Synopsis:          Important: git security update
Advisory ID:       SLSA-2016:0496-1
Issue Date:        2016-03-23
CVE Numbers:       CVE-2016-2315
                   CVE-2016-2324
--

An integer truncation flaw and an integer overflow flaw, both leading to a
heap-based buffer overflow, were found in the way Git processed certain
path information. A remote attacker could create a specially crafted Git
repository that would cause a Git client or server to crash or, possibly,
execute arbitrary code. (CVE-2016-2315, CVE-2016-2324)
--

SL6
  x86_64
    git-1.7.1-4.el6_7.1.x86_64.rpm
    git-daemon-1.7.1-4.el6_7.1.x86_64.rpm
    git-debuginfo-1.7.1-4.el6_7.1.x86_64.rpm
  i386
    git-1.7.1-4.el6_7.1.i686.rpm
    git-daemon-1.7.1-4.el6_7.1.i686.rpm
    git-debuginfo-1.7.1-4.el6_7.1.i686.rpm
  noarch
    emacs-git-1.7.1-4.el6_7.1.noarch.rpm
    emacs-git-el-1.7.1-4.el6_7.1.noarch.rpm
    git-all-1.7.1-4.el6_7.1.noarch.rpm
    git-cvs-1.7.1-4.el6_7.1.noarch.rpm
    git-email-1.7.1-4.el6_7.1.noarch.rpm
    git-gui-1.7.1-4.el6_7.1.noarch.rpm
    git-svn-1.7.1-4.el6_7.1.noarch.rpm
    gitk-1.7.1-4.el6_7.1.noarch.rpm
    gitweb-1.7.1-4.el6_7.1.noarch.rpm
    perl-Git-1.7.1-4.el6_7.1.noarch.rpm
SL7
  x86_64
    git-1.8.3.1-6.el7_2.1.x86_64.rpm
    git-daemon-1.8.3.1-6.el7_2.1.x86_64.rpm
    git-debuginfo-1.8.3.1-6.el7_2.1.x86_64.rpm
    git-svn-1.8.3.1-6.el7_2.1.x86_64.rpm
  noarch
    emacs-git-1.8.3.1-6.el7_2.1.noarch.rpm
    emacs-git-el-1.8.3.1-6.el7_2.1.noarch.rpm
    git-all-1.8.3.1-6.el7_2.1.noarch.rpm
    git-bzr-1.8.3.1-6.el7_2.1.noarch.rpm
    git-cvs-1.8.3.1-6.el7_2.1.noarch.rpm
    git-email-1.8.3.1-6.el7_2.1.noarch.rpm
    git-gui-1.8.3.1-6.el7_2.1.noarch.rpm
    git-hg-1.8.3.1-6.el7_2.1.noarch.rpm
    git-p4-1.8.3.1-6.el7_2.1.noarch.rpm
    gitk-1.8.3.1-6.el7_2.1.noarch.rpm
    gitweb-1.8.3.1-6.el7_2.1.noarch.rpm
    perl-Git-1.8.3.1-6.el7_2.1.noarch.rpm
    perl-Git-SVN-1.8.3.1-6.el7_2.1.noarch.rpm

- Scientific Linux Development Team