a-gpt (>=0.1.0 <=0.4.0), abacuz (=0.1.1) +887 more potentially affected by CVE-2023-22742 via git2 (>=0.10.0 <=0.16.0)

git2 CARGO version =0.10.0, =0.1.0, =1.1.0, =0.0.1, =0.3.0, =1.0.0, =0.1.0, =0.3.3 - amisgitpm =0.0.1 - amp =0.6.2 and more Source cves: CVE-2023-22742 Source advisory: OSV:GHSA-M4CH-RFV5-X5G3...

git2-rs fails to verify SSH keys by default

The git2 and libgit2-sys crates are Rust wrappers around the libgit2 C library. It was discovered that libgit2 1.5.0 and below did not verify SSH host keys when establishing an SSH connection, exposing users of the library to Man-In-the-Middle attacks. The libgit2 team assigned CVE-2023-22742 to...

RUSTSEC-2023-0003 git2 does not verify SSH keys by default

The git2 and libgit2-sys crates are Rust wrappers around the libgit2 C library. It was discovered that libgit2 1.5.0 and below did not verify SSH host keys when establishing an SSH connection, exposing users of the library to Man-In-the-Middle attacks. The libgit2 team assigned...

git2 does not verify SSH keys by default

The git2 and libgit2-sys crates are Rust wrappers around the libgit2 C library. It was discovered that libgit2 1.5.0 and below did not verify SSH host keys when establishing an SSH connection, exposing users of the library to Man-In-the-Middle attacks. The libgit2 team assigned...

RUSTSEC-2023-0002 git2 Rust package suppresses ssh host key checking

By default, when accessing an ssh repository ie via an ssh: git repository url the git2 Rust package does not do any host key checking. Additionally, the provided API is not sufficient for a an application to do meaningful checking itself. Impact When connecting to an ssh repository, and when an...

git2 Rust package suppresses ssh host key checking

By default, when accessing an ssh repository ie via an ssh: git repository url the git2 Rust package does not do any host key checking. Additionally, the provided API is not sufficient for a an application to do meaningful checking itself. Impact When connecting to an ssh repository, and when an...

[SECURITY] Fedora 34 Update: rust-asyncgit-0.16.3-3.fc34

Allow using git2 in a asynchronous context...

Linux Kernel 2.6.36-rc4-git2 (x86-64) - ia32syscall Emulation Privilege Escalation

Linux Kernel 2.6.36-rc4-git2 x86-64 - ia32syscall Emulation Privilege Escalation / exploit for x8664 linux kernel ia32syscall emulation again rediscovered by ben hawkes with help from robert swiecki and tavis ormandy original vulnerability discovered by Wojciech Purczynski original exploit by...