SCIENTIFIC-LINUX-ERRATA Archives

December 2015

SCIENTIFIC-LINUX-ERRATA@LISTSERV.FNAL.GOV
Options: Use Monospaced Font
Show Text Part by Default
Show All Mail Headers

Message: [<< First] [< Prev] [Next >] [Last >>]
Topic: [<< First] [< Prev] [Next >] [Last >>]
Author: [<< First] [< Prev] [Next >] [Last >>]

Print Reply
Subject:
Security ERRATA Moderate: git on SL7.x x86_64
From:
Pat Riehecky <[log in to unmask]>
Reply To:
[log in to unmask]
Date:
Mon, 21 Dec 2015 23:17:12 +0000
Content-Type:
text/plain
Parts/Attachments:
text/plain (35 lines) 
Synopsis:          Moderate: git security update
Advisory ID:       SLSA-2015:2561-1
Issue Date:        2015-12-08
CVE Numbers:       None
--

A flaw was found in the way the git-remote-ext helper processed certain
URLs. If a user had Git configured to automatically clone submodules from
untrusted repositories, an attacker could inject commands into the URL of
a submodule, allowing them to execute arbitrary code on the user's system.
--

SL7
  x86_64
    git-1.8.3.1-6.el7.x86_64.rpm
    git-daemon-1.8.3.1-6.el7.x86_64.rpm
    git-debuginfo-1.8.3.1-6.el7.x86_64.rpm
    git-svn-1.8.3.1-6.el7.x86_64.rpm
  noarch
    emacs-git-1.8.3.1-6.el7.noarch.rpm
    emacs-git-el-1.8.3.1-6.el7.noarch.rpm
    git-all-1.8.3.1-6.el7.noarch.rpm
    git-bzr-1.8.3.1-6.el7.noarch.rpm
    git-cvs-1.8.3.1-6.el7.noarch.rpm
    git-email-1.8.3.1-6.el7.noarch.rpm
    git-gui-1.8.3.1-6.el7.noarch.rpm
    git-hg-1.8.3.1-6.el7.noarch.rpm
    git-p4-1.8.3.1-6.el7.noarch.rpm
    gitk-1.8.3.1-6.el7.noarch.rpm
    gitweb-1.8.3.1-6.el7.noarch.rpm
    perl-Git-1.8.3.1-6.el7.noarch.rpm
    perl-Git-SVN-1.8.3.1-6.el7.noarch.rpm

- Scientific Linux Development Team

ATOM RSS1 RSS2