git: path sanity check in is_ntfs_dotgit() can read arbitrary memory

In Git before 2.13.7, 2.14.x before 2.14.4, 2.15.x before 2.15.2, 2.16.x before 2.16.4, and 2.17.x before 2.17.1, code to sanity-check pathnames on NTFS can result in reading out-of-bounds memory...

Important: Red Hat Security Advisory: rh-git29-git security update

An update for rh-git29-git is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

BST (Binary String Toolkit) - Quickly And Easily Convert Binary Strings For All Your Exploit Development Needs

The Binary String Toolkit or BST for short is a rather simple utility to convert binary strings to various formats suitable for later inclusions in source codes, such as those used to develop exploits in the security field. Features Dump files content to standard output in a binary string format...

Security update for git-annex (moderate)

This update for git-annex to version 6.20180626 fixes the following issues: - CVE-2018-10857: Prevent file content disclosure by refusing to download content that cannot be verified with a hash, from encrypted special remotes and glacier bsc1098062. - CVE-2018-10859: Prevent local gpg encrypted...

Security update for git-annex (moderate)

This update for git-annex to version 6.20180626 fixes the following issues: - CVE-2018-10857: Prevent file content disclosure by refusing to download content that cannot be verified with a hash, from encrypted special remotes and glacier bsc1098062. - CVE-2018-10859: Prevent local gpg encrypted...

PT-2018-10145

Name of the Vulnerable Software and Affected Versions git-annex affected versions not specified Description The issue concerns a private data exposure and exfiltration attack in git-annex. It could expose the content of files located outside the git-annex repository or content from a private web...

PT-2018-10146

Name of the Vulnerable Software and Affected Versions git-annex affected versions not specified Description The issue concerns an Information Exposure when decrypting files. A malicious server for a special remote could trick git-annex into decrypting a file that was encrypted to the user's GPG...

openSUSE: Security Advisory for git-annex (openSUSE-SU-2018:1896-1)

The remote host is missing an update for the Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

openSUSE Security Update : git-annex (openSUSE-2018-697)

This update for git-annex to version 6.20180626 fixes the following issues : - CVE-2018-10857: Prevent file content disclosure by refusing to download content that cannot be verified with a hash, from encrypted special remotes and glacier bsc1098062. - CVE-2018-10859: Prevent local gpg encrypted...

[SECURITY] Fedora 28 Update: libgit2-0.26.4-1.fc28

libgit2 is a portable, pure C implementation of the Git core methods provided as a re-entrant linkable library with a solid API, allowing you to write native speed custom Git applications in any language with bindings...

[SECURITY] Fedora 27 Update: libgit2-0.26.4-1.fc27

libgit2 is a portable, pure C implementation of the Git core methods provided as a re-entrant linkable library with a solid API, allowing you to write native speed custom Git applications in any language with bindings...

[ASA-201807-2] git-annex: multiple issues

Arch Linux Security Advisory ASA-201807-2 ========================================= Severity: High Date : 2018-07-04 CVE-ID : CVE-2018-10857 CVE-2018-10859 Package : git-annex Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-725 Summary ======= The package git-annex...

SUSE-SU-2018:1872-1 Security update for git

This update for git to version 2.16.4 fixes several issues. These security issues were fixed: - CVE-2018-11233: Path sanity-checks on NTFS allowed attackers to read arbitrary memory bsc1095218 - CVE-2018-11235: Arbitrary code execution when recursively cloning a malicious repository bsc1095219...

EulerOS 2.0 SP3 : git (EulerOS-SA-2018-1216)

According to the version of the git packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - arbitrary code execution when recursively cloning a malicious repository CVE-2018-11235 Note that Tenable Network Security has extracted the preceding...

EulerOS 2.0 SP2 : git (EulerOS-SA-2018-1215)

According to the version of the git packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - arbitrary code execution when recursively cloning a malicious repository CVE-2018-11235 Note that Tenable Network Security has extracted the preceding...

CentOS 7 : git (CESA-2018:1957)

An update for git is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the C...

[SECURITY] Fedora 28 Update: pass-1.7.2-1.fc28

Stores, retrieves, generates, and synchronizes passwords securely using gpg and git...

[SECURITY] Fedora 27 Update: pass-1.7.2-1.fc27

Stores, retrieves, generates, and synchronizes passwords securely using gpg and git...

CentOS Update for emacs-git CESA-2018:1957 centos7

Check the version of emacs-git SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882913";...

emacs, git, gitk, gitweb, perl security update

CentOS Errata and Security Advisory CESA-2018:1957 An update for git is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...