[SECURITY] Fedora 26 Update: git-2.13.6-2.fc26

Git is a fast, scalable, distributed revision control system with an unusually rich command set that provides both high-level operations and full access to internals. The git rpm installs common set of tools which are usually using with small amount of dependencies. To install all git packages,...

HOWTO: Prevent your AWS credentials and other secrets from being exposed in code repositories

Uber had AWS credentials exposed on GitHub. As thousands of other companies do. It has been known for a while that nuggets such as private keys and credentials can be found with the GitHub search functionality or with Google dorks so looking for sensitive information in GitHub repositories is not...

[SECURITY] Fedora 25 Update: rpkg-1.51-2.fc25

Python library for interacting with rpm+git...

[SECURITY] Fedora 25 Update: fedpkg-1.30-4.fc25

Provides the fedpkg command for working with dist-git...

[SECURITY] Fedora 26 Update: rpkg-1.51-2.fc26

Python library for interacting with rpm+git...

[SECURITY] Fedora 26 Update: fedpkg-1.30-4.fc26

Provides the fedpkg command for working with dist-git...

Fedora Update for git FEDORA-2017-2c7ddf53d3

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora Update for git-annex FEDORA-2017-fb1ae91f46

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 27 Update: git-2.14.3-2.fc27

Git is a fast, scalable, distributed revision control system with an unusually rich command set that provides both high-level operations and full access to internals. The git rpm installs common set of tools which are usually using with small amount of dependencies. To install all git packages,...

[SECURITY] Fedora 27 Update: rpkg-1.51-2.fc27

Python library for interacting with rpm+git...

[SECURITY] Fedora 27 Update: fedpkg-1.30-4.fc27

Provides the fedpkg command for working with dist-git...

[SECURITY] Fedora 27 Update: git-annex-6.20170925-3.fc27

Git-annex allows managing files with git, without checking the file contents into git. While that may seem paradoxical, it is useful when dealing with f iles larger than git can currently easily handle, whether due to limitations in memory, time, or disk space. It can store large files in many...

Updated git packages fix security vulnerability

The git subcommand cvsserver is a Perl script which makes excessive use of the backtick operator to invoke git. Unfortunately user input is used within some of those invocations, which can be a OS Command Injection vulnerability CVE-2017-14867...

MGASA-2017-0404 Updated git packages fix security vulnerability

The git subcommand cvsserver is a Perl script which makes excessive use of the backtick operator to invoke git. Unfortunately user input is used within some of those invocations, which can be a OS Command Injection vulnerability CVE-2017-14867...

CVE-2017-15298

Git through 2.14.2 mishandles layers of tree objects, which allows remote attackers to cause a denial of service memory consumption via a crafted repository, aka a Git bomb. This can also have an impact of disk consumption; however, an affected process typically would not survive its attempt to...

CloudBees Jenkins Git Client Plugin Information Disclosure Vulnerability

CloudBees Jenkins formerly known as Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools , it is mainly used to monitor the continuous software version of the release/testing project and some of the timed execution of the task . Git...

CVE-2017-1000242

Jenkins Git Client Plugin 2.4.2 and earlier creates temporary file with insecure permissions resulting in information disclosure...

The vulnerability of the distributed Git version control system, related to insufficient validation of input data, allows a hacker to execute arbitrary operating system commands.

The vulnerability of the distributed Git version control system is related to the use of insecure Perl scripts for supporting subcommands such as cvsserver. Exploiting this vulnerability allows a malicious actor to execute arbitrary operating system commands on behalf of the git user remotely...

Medium: golang

Issue Overview: Arbitrary code execution during go get or go get -d: Go before 1.8.4 and 1.9.x before 1.9.1 allows "go get" remote command execution. Using custom domains, it is possible to arrange things so that example.com/pkg1 points to a Subversion repository but example.com/pkg1/pkg2 points ...

CVE-2017-1000242

Jenkins Git Client Plugin 2.4.2 and earlier creates temporary file with insecure permissions resulting in information disclosure...