CVE-2015-7545

The 1 git-remote-ext and 2 unspecified other remote helper programs in Git before 2.3.10, 2.4.x before 2.4.10, 2.5.x before 2.5.4, and 2.6.x before 2.6.1 do not properly restrict the allowed protocols, which might allow remote attackers to execute arbitrary code via a URL in a a .gitmodules file ...

CVE-2015-7545

The CVE-2015-7545 issue affects Git’s remote helpers (notably git-remote-ext) and other remote helpers. Git prior to 2.3.10, 2.4.x prior to 2.4.10, 2.5.x prior to 2.5.4, and 2.6.x prior to 2.6.1 do not properly restrict allowed protocols, which could let remote attackers execute arbitrary code vi...

CVE-2015-7545

The 1 git-remote-ext and 2 unspecified other remote helper programs in Git before 2.3.10, 2.4.x before 2.4.10, 2.5.x before 2.5.4, and 2.6.x before 2.6.1 do not properly restrict the allowed protocols, which might allow remote attackers to execute arbitrary code via a URL in a a .gitmodules file ...

openSUSE: Security Advisory for mercurial (openSUSE-SU-2016:1016-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security update for mercurial (important)

mercurial was updated to fix three security issues. These security issues were fixed: - CVE-2016-3069: Arbitrary code execution when converting Git repos bsc973176. - CVE-2016-3068: Arbitrary code execution with Git subrepos bsc973177. - CVE-2016-3630: Remote code execution in binary delta decodi...

CVE-2016-2324

Integer overflow in Git before 2.7.4 allows remote attackers to execute arbitrary code via a 1 long filename or 2 many nested trees, which triggers a heap-based buffer overflow...

DEBIAN-CVE-2016-2315

revision.c in git before 2.7.4 uses an incorrect integer data type, which allows remote attackers to execute arbitrary code via a 1 long filename or 2 many nested trees, leading to a heap-based buffer overflow...

Integer overflow

Integer overflow in Git before 2.7.4 allows remote attackers to execute arbitrary code via a 1 long filename or 2 many nested trees, which triggers a heap-based buffer overflow...

Heap overflow

revision.c in git before 2.7.4 uses an incorrect integer data type, which allows remote attackers to execute arbitrary code via a 1 long filename or 2 many nested trees, leading to a heap-based buffer overflow...

CVE-2016-2315

revision.c in git before 2.7.4 uses an incorrect integer data type, which allows remote attackers to execute arbitrary code via a 1 long filename or 2 many nested trees, leading to a heap-based buffer overflow...

CVE-2016-2315

CVE-2016-2315 : Git before 2.7.4 contains an integer truncation/overrun in revision.c that can cause a heap-based buffer overflow when handling crafted path information (e.g., long filenames or many nested trees). This may allow remote code execution. A fix is to update Git to version 2.7.4 or la...

CVE-2016-2324

CVE-2016-2324 affects Git prior to 2.7.4. A heap-based buffer overflow is triggered by path-related inputs (e.g., long filenames or deeply nested trees), enabling remote code execution. Public advisories from Debian, Ubuntu, Arch, CentOS, and Cloud Foundry reference two related buffer-overflow vu...

CVE-2016-2315

revision.c in git before 2.7.4 uses an incorrect integer data type, which allows remote attackers to execute arbitrary code via a 1 long filename or 2 many nested trees, leading to a heap-based buffer overflow...

CVE-2016-2324

Integer overflow in Git before 2.7.4 allows remote attackers to execute arbitrary code via a 1 long filename or 2 many nested trees, which triggers a heap-based buffer overflow...

openSUSE Security Update : git (openSUSE-2016-428)

This update of git to 2.6.6 fixes the following issues : - Update to git-2.6.6 including the official upstream fixes for the previous security issues CVE-2016-2315,CVE-2016-2324,boo971328 : See the release rotes for other details Documentation/RelNotes/2.6.3.txt Documentation/RelNotes/2.6.4.txt...

Oracle: Security Advisory (ELSA-2016-0496)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 22 Update: git-2.4.11-1.fc22

Git is a fast, scalable, distributed revision control system with an unusually rich command set that provides both high-level operations and full access to internals. The git rpm installs the core tools with minimal dependencies. To install all git packages, including tools for integrating with...

Updated git packages fix security vulnerability

There is a buffer overflow vulnerability possibly leading to remote code execution in git. It can happen while pushing or cloning a repository with a large filename or a large number of nested trees CVE-2016-2315, CVE-2016-2324. The git package has been updated to version 2.7.4, which fixes this...

Amazon Linux AMI : git (ALAS-2016-672)

An integer truncation flaw CVE-2016-2315 and an integer overflow flaw CVE-2016-2324, both leading to a heap-based buffer overflow, were found in the way Git processed certain path information. A remote attacker could create a specially crafted Git repository that would cause a Git client or serve...

RedHat Update for git RHSA-2016:0496-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...