buffer overflow, resulting in...

SUSE SLES12 Security Update : git (SUSE-SU-2016:0796-1)

This update for git fixes a buffer overflow issue that had the potential to be abused for remote execution of arbitrary code CVE-2016-2315, CVE-2016-2324, bsc971328. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable...

Security fix for the ALT Linux 10 package git version 2.6.5-alt3

March 17, 2016 Dmitry V. Levin 2.6.5-alt3 - Merged jk/path-name-safety-2.6 fixes CVE‑2016‑2315 and CVE-2016-2324; closes: 31896...

FreeBSD : git -- potential code execution (93ee802e-ebde-11e5-92ce-002590263bf5)

Debian reports : 'int' is the wrong data type for ... nlen assignment. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from the FreeBSD VuXML database : Copyright 2003-2018 Jacques Vidrine and contributors Redistribution a...

Security fix for the ALT Linux 8 package git version 2.6.5-alt3

March 17, 2016 Dmitry V. Levin 2.6.5-alt3 - Merged jk/path-name-safety-2.6 fixes CVE‑2016‑2315 and CVE-2016-2324; closes: 31896...

SUSE: Security Advisory for git (SUSE-SU-2016:0796-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE-SU-2016:0796-1 Security update for git

This update for git fixes a buffer overflow issue that had the potential to be abused for remote execution of arbitrary code CVE-2016-2315, CVE-2016-2324, bsc971328...

[slackware-security] git

New git packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix security issues. Here are the details from the Slackware 14.1 ChangeLog: patches/packages/git-2.7.3-i486-1slack14.1.txz: Upgraded. Fixed buffer overflows allowing server and client side remote code...

UBUNTU-CVE-2016-2315

revision.c in git before 2.7.4 uses an incorrect integer data type, which allows remote attackers to execute arbitrary code via a 1 long filename or 2 many nested trees, leading to a heap-based buffer overflow...

Git 版本<=2.7.1 远程代码执行漏洞

参考来源： http://seclists.org/oss-sec/2016/q1/645 Hello, original report describing the overflow is here http://pastebin.com/UX2P2jjg On 11/02/2016 16:50, Jeff King wrote this on the git security mailing list: On Thu, Feb 11, 2016 at 02:31:49PM +0100, 'Laël Cellier' via Git Security wrote: Ok the bug...

Slackware 13.0 / 13.1 / 13.37 / 14.0 / 14.1 / current : git (SSA:2016-075-01)

New git packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix security issues. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Slackware Security Advisory 2016-075-01. The text itself...

CVE-2016-2315

revision.c in git before 2.7.4 uses an incorrect integer data type, which allows remote attackers to execute arbitrary code via a 1 long filename or 2 many nested trees, leading to a heap-based buffer overflow...

UBUNTU-CVE-2016-2324

Integer overflow in Git before 2.7.4 allows remote attackers to execute arbitrary code via a 1 long filename or 2 many nested trees, which triggers a heap-based buffer overflow...

CVE-2016-2324

Integer overflow in Git before 2.7.4 allows remote attackers to execute arbitrary code via a 1 long filename or 2 many nested trees, which triggers a heap-based buffer overflow...

Fedora 22 : git-2.4.3-7.fc22 (2015-cf767c77c1)

git-2.1.0-6.fc21 - fix arbitrary code execution via crafted URLs Resolves: 1269797 git-2.4.3-7.fc22 - fix arbitrary code execution via crafted URLs Resolves: 1269797 git-2.5.0-2.fc23 - fix arbitrary code execution via crafted URLs Resolves: 1269797 Note that Tenable Network Security has extracted...

Fedora 23 : git-2.5.0-2.fc23 (2015-05b74288af)

git-2.1.0-6.fc21 - fix arbitrary code execution via crafted URLs Resolves: 1269797 git-2.4.3-7.fc22 - fix arbitrary code execution via crafted URLs Resolves: 1269797 git-2.5.0-2.fc23 - fix arbitrary code execution via crafted URLs Resolves: 1269797 Note that Tenable Network Security has extracted...