Oval Definition:	oval:org.mitre.oval:def:21085
Revision Date: 2014-02-17 Version: 11 Title: RHSA-2013:0589: git security update (Moderate) Description: The imap-send command in GIT before 1.8.1.4 does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate. Family: unix Class: patch Status: ACCEPTED Reference(s): CESA-2013:0589 CVE-2013-0308 RHSA-2013:0589-01 Platform(s): CentOS Linux 6 Red Hat Enterprise Linux 6 Product(s): git Definition Synopsis Redhat 6 or Centos 6 release The operating system installed on the system is Red Hat Enterprise Linux 6 OR The operating system installed on the system is CentOS Linux 6.x AND Packages section git-cvs is earlier than 0:1.7.1-3.el6_4.1 OR git-email is earlier than 0:1.7.1-3.el6_4.1 OR gitk is earlier than 0:1.7.1-3.el6_4.1 OR emacs-git-el is earlier than 0:1.7.1-3.el6_4.1 OR git-daemon is earlier than 0:1.7.1-3.el6_4.1 OR git-svn is earlier than 0:1.7.1-3.el6_4.1 OR git-all is earlier than 0:1.7.1-3.el6_4.1 OR git-gui is earlier than 0:1.7.1-3.el6_4.1 OR emacs-git is earlier than 0:1.7.1-3.el6_4.1 OR gitweb is earlier than 0:1.7.1-3.el6_4.1 OR git is earlier than 0:1.7.1-3.el6_4.1 OR perl-Git is earlier than 0:1.7.1-3.el6_4.1
BACK