Fedora 25 : git (2017-cdfd888e2e)

Previous versions of git mishandled layers of tree objects, which allowed remote attackers to cause a denial of service memory consumption via a crafted repository, aka a git bomb. This can also have an impact of disk consumption; however, an affected process typically would not survive its attem...

[SECURITY] Fedora 25 Update: git-2.9.5-3.fc25

Git is a fast, scalable, distributed revision control system with an unusually rich command set that provides both high-level operations and full access to internals. The git rpm installs common set of tools which are usually using with small amount of dependencies. To install all git packages,...

Fedora Update for git FEDORA-2017-cdfd888e2e

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Arbitrary Code Execution

mercurial is susceptible to arbitrary code execution attacks. The attacker can run arbitrary code in Git subrepositories through a .git/hooks/post-update script checked into the repository after creating a malicious mercurial repository...

PYSEC-2017-90

In Mercurial before 4.4.1, it is possible that a specially malformed repository can cause Git subrepositories to run arbitrary code in the form of a .git/hooks/post-update script checked into the repository. Typical use of Mercurial prevents construction of such repositories, but they can be...

Code injection

In Mercurial before 4.4.1, it is possible that a specially malformed repository can cause Git subrepositories to run arbitrary code in the form of a .git/hooks/post-update script checked into the repository. Typical use of Mercurial prevents construction of such repositories, but they can be...

PYSEC-2017-90

In Mercurial before 4.4.1, it is possible that a specially malformed repository can cause Git subrepositories to run arbitrary code in the form of a .git/hooks/post-update script checked into the repository. Typical use of Mercurial prevents construction of such repositories, but they can be...

DEBIAN-CVE-2017-17458

In Mercurial before 4.4.1, it is possible that a specially malformed repository can cause Git subrepositories to run arbitrary code in the form of a .git/hooks/post-update script checked into the repository. Typical use of Mercurial prevents construction of such repositories, but they can be...

CVE-2017-17458

In Mercurial before 4.4.1, it is possible that a specially malformed repository can cause Git subrepositories to run arbitrary code in the form of a .git/hooks/post-update script checked into the repository. Typical use of Mercurial prevents construction of such repositories, but they can be...

UBUNTU-CVE-2017-17458

In Mercurial before 4.4.1, it is possible that a specially malformed repository can cause Git subrepositories to run arbitrary code in the form of a .git/hooks/post-update script checked into the repository. Typical use of Mercurial prevents construction of such repositories, but they can be...

CVE-2017-17458

In Mercurial before 4.4.1, it is possible that a specially malformed repository can cause Git subrepositories to run arbitrary code in the form of a .git/hooks/post-update script checked into the repository. Typical use of Mercurial prevents construction of such repositories, but they can be...

CVE-2017-17458

In Mercurial before 4.4.1, it is possible that a specially malformed repository can cause Git subrepositories to run arbitrary code in the form of a .git/hooks/post-update script checked into the repository. Typical use of Mercurial prevents construction of such repositories, but they can be...

CVE-2017-17458

In Mercurial before 4.4.1, it is possible that a specially malformed repository can cause Git subrepositories to run arbitrary code in the form of a .git/hooks/post-update script checked into the repository. Typical use of Mercurial prevents construction of such repositories, but they can be...

CVE-2017-17458

CVE-2017-17458 affects Mercurial prior to 4.4.1. A specially malformed repository can cause Git subrepositories to execute arbitrary code via a checked-in .git/hooks/post-update script. This condition can occur despite typical Mercurial usage preventing such repositories, though they can be creat...

Fedora Update for git FEDORA-2017-742be0e59c

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

WebDavC2 - A WebDAV C2 Tool

WebDavC2 is a PoC of using the WebDAV protocol with PROPFIND only requests to serve as a C2 communication channel between an agent, running on the target system, and a controller acting as the actuel C2 server. Architecture WebDavC2 is composed of: a controller, written in Python, which acts as t...

MGASA-2017-0440 Updated git packages fix security vulnerability

Git through 2.14.2 mishandles layers of tree objects, which allows remote attackers to cause a denial of service memory consumption via a crafted repository, aka a Git bomb. This can also have an impact of disk consumption; however, an affected process typically would not survive its attempt to...

Updated git packages fix security vulnerability

Git through 2.14.2 mishandles layers of tree objects, which allows remote attackers to cause a denial of service memory consumption via a crafted repository, aka a Git bomb. This can also have an impact of disk consumption; however, an affected process typically would not survive its attempt to...

Internet Bug Bounty: Mercurial git subrepo lead to arbritary command injection

Hi IBB, I'd like to submit a issue exist in Mercurial. It is possible that a specially malformed repository can cause Git subrepositories to run arbitrary code in the form of a .git/hooks/post-update script checked in to the repository in Mercurial 4.4 and earlier. Typical use of Mercurial preven...

Fedora 26 : git (2017-742be0e59c)

Previous versions of git mishandled layers of tree objects, which allowed remote attackers to cause a denial of service memory consumption via a crafted repository, aka a git bomb. This can also have an impact of disk consumption; however, an affected process typically would not survive its attem...