CBL Mariner 2.0 Security Update: libgit2 / rust (CVE-2023-22742)

The version of libgit2 / rust installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-22742 advisory. - libgit2 is a cross-platform, linkable library implementation of Git. When using an SSH remote with t...

libgit2 fails to verify SSH keys by default

...

OPENSUSE-SU-2024:12005-1 libgit2-1_4-1.4.3-1.1 on GA media

These are all security issues fixed in the libgit2-14-1.4.3-1.1 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2024:13449-1 libgit2-1_7-1.7.1-3.1 on GA media

These are all security issues fixed in the libgit2-17-1.7.1-3.1 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2024:13675-1 libgit2-1_7-1.7.2-2.1 on GA media

These are all security issues fixed in the libgit2-17-1.7.2-2.1 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2024:10249-1 libgit2-24-0.24.3-1.1 on GA media

These are all security issues fixed in the libgit2-24-0.24.3-1.1 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2024:13661-1 libgit2-1_7-1.7.2-1.1 on GA media

These are all security issues fixed in the libgit2-17-1.7.2-1.1 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2024:10943-1 libgit2-1_1-1.1.1-1.2 on GA media

These are all security issues fixed in the libgit2-11-1.1.1-1.2 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2024:12632-1 libgit2-1.5.1-1.1 on GA media

These are all security issues fixed in the libgit2-1.5.1-1.1 package on the GA media of openSUSE Tumbleweed...

RHEL 7 : libgit2 (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - libgit2: NTFS protections inactive when running Git in the Windows Subsystem for Linux CVE-2020-12279 - A...

RHEL 8 : libgit2 (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - libgit2: NTFS protections inactive when running Git in the Windows Subsystem for Linux CVE-2020-12279 - A...

RHEL 7 : libgit2 (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - libgit2: NTFS protections inactive when running Git in the Windows Subsystem for Linux CVE-2020-12279 - A...

RHEL 8 : libgit2 (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - libgit2: NTFS protections inactive when running Git in the Windows Subsystem for Linux CVE-2020-12279 - A...

Fedora 40 : rust-asyncgit / rust-bat / rust-cargo-c / rust-eza / etc (2024-53685bdcb6)

The remote Fedora 40 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2024-53685bdcb6 advisory. - Update the git2 crate to version 0.18.2. - Update the libgit2-sys crate to version 0.16.2. Version 0.16.2 of the libgit2-sys crate includes an...

ROS-20240410-13

A vulnerability in the src/libgit2/revparse.c component of the C Libgit2 implementation of Git methods is related to an uncontrolled resource consumption. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service. remotely to cause a denial of service...

Important: rust

Issue Overview: libgit2 is a portable C implementation of the Git core methods provided as a linkable library with a solid API, allowing to build Git functionality into your application. Using well-crafted inputs to gitrevparsesingle can cause the function to enter an infinite loop, potentially...

Important: rust

Issue Overview: libgit2 is a portable C implementation of the Git core methods provided as a linkable library with a solid API, allowing to build Git functionality into your application. Using well-crafted inputs to gitrevparsesingle can cause the function to enter an infinite loop, potentially...

Amazon Linux 2023 : cargo, clippy, rust (ALAS2023-2024-566)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2024-566 advisory. libgit2 is a portable C implementation of the Git core methods provided as a linkable library with a solid API, allowing to build Git functionality into your application. Using well-crafted...

Amazon Linux 2 : rust (ALAS-2024-2496)

The version of rust installed on the remote host is prior to 1.68.2-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2024-2496 advisory. libgit2 is a portable C implementation of the Git core methods provided as a linkable library with a solid API, allowing to...

Important: rust

Issue Overview: libgit2 is a portable C implementation of the Git core methods provided as a linkable library with a solid API, allowing to build Git functionality into your application. Using well-crafted inputs to gitrevparsesingle can cause the function to enter an infinite loop, potentially...