RedHat Update for git RHSA-2017:2485-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

git security update

1.7.1-9 - prevent command injection via malicious ssh URLs Resolves: CVE-2017-1000117...

PT-2017-3011

Name of the Vulnerable Software and Affected Versions Mercurial versions prior to 4.3 git-annex versions prior to 6.20170818 Description The issue is related to inadequate sanitization of hostnames passed to ssh, leading to possible shell-injection attacks. This could allow a remote attacker to...

RHEL 6 : git (RHSA-2017:2485)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2017:2485 advisory. Git is a distributed revision control system with a decentralized architecture. As opposed to centralized version control systems with a client-serve...

Important: Red Hat Security Advisory: git security update

An update for git is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the C...

git: Command injection via malicious ssh URLs

A shell command injection flaw related to the handling of "ssh" URLs has been discovered in Git. An attacker could use this flaw to execute shell commands with the privileges of the user running the Git client, for example, when performing a "clone" action on a malicious repository or a legitimat...

git: Command injection via malicious ssh URLs

A shell command injection flaw related to the handling of "ssh" URLs has been discovered in Git. An attacker could use this flaw to execute shell commands with the privileges of the user running the Git client, for example, when performing a "clone" action on a malicious repository or a legitimat...

Important: Red Hat Security Advisory: git security update

An update for git is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the C...

git security update

1.8.3.1-12 - prevent command injection via malicious ssh URLs Resolves: CVE-2017-1000117...

Git for Windows 2.7.x < 2.7.6 / 2.8.x < 2.8.6 / 2.9.x < 2.9.5 / 2.10.x < 2.10.4 / 2.11.x < 2.11.13 / 2.12.x < 2.12.4 / 2.13.x < 2.13.5 / 2.14.x < 2.14.1 Malicious SSH URL Command Execution

The version of Git for Windows installed on the remote host is version 2.7.x prior to 2.7.6, 2.8.x prior to 2.8.6, 2.9.x prior to 2.9.5, 2.10.x prior to 2.10.4, 2.11.x prior to 2.11.13, 2.12.x prior to 2.12.4, 2.13.x prior to 2.13.5, or 2.14.x prior to 2.14.1. It is, therefore, affected by a...

Exploit for Open Redirect in Git-Scm Git

PoC exploit for CVE-2017-1000117, a vulnerability in the way Git handles submodule initialization. The target is Git, a vulnerability class/vector of arbitrary file write, probable entry point is the Git submodule initialization process, notable dependency is Git, and execution context is a Git...

[SECURITY] Fedora 25 Update: git-2.9.5-1.fc25

Git is a fast, scalable, distributed revision control system with an unusually rich command set that provides both high-level operations and full access to internals. The git rpm installs common set of tools which are usually using with small amount of dependencies. To install all git packages,...

Fedora Update for git FEDORA-2017-b1b3ae6666

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Slackware 13.0 / 13.1 / 13.37 / 14.0 / 14.1 / 14.2 / current : git (SSA:2017-223-01)

New git packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, 14.2, and -current to fix security issues. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Slackware Security Advisory 2017-223-01. The text...

Fedora 26 : git (2017-b1b3ae6666)

Resolve an arbitrary code execution vulnerability via crafted 'ssh://' URL CVE-2017-1000117. From the release announcement : A malicious third-party can give a crafted 'ssh://...' URL to an unsuspecting victim, and an attempt to visit the URL can result in any program that exists on the victim's...

Fedora Update for git FEDORA-2017-8ba7572cfd

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 25 : git (2017-8ba7572cfd)

Resolve an arbitrary code execution vulnerability via crafted 'ssh://' URL CVE-2017-1000117. From the release announcement : A malicious third-party can give a crafted 'ssh://...' URL to an unsuspecting victim, and an attempt to visit the URL can result in any program that exists on the victim's...

SSH command injection Vulnerability(CVE-2017-1000117)analysis-vulnerability warning-the black bar safety net

0x01 vulnerability overview A malicious person can through the ingenious structure“ssh://...”link, and let the victim in the implementation of the program, such as the case to access the malicious link, so as to achieve command execution purposes. The links can be placed in the git project...

MGASA-2017-0266 Updated git packages fix security vulnerability

Joern Schneeweisz discovered that git, a distributed revision control system, did not correctly handle maliciously constructed ssh:// URLs. This allowed an attacker to run an arbitrary shell command, for instance via git submodules CVE-2017-1000117...

Updated git packages fix security vulnerability

Joern Schneeweisz discovered that git, a distributed revision control system, did not correctly handle maliciously constructed ssh:// URLs. This allowed an attacker to run an arbitrary shell command, for instance via git submodules CVE-2017-1000117...