git is vulnerable to information disclosure. The path sanity check in is_ntfs_dotgit()
on NTFS allows an attacker to read arbitrary memory.
CPE | Name | Operator | Version |
---|---|---|---|
rh-git29-git | eq | 2.9.3__3.el7 | |
rh-git29-git | eq | 2.9.3__3.el6 | |
rh-git29-git | eq | 2.9.3__2.el6 | |
git:3.6 | eq | 2.13.7-r2 |
lists.opensuse.org/opensuse-security-announce/2020-05/msg00003.html
www.securityfocus.com/bid/104346
www.securitytracker.com/id/1040991
access.redhat.com/errata/RHSA-2018:2147
access.redhat.com/security/updates/classification/#important
marc.info/?l=git&m=152761328506724&w=2
security.gentoo.org/glsa/201805-13
usn.ubuntu.com/3671-1/