Oval Definition:oval:org.mitre.oval:def:12423
Revision Date:2014-07-21Version:20
Title:DSA-2114-1 git-core -- buffer overflow
Description:The Debian stable point release 5.0.6 included updated packages of the Git revision control system in order to fix a security issue. Unfortunately, the update introduced a regression which could make it impossible to clone or create git repositories. This upgrade fixes this regression, which is tracked as Debian bug #595728. The original security issue allowed an attacker to execute arbitrary code if he could trick a local user to execute a git command in a crafted working directory. For the stable distribution, this problem has been fixed in version 1.5.6.5-3+lenny3.2. The packages for the hppa architecture are not included in this advisory. However, the hppa architecture is not known to be affected by the regression. For the testing distribution and the unstable distribution, the security issue has been fixed in version 1.7.1-1.1. These distributions were not affected by the regression. We recommend that you upgrade your git-core packages.
Family:unixClass:patch
Status:ACCEPTEDReference(s):CVE-2010-2542
DSA-2114-1
Platform(s):Debian GNU/Linux 5.0
Product(s):git-core
Definition Synopsis
  • Debian GNU/Linux 5.0 is installed
  • AND Architecture section
  • Architecture independet section
  • Installed architecture is all
  • AND Packages section
  • git-gui DPKG is earlier than 1.5.6.5-3+lenny3.2
  • OR git-daemon-run DPKG is earlier than 1.5.6.5-3+lenny3.2
  • OR gitweb DPKG is earlier than 1.5.6.5-3+lenny3.2
  • OR git-doc DPKG is earlier than 1.5.6.5-3+lenny3.2
  • OR git-svn DPKG is earlier than 1.5.6.5-3+lenny3.2
  • OR git-arch DPKG is earlier than 1.5.6.5-3+lenny3.2
  • OR git-cvs DPKG is earlier than 1.5.6.5-3+lenny3.2
  • OR git-email DPKG is earlier than 1.5.6.5-3+lenny3.2
  • OR gitk DPKG is earlier than 1.5.6.5-3+lenny3.2
  • OR git-core DPKG is earlier than 1.5.6.5-3+lenny3.2
    • BACK