Oval Definition:oval:org.mitre.oval:def:13117
Revision Date:2014-06-23Version:20
Title:DSA-1841-2 git-core -- several
Description:A bug in git-core caused the security update in DSA 1841 to fail to build on a number of architectures Debian supports. This update corrects the bug and releases builds for all supported architectures. The original advisory is quoted in full below for reference. It was discovered that git-daemon which is part of git-core, a popular distributed revision control system, is vulnerable to denial of service attacks caused by a programming mistake in handling requests containing extra unrecognized arguments which results in an infinite loop. While this is no problem for the daemon itself as every request will spawn a new git-daemon instance, this still results in a very high CPU consumption and might lead to denial of service conditions. For the oldstable distribution, this problem has been fixed in version 1.4.4.4-4+etch4. For the stable distribution, this problem has been fixed in version 1.5.6.5-3+lenny3. For the testing distribution, this problem has been fixed in version 1:1.6.3.3-1. For the unstable distribution, this problem has been fixed in version 1:1.6.3.3-1. We recommend that you upgrade your git-core packages.
Family:unixClass:patch
Status:ACCEPTEDReference(s):CVE-2009-2108
DSA-1841-2
Platform(s):Debian GNU/Linux 4.0
Debian GNU/Linux 5.0
Product(s):git-core
Definition Synopsis
  • Release section
  • Debian GNU/Linux 5.0 is installed
  • AND Architecture section
  • Architecture independet section
  • Installed architecture is all
  • AND Packages section
  • git-gui DPKG is earlier than 1.5.6.5-3+lenny3
  • OR git-daemon-run DPKG is earlier than 1.5.6.5-3+lenny3
  • OR gitweb DPKG is earlier than 1.5.6.5-3+lenny3
  • OR git-doc DPKG is earlier than 1.5.6.5-3+lenny3
  • OR git-svn DPKG is earlier than 1.5.6.5-3+lenny3
  • OR git-arch DPKG is earlier than 1.5.6.5-3+lenny3
  • OR git-cvs DPKG is earlier than 1.5.6.5-3+lenny3
  • OR git-email DPKG is earlier than 1.5.6.5-3+lenny3
  • OR gitk DPKG is earlier than 1.5.6.5-3+lenny3
  • OR Architecture depended section
  • Supported architectures section
  • Installed architecture is s390
  • OR Installed architecture is amd64
  • OR Installed architecture is sparc
  • OR Installed architecture is arm
  • OR Installed architecture is i386
  • OR Installed architecture is armel
  • OR Installed architecture is mips
  • OR Installed architecture is ia64
  • OR Installed architecture is alpha
  • OR Installed architecture is powerpc
  • OR Installed architecture is mipsel
  • OR Installed architecture is hppa
  • AND git-core DPKG is earlier than 1.5.6.5-3+lenny3
  • OR Release section
  • Debian GNU/Linux 4.0 is installed.
  • AND Architecture section
  • Architecture independet section
  • Installed architecture is all
  • AND Packages section
  • git-daemon-run DPKG is earlier than 1.4.4.4-4+etch4
  • OR gitweb DPKG is earlier than 1.4.4.4-4+etch4
  • OR git-doc DPKG is earlier than 1.4.4.4-4+etch4
  • OR git-svn DPKG is earlier than 1.4.4.4-4+etch4
  • OR git-arch DPKG is earlier than 1.4.4.4-4+etch4
  • OR git-cvs DPKG is earlier than 1.4.4.4-4+etch4
  • OR git-email DPKG is earlier than 1.4.4.4-4+etch4
  • OR gitk DPKG is earlier than 1.4.4.4-4+etch4
  • OR git-core DPKG is earlier than 1.4.4.4-4+etch4
    • BACK