Debian: Security Advisory (DLA-3340-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian dla-3340 : libgit2-27 - security update

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3340 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3340-1 [email protected]...

[SECURITY] [DLA 3340-1] libgit2 security update

Debian LTS Advisory DLA-3340-1 [email protected] https://www.debian.org/lts/security/ Tobias Frost February 23, 2023 https://wiki.debian.org/LTS Package : libgit2 Version : 0.27.7+dfsg.1-0.2+deb10u1 CVE ID : CVE-2020-12278 CVE-2020-12279 CVE-2023-22742 Debian Bug : 1029368 A vulnerabili...

DLA-3340-1 libgit2 - security update

Bulletin has no description...

SUSE CVE-2016-8568

The gitcommitmessage function in oid.c in libgit2 before 0.24.3 allows remote attackers to cause a denial of service out-of-bounds read via a cat-file command with a crafted object file...

SUSE CVE-2016-8569

The gitoidnfmt function in commit.c in libgit2 before 0.24.3 allows remote attackers to cause a denial of service NULL pointer dereference via a cat-file command with a crafted object file...

SUSE CVE-2016-10128

Buffer overflow in the gitpktparseline function in transports/smartpkt.c in the Git Smart Protocol support in libgit2 before 0.24.6 and 0.25.x before 0.25.1 allows remote attackers to have unspecified impact via a crafted non-flush packet...

SUSE CVE-2016-10129

The Git Smart Protocol support in libgit2 before 0.24.6 and 0.25.x before 0.25.1 allows remote attackers to cause a denial of service NULL pointer dereference via an empty packet line...

SUSE CVE-2016-10130

The httpconnect function in transports/http.c in libgit2 before 0.24.6 and 0.25.x before 0.25.1 might allow man-in-the-middle attackers to spoof servers by leveraging clobbering of the error variable...

SUSE CVE-2018-8098

Integer overflow in the index.c:readentry function while decompressing a compressed prefix length in libgit2 before v0.26.2 allows an attacker to cause a denial of service out-of-bounds read via a crafted repository index file...

SUSE CVE-2018-8099

Incorrect returning of an error code in the index.c:readentry function leads to a double free in libgit2 before v0.26.2, which allows an attacker to cause a denial of service via a crafted repository index file...

SUSE CVE-2018-10888

A flaw was found in libgit2 before version 0.27.3. A missing check in gitdeltaapply function in delta.c file, may lead to an out-of-bound read while reading a binary delta file. An attacker may use this flaw to cause a Denial of Service...

SUSE CVE-2018-10887

A flaw was found in libgit2 before version 0.27.3. It has been discovered that an unexpected sign extension in gitdeltaapply function in delta.c file may lead to an integer overflow which in turn leads to an out of bound read, allowing to read before the base object. An attacker may use this flaw...

SUSE CVE-2018-15501

In ngpkt in transports/smartpkt.c in libgit2 before 0.26.6 and 0.27.x before 0.27.4, a remote attacker can send a crafted smart-protocol "ng" packet that lacks a '\0' byte to trigger an out-of-bounds read that leads to DoS...

SUSE CVE-2023-22742

libgit2 is a cross-platform, linkable library implementation of Git. When using an SSH remote with the optional libssh2 backend, libgit2 does not perform certificate checking by default. Prior versions of libgit2 require the caller to set the certificatecheck field of libgit2's gitremotecallbacks...

[SECURITY] Fedora 36 Update: libgit2-1.3.2-1.fc36

libgit2 is a portable, pure C implementation of the Git core methods provided as a re-entrant linkable library with a solid API, allowing you to write native speed custom Git applications in any language with bindings...

Fedora: Security Advisory for libgit2 (FEDORA-2023-1068309389)

The remote host is missing an update for the Copyright C 2023 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Fedora: Security Advisory for rust-libgit2-sys0.12 (FEDORA-2023-07cf2ae114)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory for rust-libgit2-sys (FEDORA-2023-db96a62414)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory for rust-libgit2-sys (FEDORA-2023-055b389109)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...