761 matches found
Reproducing Go binaries byte-by-byte
Fully reproducible builds are important because they bridge the gap between auditable open source and convenient binary artifacts. Technologies like TUF and Binary Transparency provide accountability for what binaries are shipped to users, but that's of limited utility if there is no way short of...
HP Version Control Repository Manager Denial of Service Vulnerability (CNVD-2017-02615)
HP Version Control Repository Manager VCRM is an American Hewlett-Packard HP repository for storing software and firmware that supports ProLiant servers. A denial of service vulnerability exists in HPVCRM versions prior to 7.6. A remote attacker could exploit this vulnerability to cause a denial ...
Torvalds Downplays SHA-1 Threat to Git
When researchers demonstrated the first practical collision attack for the cryptographic hash function SHA-1 last week, they also identified related vulnerabilities impacted by the now-compromised algorithm. According to the SHAttered research post, co-authored by Google and a host of cryptograph...
[SECURITY] Fedora 25 Update: viewvc-1.1.26-1.fc25
ViewVC is a browser interface for CVS and Subversion version control repositories. It generates templatized HTML to present navigable directory, revision, and change log listings. It can display specific versions of files as well as diffs between those versions. Basically, ViewVC provides the bul...
HP Version Control Repository Manager < 7.6.0 Multiple Vulnerabilities
According to its self-reported version, the HP Version Control Repository Manager VCRM application installed on the remote Windows host is prior to 7.6.0. It is, therefore, affected by multiple vulnerabilities : - A denial of service vulnerability exists in OpenSSL in x509vfy.c due to improper...
CVS: Heap-based overflow
Background CVS Concurrent Versions System is an open-source network-transparent version control system. It contains both a client utility and a server. Description A heap-based buffer overflow was discovered in the proxyconnect function in src/client.c in CVS. Impact An attacker, utilizing a remo...
AutoLocalPrivilegeEscalation - An automated script that download potential exploit for linux kernel from exploitdb, and compile them automatically
An automated script that download potential exploit for linux kernel from exploitdb, and compile them automatically This script is created due to Hackademics, there are so much possible exploit for that version of kernel, as a rookie OSCP student, I am not able to find out the correct exploit, al...
HPE Version Control Repository Manager Cross-Site Request Forgery Vulnerability
HPE Version Control Repository Manager VCRM is a repository for storing software and firmware that supports ProLiant servers from HewlettPackardEnterprise HPE, USA. A cross-site request forgery vulnerability exists in HPE Version Control Repository Manager VCRM versions prior to 7.6. A remote...
HPE Version Control Repository Manager File Upload Vulnerability
HPE Version Control Repository Manager VCRM is a repository for storing software and firmware that supports ProLiant servers from HewlettPackardEnterprise HPE, USA. A security vulnerability exists in HPE Version Control Repository Manager VCRM versions prior to 7.6. A remote attacker could exploi...
The vulnerability of the distributed Git version control system allows a hacker to execute arbitrary code.
The vulnerability of the distributed Git version control system arises from a numerical overflow condition. Exploiting this vulnerability allows an attacker, operating remotely, to execute arbitrary code using a long file name or multiple nested trees, which causes a buffer overflow in the dynami...
[SECURITY] Fedora 23 Update: subversion-1.9.4-1.fc23
Subversion is a concurrent version control system which enables one or more users to collaborate in developing and maintaining a hierarchy of files and directories while keeping a history of all changes. Subversion only stores the differences between versions, instead of every complete file...
[SECURITY] Fedora 24 Update: subversion-1.9.4-1.fc24
Subversion is a concurrent version control system which enables one or more users to collaborate in developing and maintaining a hierarchy of files and directories while keeping a history of all changes. Subversion only stores the differences between versions, instead of every complete file...
DLA-459-1 mercurial - security update
Bulletin has no description...
[SECURITY] [DSA 3570-1] mercurial security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3570-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso May 05, 2016 https://www.debian.org/security/faq -...
Debian Security Advisory DSA 3570-1 (mercurial - security update)
Blake Burkhart discovered an arbitrary code execution flaw in Mercurial, a distributed version control system, when using the convert extension on Git repositories with specially crafted names. This flaw in particular affects automated code conversion services that allow arbitrary repository name...
Apple Patches Two Flaws in Xcode's Git Implementation
Apple has updated its Xcode development environment, patching two vulnerabilities in its implementation of git. Git is a version control system, and in March its handlers patched two flaws that exposed the software to remote code execution. The new version of Xcode, 7.3.1, is available for El...
DSA-3561-1 subversion - security update
Bulletin has no description...
UBUNTU-CVE-2016-3069
Mercurial before 3.7.3 allows remote attackers to execute arbitrary code via a crafted name when converting a Git repository...
[SECURITY] [DSA 3542-1] mercurial security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3542-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso April 05, 2016 https://www.debian.org/security/faq -...
DSA-3542-1 mercurial - security update
Bulletin has no description...