Oval Definition:oval:org.opensuse.security:def:58213
Revision Date:2020-12-01Version:1
Title:Security update for git (Important)
Description:

This update for git fixes the following issues:

Security issues fixed:

- CVE-2019-1349: Fixed issue on Windows, when submodules are cloned recursively, under certain circumstances Git could be fooled into using the same Git directory twice (bsc#1158787). - CVE-2019-19604: Fixed a recursive clone followed by a submodule update could execute code contained within the repository without the user explicitly having asked for that (bsc#1158795). - CVE-2019-1387: Fixed recursive clones that are currently affected by a vulnerability that is caused by too-lax validation of submodule names, allowing very targeted attacks via remote code execution in recursive clones (bsc#1158793). - CVE-2019-1354: Fixed issue on Windows that refuses to write tracked files with filenames that contain backslashes (bsc#1158792). - CVE-2019-1353: Fixed issue when run in the Windows Subsystem for Linux while accessing a working directory on a regular Windows drive, none of the NTFS protections were active (bsc#1158791). - CVE-2019-1352: Fixed issue on Windows was unaware of NTFS Alternate Data Streams (bsc#1158790). - CVE-2019-1351: Fixed issue on Windows mistakes drive letters outside of the US-English alphabet as relative paths (bsc#1158789). - CVE-2019-1350: Fixed incorrect quoting of command-line arguments allowed remote code execution during a recursive clone in conjunction with SSH URLs (bsc#1158788). - CVE-2019-1348: Fixed the --export-marks option of fast-import is exposed also via the in-stream command feature export-marks=... and it allows overwriting arbitrary paths (bsc#1158785). - Fixed an issue where git send-email fails to authenticate with SMTP server (bsc#1082023)
Family:unixClass:patch
Status:Reference(s):1002991
1052481
1076366
1082023
1088681
1089834
1090518
1097356
1102840
1105476
1109961
1110949
1112758
1116475
1119902
1124695
1131886
1150011
1158785
1158787
1158788
1158789
1158790
1158791
1158792
1158793
1158795
1160039
1170601
1170715
1171863
1171864
1171866
1172698
1172704
1174421
1174955
1177155
828003
967671
CVE-2013-2131
CVE-2016-7942
CVE-2017-1000117
CVE-2017-15139
CVE-2018-11763
CVE-2018-16839
CVE-2018-17456
CVE-2018-2579
CVE-2018-2582
CVE-2018-2588
CVE-2018-2599
CVE-2018-2602
CVE-2018-2603
CVE-2018-2618
CVE-2018-2629
CVE-2018-2633
CVE-2018-2634
CVE-2018-2637
CVE-2018-2641
CVE-2018-2663
CVE-2018-2677
CVE-2018-2678
CVE-2018-2755
CVE-2018-2761
CVE-2018-2766
CVE-2018-2767
CVE-2018-2771
CVE-2018-2781
CVE-2018-2782
CVE-2018-2784
CVE-2018-2787
CVE-2018-2813
CVE-2018-2817
CVE-2018-2819
CVE-2018-5848
CVE-2019-1348
CVE-2019-1349
CVE-2019-1350
CVE-2019-1351
CVE-2019-1352
CVE-2019-1353
CVE-2019-1354
CVE-2019-1387
CVE-2019-14822
CVE-2019-19604
CVE-2020-10543
CVE-2020-10878
CVE-2020-12723
CVE-2020-15705
CVE-2020-15708
CVE-2020-25637
CVE-2020-8023
SUSE-SU-2016:3001-1
SUSE-SU-2017:0103-1
SUSE-SU-2017:2320-1
SUSE-SU-2018:0663-1
SUSE-SU-2018:1781-2
SUSE-SU-2019:0716-1
SUSE-SU-2019:0996-1
SUSE-SU-2019:2389-1
SUSE-SU-2019:3311-1
SUSE-SU-2020:1662-1
SUSE-SU-2020:1859-1
SUSE-SU-2020:2308-1
SUSE-SU-2020:3143-1
Platform(s):openSUSE Leap 15.0
openSUSE Leap 15.1
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 12 SP2-BCL
SUSE Linux Enterprise Server 12 SP2-ESPOS
SUSE Linux Enterprise Server 12 SP2-LTSS
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-BCL
SUSE Linux Enterprise Server 12 SP3-ESPOS
SUSE Linux Enterprise Server 12 SP3-LTSS
SUSE Linux Enterprise Server 12 SP3-TERADATA
SUSE Linux Enterprise Server 12 SP4
SUSE OpenStack Cloud 7
SUSE OpenStack Cloud 8
SUSE OpenStack Cloud Crowbar 8
SUSE OpenStack Cloud Crowbar 9
Product(s):
Definition Synopsis
  • openSUSE Leap 15.0 is installed
  • AND spice-vdagent-0.17.0-lp150.2 is installed
    • Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND Package Information
  • gnome-shell-3.26.2+20180130.0d9c74212-lp151.7.3 is installed
  • OR gnome-shell-browser-plugin-3.26.2+20180130.0d9c74212-lp151.7.3 is installed
  • OR gnome-shell-calendar-3.26.2+20180130.0d9c74212-lp151.7.3 is installed
  • OR gnome-shell-devel-3.26.2+20180130.0d9c74212-lp151.7.3 is installed
  • OR gnome-shell-lang-3.26.2+20180130.0d9c74212-lp151.7.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • AND Package Information
  • libX11-1.6.2-11 is installed
  • OR libX11-6-1.6.2-11 is installed
  • OR libX11-6-32bit-1.6.2-11 is installed
  • OR libX11-data-1.6.2-11 is installed
  • OR libX11-xcb1-1.6.2-11 is installed
  • OR libX11-xcb1-32bit-1.6.2-11 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-BCL is installed
  • AND Package Information
  • libmysqlclient18-10.0.35-29.20 is installed
  • OR libmysqlclient18-32bit-10.0.35-29.20 is installed
  • OR mariadb-10.0.35-29.20 is installed
  • OR mariadb-client-10.0.35-29.20 is installed
  • OR mariadb-errormessages-10.0.35-29.20 is installed
  • OR mariadb-tools-10.0.35-29.20 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-ESPOS is installed
  • AND Package Information
  • apache2-2.4.23-29.27 is installed
  • OR apache2-doc-2.4.23-29.27 is installed
  • OR apache2-example-pages-2.4.23-29.27 is installed
  • OR apache2-prefork-2.4.23-29.27 is installed
  • OR apache2-utils-2.4.23-29.27 is installed
  • OR apache2-worker-2.4.23-29.27 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-LTSS is installed
  • AND Package Information
  • ibus-1.5.13-15.11 is installed
  • OR ibus-gtk-1.5.13-15.11 is installed
  • OR ibus-gtk3-1.5.13-15.11 is installed
  • OR ibus-lang-1.5.13-15.11 is installed
  • OR libibus-1_0-5-1.5.13-15.11 is installed
  • OR typelib-1_0-IBus-1_0-1.5.13-15.11 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND Package Information
  • java-1_7_0-openjdk-1.7.0.141-42 is installed
  • OR java-1_7_0-openjdk-demo-1.7.0.141-42 is installed
  • OR java-1_7_0-openjdk-devel-1.7.0.141-42 is installed
  • OR java-1_7_0-openjdk-headless-1.7.0.141-42 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-BCL is installed
  • AND Package Information
  • ceph-12.2.13+git.1592168685.85110a3e9d-2.50 is installed
  • OR ceph-common-12.2.13+git.1592168685.85110a3e9d-2.50 is installed
  • OR libcephfs2-12.2.13+git.1592168685.85110a3e9d-2.50 is installed
  • OR librados2-12.2.13+git.1592168685.85110a3e9d-2.50 is installed
  • OR libradosstriper1-12.2.13+git.1592168685.85110a3e9d-2.50 is installed
  • OR librbd1-12.2.13+git.1592168685.85110a3e9d-2.50 is installed
  • OR librgw2-12.2.13+git.1592168685.85110a3e9d-2.50 is installed
  • OR python-cephfs-12.2.13+git.1592168685.85110a3e9d-2.50 is installed
  • OR python-rados-12.2.13+git.1592168685.85110a3e9d-2.50 is installed
  • OR python-rbd-12.2.13+git.1592168685.85110a3e9d-2.50 is installed
  • OR python-rgw-12.2.13+git.1592168685.85110a3e9d-2.50 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-ESPOS is installed
  • AND clamav-0.100.3-33.26 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-LTSS is installed
  • AND Package Information
  • kgraft-patch-4_4_156-94_61-default-8-2 is installed
  • OR kgraft-patch-SLE12-SP3_Update_19-8-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
  • AND Package Information
  • MozillaFirefox-60.5.0esr-109.58 is installed
  • OR MozillaFirefox-branding-SLE-60-32.5 is installed
  • OR MozillaFirefox-translations-common-60.5.0esr-109.58 is installed
  • OR libfreebl3-3.41.1-58.25 is installed
  • OR libfreebl3-32bit-3.41.1-58.25 is installed
  • OR libfreebl3-hmac-3.41.1-58.25 is installed
  • OR libfreebl3-hmac-32bit-3.41.1-58.25 is installed
  • OR libsoftokn3-3.41.1-58.25 is installed
  • OR libsoftokn3-32bit-3.41.1-58.25 is installed
  • OR libsoftokn3-hmac-3.41.1-58.25 is installed
  • OR libsoftokn3-hmac-32bit-3.41.1-58.25 is installed
  • OR mozilla-nss-3.41.1-58.25 is installed
  • OR mozilla-nss-32bit-3.41.1-58.25 is installed
  • OR mozilla-nss-certs-3.41.1-58.25 is installed
  • OR mozilla-nss-certs-32bit-3.41.1-58.25 is installed
  • OR mozilla-nss-sysinit-3.41.1-58.25 is installed
  • OR mozilla-nss-sysinit-32bit-3.41.1-58.25 is installed
  • OR mozilla-nss-tools-3.41.1-58.25 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND hardlink-1.0-6 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 7 is installed
  • AND Package Information
  • git-2.12.3-27.22 is installed
  • OR git-core-2.12.3-27.22 is installed
  • OR git-doc-2.12.3-27.22 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 8 is installed
  • AND cobbler-2.6.6-49.14 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 8 is installed
  • AND Package Information
  • glib2-2.48.2-12.15 is installed
  • OR glib2-lang-2.48.2-12.15 is installed
  • OR glib2-tools-2.48.2-12.15 is installed
  • OR libgio-2_0-0-2.48.2-12.15 is installed
  • OR libgio-2_0-0-32bit-2.48.2-12.15 is installed
  • OR libglib-2_0-0-2.48.2-12.15 is installed
  • OR libglib-2_0-0-32bit-2.48.2-12.15 is installed
  • OR libgmodule-2_0-0-2.48.2-12.15 is installed
  • OR libgmodule-2_0-0-32bit-2.48.2-12.15 is installed
  • OR libgobject-2_0-0-2.48.2-12.15 is installed
  • OR libgobject-2_0-0-32bit-2.48.2-12.15 is installed
  • OR libgthread-2_0-0-2.48.2-12.15 is installed
  • OR libgthread-2_0-0-32bit-2.48.2-12.15 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 9 is installed
  • AND mailman-2.1.17-3.23 is installed
    • BACK