SUSE-SU-2023:1788-1 Security update for libgit2

This update for libgit2 fixes the following issues: - CVE-2023-22742: Verify ssh remote host keys bsc1207364...

DLA-3340-1 libgit2 - security update

Bulletin has no description...

SUSE-SU-2022:3495-1 Security update for libgit2

This update for libgit2 fixes the following issues: - Fixed DoS by oob write in constructed commit object with a very large number of parents bsc1158981. - CVE-2019-1352: Fixed git on Windows being unaware of NTFS Alternate Data Streams bnc1158790. - CVE-2022-24765: Fixed potential command...

SUSE-SU-2022:3494-1 Security update for libgit2

This update for libgit2 fixes the following issues: - CVE-2022-24765: Fixed potential command injection via git worktree bsc1198234. - CVE-2022-29187: Fixed incomplete fix for CVE-2022-24765 bsc1201431...

openSUSE Security Update : libgit2 (openSUSE-2019-638)

This update for libgit2 to version 0.26.5 fixes the following issues : The following security vulnerabilities were addressed : - CVE-2018-10887: Fixed an integer overflow which in turn leads to an out of bound read, allowing to read the base object, which could be exploited by an attacker to caus...

openSUSE Security Update : libgit2 (openSUSE-2019-986)

This update for libgit2 fixes the following issues : Security issue fixed : - CVE-2018-17456: Submodule URLs and paths with a leading '-' are now ignored to avoid injecting options into library consumers that perform recursive clones bsc1110949. Non-security issues fixed : - Version update to...

SUSE-SU-2019:0024-1 Security update for libgit2

This update for libgit2 fixes the following issues: Security issues fixed: - CVE-2018-19456: Fixed a code execution by malicious .gitmodules file bsc1110949 - various string-to-integer and buffer handling fixes bsc1114729...

SUSE-SU-2018:4009-1 Security update for libgit2

This update for libgit2 fixes the following issues: Security issue fixed: - CVE-2018-17456: Submodule URLs and paths with a leading '-' are now ignored to avoid injecting options into library consumers that perform recursive clones bsc1110949. Non-security issues fixed: - Version update to versio...

SUSE-SU-2018:3440-1 Security update for libgit2

This update for libgit2 fixes the following issues: - CVE-2018-8099: Fixed possible denial of service attack via different vectors by not being able to differentiate between these status codes bsc1085256. - CVE-2018-11235: With a crafted .gitmodules file, a malicious project can execute an...

CVE-2016-10128

Buffer overflow in the gitpktparseline function in transports/smartpkt.c in the Git Smart Protocol support in libgit2 before 0.24.6 and 0.25.x before 0.25.1 allows remote attackers to have unspecified impact via a crafted non-flush packet...

SUSE-SU-2017:0433-1 Security update for libgit2

This update for libgit2 fixes the several issues. These security issues were fixed: - CVE-2016-10130: When using the custom certificate callback or when using pygit2 or git2go a attacker could have caused an invalid certificate to be accepted bsc1019037. - CVE-2017-5338: When using the custom...

libgit2 security bypass vulnerability (CNVD-2017-00490)

libgit2 is a portable, C implementation of the Git core development kit . A security bypass vulnerability exists in the src/transports/http.c file in libgit2 versions 0.25 and 0.24. An attacker can exploit this vulnerability to conduct a man-in-the-middle attack, bypass security restrictions and...

SUSE-SU-2016:2969-1 Security update for libgit2

libgit2 was updated to fix two security issues. These security issues were fixed: - CVE-2016-8568: Read out-of-bounds in gitoidnfmt bsc1003810. - CVE-2016-8569: DoS caused by a NULL pointer dereference in gitcommitmessage bsc1003810...