Oval Definition:oval:org.mitre.oval:def:8099
Revision Date:2014-06-23Version:17
Title:DSA-1777 git-core -- file permission error
Description:Peter Palfrader discovered that in the Git revision control system, on some architectures files under /usr/share/git-core/templates/ were owned by a non-root user. This allows a user with that uid on the local system to write to these files and possibly escalate their privileges. This issue only affects the DEC Alpha and MIPS (big and little endian) architectures.
Family:unixClass:patch
Status:ACCEPTEDReference(s):DSA-1777
Platform(s):Debian GNU/Linux 4.0
Debian GNU/Linux 5.0
Product(s):git-core
Definition Synopsis
  • Release section
  • Debian GNU/Linux 5.0 is installed
  • AND Architecture section
  • Architecture independent section
  • Installed architecture is all
  • AND Packages section
  • gitweb is earlier than 1.5.6.5-3+lenny1
  • OR git-arch is earlier than 1.5.6.5-3+lenny1
  • OR gitk is earlier than 1.5.6.5-3+lenny1
  • OR git-gui is earlier than 1.5.6.5-3+lenny1
  • OR git-daemon-run is earlier than 1.5.6.5-3+lenny1
  • OR git-doc is earlier than 1.5.6.5-3+lenny1
  • OR git-svn is earlier than 1.5.6.5-3+lenny1
  • OR git-cvs is earlier than 1.5.6.5-3+lenny1
  • OR git-email is earlier than 1.5.6.5-3+lenny1
  • OR Architecture dependent section
  • Supported architectures section
  • Installed architecture is s390
  • OR Installed architecture is amd64
  • OR Installed architecture is sparc
  • OR Installed architecture is arm
  • OR Installed architecture is i386
  • OR Installed architecture is armel
  • OR Installed architecture is mips
  • OR Installed architecture is ia64
  • OR Installed architecture is alpha
  • OR Installed architecture is powerpc
  • OR Installed architecture is mipsel
  • OR Installed architecture is hppa
  • AND git-core is earlier than 1.5.6.5-3+lenny1
  • OR Release section
  • Debian GNU/Linux 4.0 is installed.
  • AND Architecture section
  • Architecture independent section
  • Installed architecture is all
  • AND Packages section
  • gitweb is earlier than 1.4.4.4-4+etch2
  • OR git-arch is earlier than 1.4.4.4-4+etch2
  • OR gitk is earlier than 1.4.4.4-4+etch2
  • OR git-daemon-run is earlier than 1.4.4.4-4+etch2
  • OR git-doc is earlier than 1.4.4.4-4+etch2
  • OR git-svn is earlier than 1.4.4.4-4+etch2
  • OR git-cvs is earlier than 1.4.4.4-4+etch2
  • OR git-email is earlier than 1.4.4.4-4+etch2
  • OR git-core is earlier than 1.4.4.4-4+etch2
    • BACK