[SECURITY] Fedora 23 Update: git-2.5.0-2.fc23

Git is a fast, scalable, distributed revision control system with an unusually rich command set that provides both high-level operations and full access to internals. The git rpm installs common set of tools which are usually using with small amount of dependencies. To install all git packages,...

FreeBSD : Git -- Execute arbitrary code (7f645ee5-7681-11e5-8519-005056ac623e)

Git release notes : Some protocols like git-remote-ext can execute arbitrary code found in the URL. The URLs that submodules use may come from arbitrary sources e.g., .gitmodules files in a remote repository, and can hurt those who blindly enable recursive fetch. Restrict the allowed protocols to...

FreeBSD : Salt -- multiple vulnerabilities (3934cc60-f0fa-4eca-be09-c8bd7ae42871)

Salt release notes : CVE-2015-6918 - Git modules leaking HTTPS auth credentials to debug log Updated the Git state and execution modules to no longer display HTTPS basic authentication credentials in loglevel debug output on the Salt master. These credentials are now replaced with REDACTED in the...

Salt -- multiple vulnerabilities

Salt release notes: CVE-2015-6918 - Git modules leaking HTTPS auth credentials to debug log Updated the Git state and execution modules to no longer display HTTPS basic authentication credentials in loglevel debug output on the Salt master. These credentials are now replaced with REDACTED in the...

MGASA-2015-0396 Updated git packages fix security vulnerability

The git package has been updated to version 2.3.10, fixing a few security issues. These include buffer and integer overflow issues with long file path names and large files, as well as a remote code execution flaw with some protocols like git-remote-ext and specially crafted URLs. See the upstrea...

Updated git packages fix security vulnerability

The git package has been updated to version 2.3.10, fixing a few security issues. These include buffer and integer overflow issues with long file path names and large files, as well as a remote code execution flaw with some protocols like git-remote-ext and specially crafted URLs. See the upstrea...

Kallithea 0.2.9 HTTP Response Splitting Vulnerability

Kallithea suffers from a HTTP header injection response splitting vulnerability because it fails to properly sanitize user input before using it as an HTTP header value via the GET 'camefrom' parameter in the login instance. This type of attack not only allows a malicious user to control the...

Kallithea 0.2.9 HTTP Response Splitting

Kallithea 0.2.9 camefrom HTTP Response Splitting Vulnerability Vendor: Kallithea Product web page: https://www.kallithea-scm.org Version affected: 0.2.9 and 0.2.2 Summary: Kallithea, a member project of Software Freedom Conservancy, is a GPLv3'd, Free Software source code management system that...

Kallithea 0.2.9 - 'came_from' HTTP Response Splitting

Kallithea 0.2.9 camefrom HTTP Response Splitting Vulnerability Vendor: Kallithea Product web page: https://www.kallithea-scm.org Version affected: 0.2.9 and 0.2.2 Summary: Kallithea, a member project of Software Freedom Conservancy, is a GPLv3'd, Free Software source code management system that...

Kallithea 0.2.9 (came_from) HTTP Response Splitting Vulnerability

Summary Kallithea, a member project of Software Freedom Conservancy, is a GPLv3'd, Free Software source code management system that supports two leading version control systems, Mercurial and Git, and has a web interface that is easy to use for users and admins. Description Kallithea suffers from...

Oracle: Security Advisory (ELSA-2010-1003)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Oracle: Security Advisory (ELSA-2013-0589)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

JVN#27548431: gollum vulnerable to file exposure

gollum is a wiki system that uses git repositories. gollum contains a vulnerability which may allow an attacker to view arbitrary files on the server. Impact A remote attacker may view arbitrary files on the server. Solution Update the Software Update to the latest version according to the...

Heartbleed Vulnerability Scanner - Network Scanner for OpenSSL Memory Leak (CVE-2014-0160)

Heartbleed Vulnerability Scanner is a multiprotocol HTTP, IMAP, SMTP, POP CVE-2014-0160 scanning and automatic exploitation tool written with python. For scanning wide ranges automatically, you can provide a network range in CIDR notation and an output file to dump the memory of vulnerable system...

Gentoo Security Advisory GLSA 201401-06

Gentoo Linux Local Security Checks GLSA 201401-06 SPDX-FileCopyrightText: 2015 Eero Volotinen Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later ifdescription...

Gentoo Security Advisory GLSA 201509-06

Gentoo Linux Local Security Checks GLSA 201509-06 SPDX-FileCopyrightText: 2015 Eero Volotinen Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later ifdescription...

Git 1.9.5 - ssh-agent.exe Buffer Overflow (PoC)

Git 1.9.5 - ssh-agent.exe Buffer Overflow PoC ''' + Credits: hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/AS-GIT-SSH-AGENT-BUFF-OVERFLOW.txt Vendor: ================================ git-scm.com Product: ================================...

Git 1.9.5 - 'ssh-agent.exe' Buffer Overflow (PoC)

''' + Credits: hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/AS-GIT-SSH-AGENT-BUFF-OVERFLOW.txt Vendor: ================================ git-scm.com Product: ================================ Git-1.9.5-preview20150319.exe...

Git-1.9.5 ssh-agent.exe Buffer Overflow Exploit

Exploit for windows platform in category dos / poc Vendor: ================================ git-scm.com Product: ================================ Git-1.9.5-preview20150319.exe github.com/msysgit/msysgit/releases/tag/Git-1.9.5-preview20150319 Vulnerability Type: =================== Buffer Overflow...

Git 1.9.5 Buffer Overflow

Credits: hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/AS-GIT-SSH-AGENT-BUFF-OVERFLOW.txt Vendor: ================================ git-scm.com Product: ================================ Git-1.9.5-preview20150319.exe...