DSA-3206-1 dulwich - security update

Bulletin has no description...

Debian: Security Advisory (DSA-3206-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE-SU-2015:0834-1 Security update for emacs

Emacs has been updated to fix the following issues: Several cases of insecure usage of temporary files. CVE-2014-3421, CVE-2014-3422, CVE-2014-3423, CVE-2014-3424 Use of vc-annotate for renamed files when using Git. bnc854683 Security Issues: CVE-2014-3421 CVE-2014-3422 CVE-2014-3423 CVE-2014-342...

Apple Xcode < 6.2 (Mac OS X)

The Apple Xcode installed on the remote Mac OS X host is prior to version 6.2. It is, therefore, affected by the following vulnerabilities : - Numerous errors exist related to the bundled version of Apache Subversion. CVE-2014-3522, CVE-2014-3528, CVE-2014-3580, CVE-2014-8108 - An error exists...

Gogs (Go Git Service) Detection (HTTP)

HTTP based detection of Gogs Go Git Service. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Authentication fails on Push to Stash

When I attempt to Push commit of a few dozen files to the Stash-hosted Git repository, I receive the attached error indicating an authentication failure...

Authentication fails on Push to Stash

When I attempt to Push commit of a few dozen files to the Stash-hosted Git repository, I receive the attached error indicating an authentication failure...

openSUSE Security Update : patch (openSUSE-SU-2015:0199-1)

This update fixes the following security issue : + Security fix for a directory traversal flaw when handling git-style patches. This could allow an attacker to overwrite arbitrary files by applying a specially crafted patch. boo913678 CVE-2015-1196 This update fixes the following issues : + When ...

openSUSE Security Update : git (openSUSE-SU-2015:0159-1)

This update fixes the following security issue : - CVE-2014-9390: arbitrary command execution vulnerability on case-insensitive file system bnc910756 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security...

CVE-2015-1395

Directory traversal vulnerability in GNU patch versions which support Git-style patching before 2.7.3 allows remote attackers to write to arbitrary files with the permissions of the target user via a .. dot dot in a diff file name...

Ubuntu: Security Advisory (USN-2470-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2015-1196

GNU patch 2.7.1 allows remote attackers to write to arbitrary files via a symlink attack in a patch file...

Git Client Path Validation Command Execution (CVE-2014-9390)

A command execution vulnerability exists in the Git client. The vulnerability is due to insufficient validation of allowed check-in paths. A remote attacker could exploit this vulnerability by enticing a user to checkout a crafted git repository, or by checking-in maliciously crafted commits to a...

Apple Xcode < 6.2 beta 3 .git/config Command Execution (Mac OS X) (deprecated)

The remote Mac OS X host has a version of Apple Xcode prior to 6.2 beta 3. It is, therefore, affected by a remote command execution vulnerability when processing git trees in a case-insensitive or case-normalizing file system. A remote attacker, using a specially crafted git tree, can overwrite a...

USN-2470-1 git vulnerability

Matt Mackall and Augie Fackler discovered that Git incorrectly handled certain filesystem paths. A remote attacker could possibly use this issue to execute arbitrary code if the Git tree is stored in an HFS+ or NTFS filesystem. The remote attacker would need write access to a Git repository that...

USN-2470-1: Git vulnerability

Matt Mackall and Augie Fackler discovered that Git incorrectly handled certain filesystem paths. A remote attacker could possibly use this issue to execute arbitrary code if the Git tree is stored in an HFS+ or NTFS filesystem. The remote attacker would need write access to a Git repository that...

Ubuntu 14.04 LTS : Git vulnerability (USN-2470-1)

The remote Ubuntu 14.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-2470-1 advisory. Matt Mackall and Augie Fackler discovered that Git incorrectly handled certain filesystem paths. A remote attacker could possibly use this issue to execute...

Redmine plugin redmine_git_hosting arbitrary command execution vulnerability

Redmine is the open source project management web application . An arbitrary command execution vulnerability exists in the Redmine plugin redminegithosting, which allows remote attackers to exploit the vulnerability to execute arbitrary commands...

Malicious Git And Mercurial HTTP Server For CVE-2014-9390

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit4 'Malicious Git and Mercurial HTTP Server For CVE-2014-9390', 'Description' = %q This module exploits CVE-2014-9390, which affects Git...

Microsoft Visual Studio .git\config Command Execution

The version of Visual Studio installed on the remote host is affected by a command execution vulnerability when processing specially crafted git trees in a case-insensitive or case-normalizing file system. A remote attacker, using a specially crafted git tree, can overwrite a user's '.git/config'...