9928 matches found
CVE-2014-9706
The buildindexfromtree function in index.py in Dulwich before 0.9.9 allows remote attackers to execute arbitrary code via a commit with a directory path starting with .git/, which is not properly handled when checking out a working tree...
CVE-2014-9706
The buildindexfromtree function in index.py in Dulwich before 0.9.9 allows remote attackers to execute arbitrary code via a commit with a directory path starting with .git/, which is not properly handled when checking out a working tree...
Mandriva Linux Security Advisory : git (MDVSA-2015:169)
Updated git packages fix security vulnerability : It was reported that git, when used as a client on a case-insensitive filesystem, could allow the overwrite of the .git/config file when the client performed a git pull. Because git permitted committing .Git/config or any case variation, on the pu...
Debian DSA-3206-1 : dulwich - security update
Multiple vulnerabilities have been discovered in Dulwich, a Python implementation of the file formats and protocols used by the Git version control system. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2014-9706 It was discovered that Dulwich allows...
[SECURITY] [DSA 3206-1] dulwich security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3206-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso March 28, 2015 http://www.debian.org/security/faq -...
[SECURITY] [DSA 3206-1] dulwich security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3206-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso March 28, 2015 http://www.debian.org/security/faq -...
Debian Security Advisory DSA 3206-1 (dulwich - security update)
Multiple vulnerabilities have been discovered in Dulwich, a Python implementation of the file formats and protocols used by the Git version control system. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2014-9706 It was discovered that Dulwich allows writi...
DSA-3206-1 dulwich - security update
Bulletin has no description...
Debian: Security Advisory (DSA-3206-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE-SU-2015:0834-1 Security update for emacs
Emacs has been updated to fix the following issues: Several cases of insecure usage of temporary files. CVE-2014-3421, CVE-2014-3422, CVE-2014-3423, CVE-2014-3424 Use of vc-annotate for renamed files when using Git. bnc854683 Security Issues: CVE-2014-3421 CVE-2014-3422 CVE-2014-3423 CVE-2014-342...
Apple Xcode < 6.2 (Mac OS X)
The Apple Xcode installed on the remote Mac OS X host is prior to version 6.2. It is, therefore, affected by the following vulnerabilities : - Numerous errors exist related to the bundled version of Apache Subversion. CVE-2014-3522, CVE-2014-3528, CVE-2014-3580, CVE-2014-8108 - An error exists...
Gogs (Go Git Service) Detection (HTTP)
HTTP based detection of Gogs Go Git Service. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Authentication fails on Push to Stash
When I attempt to Push commit of a few dozen files to the Stash-hosted Git repository, I receive the attached error indicating an authentication failure...
Authentication fails on Push to Stash
When I attempt to Push commit of a few dozen files to the Stash-hosted Git repository, I receive the attached error indicating an authentication failure...
openSUSE Security Update : patch (openSUSE-SU-2015:0199-1)
This update fixes the following security issue : + Security fix for a directory traversal flaw when handling git-style patches. This could allow an attacker to overwrite arbitrary files by applying a specially crafted patch. boo913678 CVE-2015-1196 This update fixes the following issues : + When ...
openSUSE Security Update : git (openSUSE-SU-2015:0159-1)
This update fixes the following security issue : - CVE-2014-9390: arbitrary command execution vulnerability on case-insensitive file system bnc910756 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security...
CVE-2015-1395
Directory traversal vulnerability in GNU patch versions which support Git-style patching before 2.7.3 allows remote attackers to write to arbitrary files with the permissions of the target user via a .. dot dot in a diff file name...
Ubuntu: Security Advisory (USN-2470-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2015-1196
GNU patch 2.7.1 allows remote attackers to write to arbitrary files via a symlink attack in a patch file...
Git Client Path Validation Command Execution (CVE-2014-9390)
A command execution vulnerability exists in the Git client. The vulnerability is due to insufficient validation of allowed check-in paths. A remote attacker could exploit this vulnerability by enticing a user to checkout a crafted git repository, or by checking-in maliciously crafted commits to a...