SUSE SLES12 Security Update : git (SUSE-SU-2017:1357-1)

This update for git fixes the following issues : - git 2.12.3 : - CVE-2017-8386: Fix git-shell not to escape with the starting dash name bsc1038395 - Fix for potential segv introduced in v2.11.0 and later - Misc fixes and cleanups. - git 2.12.2 : - CLI output fixes - 'Dump http' transport fixes -...

Arbitrary shell execution

Security Advisory - This release contains a fix for a security advisory related to the improper handling of a shell command - A properly crafted filename would allow for arbitrary code execution when using the --filter=gitmodified command line option - All version 3 users are encouraged to upgrad...

Fedora 25 : git (2017-f4319b6dfc)

An issue in git-shell could allow remote users to run an interactive pager. From the update announcement : ... fix a recently disclosed problem with 'git shell', which may allow a user who comes over SSH to run an interactive pager by causing it to spawn 'git upload-pack --help' CVE-2017-8386. Th...

[SECURITY] Fedora 25 Update: git-2.9.4-1.fc25

Git is a fast, scalable, distributed revision control system with an unusually rich command set that provides both high-level operations and full access to internals. The git rpm installs common set of tools which are usually using with small amount of dependencies. To install all git packages,...

Ubuntu: Security Advisory (USN-3287-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora Update for git FEDORA-2017-f4319b6dfc

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[ASA-201705-14] git: access restriction bypass

Arch Linux Security Advisory ASA-201705-14 ========================================== Severity: High Date : 2017-05-12 CVE-ID : CVE-2017-8386 Package : git Type : access restriction bypass Remote : Yes Link : https://security.archlinux.org/AVG-267 Summary ======= The package git before version...

Security fix for the ALT Linux 10 package git version 2.10.3-alt1

May 11, 2017 Dmitry V. Levin 2.10.3-alt1 - 2.10.2 - 2.10.3 fixes: CVE-2017-8386...

Debian DSA-3848-1 : git - security update

Timo Schmid of ERNW GmbH discovered that the Git git-shell, a restricted login shell for Git-only SSH access, allows a user to run an interactive pager by causing it to spawn 'git upload-pack --help'. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in...

Debian DLA-938-1 : git security update

Timo Schmid of ERNW GmbH discovered that the Git git-shell, a restricted login shell for Git-only SSH access, allows a user to run an interactive pager by causing it to spawn 'git upload-pack --help'. For Debian 7 'Wheezy', these problems have been fixed in version 1:1.7.10.4-1+wheezy4. We...

[SECURITY] [DSA 3848-1] git security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3848-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso May 10, 2017 https://www.debian.org/security/faq -...

[SECURITY] [DSA 3848-1] git security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3848-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso May 10, 2017 https://www.debian.org/security/faq -...

Debian Security Advisory DSA 3848-1 (git - security update)

Timo Schmid of ERNW GmbH discovered that the Git git-shell, a restricted login shell for Git-only SSH access, allows a user to run an interactive pager by causing it to spawn OpenVAS Vulnerability Test $Id: deb3848.nasl 6607 2017-07-07 12:04:25Z cfischer $ Auto-generated from advisory DSA 3848-1...

DLA-938-1 git - security update

Bulletin has no description...

Debian: Security Advisory (DSA-3848-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Atlassian SourceTree 2.5c Client URL Handler Command Injection

Author: redrain, hongyu-sat360.cn Date: 2017-03-02 Version:2.5c and prior Platform: macOS, Windows, Linux Desktop Site: https://www.sourcetreeapp.com Vendor: Atlassian Vendor Notified: 2017-03-02 Technical Details: ======================================== SourceTree v2.5c and prior are affected b...

x86 to LLVM Bitcode Translation Framework: McSema

x86 to LLVM Bitcode Translation Framework McSema lifts x86 and amd64 binaries to LLVM bitcode modules. McSema support both Linux and Windows binaries, and most x86 and amd64 instructions, including integer, FPU, and SSE operations. McSema is separated into two conceptual parts: control flow...

EulerOS 2.0 SP1 : git (EulerOS-SA-2016-1009)

According to the versions of the git packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An integer truncation flaw and an integer overflow flaw, both leading to a heap-based buffer overflow, were found in the way Git processed certain...

kaosx.tk XSS vulnerability

Vulnerable URL: http://kaosx.tk/packages/pkg-ls.php?package=git-2.12.0-1-x8664.pkg.tar.xz"';--=build Details: Description| Value ---|--- Patched:| No Latest check for patch:| 28.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 1470670 VIP website status:| No...

Null pointer dereference

The Git Smart Protocol support in libgit2 before 0.24.6 and 0.25.x before 0.25.1 allows remote attackers to cause a denial of service NULL pointer dereference via an empty packet line...