Oval Definition:oval:org.opensuse.security:def:60669
Revision Date:2020-12-01Version:1
Title:Security update for git (Important)
Description:

This update for git fixes the following issues:

Security issues fixed:

- CVE-2019-1349: Fixed issue on Windows, when submodules are cloned recursively, under certain circumstances Git could be fooled into using the same Git directory twice (bsc#1158787). - CVE-2019-19604: Fixed a recursive clone followed by a submodule update could execute code contained within the repository without the user explicitly having asked for that (bsc#1158795). - CVE-2019-1387: Fixed recursive clones that are currently affected by a vulnerability that is caused by too-lax validation of submodule names, allowing very targeted attacks via remote code execution in recursive clones (bsc#1158793). - CVE-2019-1354: Fixed issue on Windows that refuses to write tracked files with filenames that contain backslashes (bsc#1158792). - CVE-2019-1353: Fixed issue when run in the Windows Subsystem for Linux while accessing a working directory on a regular Windows drive, none of the NTFS protections were active (bsc#1158791). - CVE-2019-1352: Fixed issue on Windows was unaware of NTFS Alternate Data Streams (bsc#1158790). - CVE-2019-1351: Fixed issue on Windows mistakes drive letters outside of the US-English alphabet as relative paths (bsc#1158789). - CVE-2019-1350: Fixed incorrect quoting of command-line arguments allowed remote code execution during a recursive clone in conjunction with SSH URLs (bsc#1158788). - CVE-2019-1348: Fixed the --export-marks option of fast-import is exposed also via the in-stream command feature export-marks=... and it allows overwriting arbitrary paths (bsc#1158785). - Fixed an issue where git send-email fails to authenticate with SMTP server (bsc#1082023)
Family:unixClass:patch
Status:Reference(s):1039291
1042657
1053431
1055857
1057460
1059893
1076390
1077717
1082023
1082810
1085018
1101295
1103737
1104448
1115034
1117080
1117840
1120943
1122292
1122299
1123191
1141780
1141782
1141783
1141785
1141787
1141789
1142772
1145604
1145692
1147021
1148158
1149792
1151021
1152007
1154235
1155089
1155942
1156305
1156669
1156914
1157028
1157206
1157482
1158675
1158785
1158787
1158788
1158789
1158790
1158791
1158792
1158793
1158795
1160048
1160770
1160878
1160883
1160895
1160912
1161351
1161517
1162388
1168930
1169605
1169786
1169936
1170302
1170643
1170741
1170939
1171352
1171475
1171847
1172105
1172116
1172121
1173477
1173691
1173694
1173700
1173701
1173743
1173874
1173875
1173876
1173880
1174157
1174922
1174923
1177943
929900
955131
956357
964458
966304
982826
CVE-2016-10040
CVE-2016-6328
CVE-2017-1002201
CVE-2017-10053
CVE-2017-10067
CVE-2017-10074
CVE-2017-10078
CVE-2017-10081
CVE-2017-10087
CVE-2017-10089
CVE-2017-10090
CVE-2017-10096
CVE-2017-10101
CVE-2017-10102
CVE-2017-10105
CVE-2017-10107
CVE-2017-10108
CVE-2017-10109
CVE-2017-10110
CVE-2017-10111
CVE-2017-10115
CVE-2017-10116
CVE-2017-10125
CVE-2017-10243
CVE-2017-18379
CVE-2017-18922
CVE-2017-7544
CVE-2018-10873
CVE-2018-10893
CVE-2018-11212
CVE-2018-14424
CVE-2018-17954
CVE-2018-20030
CVE-2018-21247
CVE-2018-2579
CVE-2018-2582
CVE-2018-2588
CVE-2018-2599
CVE-2018-2602
CVE-2018-2603
CVE-2018-2618
CVE-2018-2633
CVE-2018-2634
CVE-2018-2637
CVE-2018-2641
CVE-2018-2657
CVE-2018-2663
CVE-2018-2677
CVE-2018-2678
CVE-2019-1010180
CVE-2019-11771
CVE-2019-11772
CVE-2019-11775
CVE-2019-13117
CVE-2019-1348
CVE-2019-1349
CVE-2019-1350
CVE-2019-1351
CVE-2019-1352
CVE-2019-1353
CVE-2019-1354
CVE-2019-1387
CVE-2019-14835
CVE-2019-16770
CVE-2019-18901
CVE-2019-19604
CVE-2019-20839
CVE-2019-20840
CVE-2019-2449
CVE-2019-2737
CVE-2019-2739
CVE-2019-2740
CVE-2019-2758
CVE-2019-2762
CVE-2019-2766
CVE-2019-2769
CVE-2019-2786
CVE-2019-2805
CVE-2019-2816
CVE-2019-2938
CVE-2019-2974
CVE-2019-4473
CVE-2019-7317
CVE-2019-9278
CVE-2020-0093
CVE-2020-11008
CVE-2020-12673
CVE-2020-12674
CVE-2020-12767
CVE-2020-13112
CVE-2020-13113
CVE-2020-13114
CVE-2020-14397
CVE-2020-14398
CVE-2020-14399
CVE-2020-14400
CVE-2020-14401
CVE-2020-14402
CVE-2020-14403
CVE-2020-14404
CVE-2020-14556
CVE-2020-14577
CVE-2020-14578
CVE-2020-14579
CVE-2020-14581
CVE-2020-14583
CVE-2020-14593
CVE-2020-14621
CVE-2020-14779
CVE-2020-14781
CVE-2020-14782
CVE-2020-14792
CVE-2020-14796
CVE-2020-14797
CVE-2020-14798
CVE-2020-14803
CVE-2020-2574
CVE-2020-3899
CVE-2020-5260
CVE-2020-7595
SUSE-SU-2017:2263-1
SUSE-SU-2018:0694-1
SUSE-SU-2019:2371-1
SUSE-SU-2019:2600-1
SUSE-SU-2019:2916-1
SUSE-SU-2019:3311-1
SUSE-SU-2020:0640-1
SUSE-SU-2020:1295-1
SUSE-SU-2020:1534-1
SUSE-SU-2020:2167-1
SUSE-SU-2020:2274-1
SUSE-SU-2020:3191-1
Platform(s):openSUSE Leap 15.0
openSUSE Leap 15.1
openSUSE Leap 15.1 NonFree
openSUSE Leap 15.2
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-BCL
SUSE Linux Enterprise Server 12 SP3-ESPOS
SUSE Linux Enterprise Server 12 SP3-LTSS
SUSE Linux Enterprise Server 12 SP3-TERADATA
SUSE Linux Enterprise Server 12 SP4
SUSE OpenStack Cloud 8
SUSE OpenStack Cloud 9
SUSE OpenStack Cloud Crowbar 8
SUSE OpenStack Cloud Crowbar 9
Product(s):
Definition Synopsis
  • openSUSE Leap 15.0 is installed
  • AND Package Information
  • MozillaThunderbird-60.2.1-lp150.3.19 is installed
  • OR MozillaThunderbird-buildsymbols-60.2.1-lp150.3.19 is installed
  • OR MozillaThunderbird-translations-common-60.2.1-lp150.3.19 is installed
  • OR MozillaThunderbird-translations-other-60.2.1-lp150.3.19 is installed
    • Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND Package Information
  • exempi-2.4.5-lp151.3.3 is installed
  • OR exempi-tools-2.4.5-lp151.3.3 is installed
  • OR libexempi-devel-2.4.5-lp151.3.3 is installed
  • OR libexempi3-2.4.5-lp151.3.3 is installed
  • OR libexempi3-32bit-2.4.5-lp151.3.3 is installed
    • Definition Synopsis
  • openSUSE Leap 15.1 NonFree is installed
  • AND opera-65.0.3467.62-lp151.2.9 is installed
    • Definition Synopsis
  • openSUSE Leap 15.2 is installed
  • AND Package Information
  • bbswitch-0.8-lp152.6.2 is installed
  • OR bbswitch-kmp-default-0.8_k5.3.18_lp152.36-lp152.6.2 is installed
  • OR bbswitch-kmp-preempt-0.8_k5.3.18_lp152.36-lp152.6.2 is installed
  • OR crash-7.2.8-lp152.3.2 is installed
  • OR crash-devel-7.2.8-lp152.3.2 is installed
  • OR crash-doc-7.2.8-lp152.3.2 is installed
  • OR crash-eppic-7.2.8-lp152.3.2 is installed
  • OR crash-gcore-7.2.8-lp152.3.2 is installed
  • OR crash-kmp-default-7.2.8_k5.3.18_lp152.36-lp152.3.2 is installed
  • OR crash-kmp-preempt-7.2.8_k5.3.18_lp152.36-lp152.3.2 is installed
  • OR dpdk-19.11.1-lp152.2.5 is installed
  • OR dpdk-devel-19.11.1-lp152.2.5 is installed
  • OR dpdk-doc-19.11.1-lp152.2.5 is installed
  • OR dpdk-examples-19.11.1-lp152.2.5 is installed
  • OR dpdk-kmp-default-19.11.1_k5.3.18_lp152.36-lp152.2.5 is installed
  • OR dpdk-kmp-preempt-19.11.1_k5.3.18_lp152.36-lp152.2.5 is installed
  • OR dpdk-tools-19.11.1-lp152.2.5 is installed
  • OR drbd-9.0.22~1+git.fe2b5983-lp152.2.2 is installed
  • OR drbd-kmp-default-9.0.22~1+git.fe2b5983_k5.3.18_lp152.36-lp152.2.2 is installed
  • OR drbd-kmp-preempt-9.0.22~1+git.fe2b5983_k5.3.18_lp152.36-lp152.2.2 is installed
  • OR hdjmod-1.28-lp152.6.2 is installed
  • OR hdjmod-kmp-default-1.28_k5.3.18_lp152.36-lp152.6.2 is installed
  • OR hdjmod-kmp-preempt-1.28_k5.3.18_lp152.36-lp152.6.2 is installed
  • OR kernel-debug-5.3.18-lp152.36 is installed
  • OR kernel-debug-devel-5.3.18-lp152.36 is installed
  • OR kernel-default-5.3.18-lp152.36 is installed
  • OR kernel-default-devel-5.3.18-lp152.36 is installed
  • OR kernel-devel-5.3.18-lp152.36 is installed
  • OR kernel-docs-5.3.18-lp152.36 is installed
  • OR kernel-docs-html-5.3.18-lp152.36 is installed
  • OR kernel-kvmsmall-5.3.18-lp152.36 is installed
  • OR kernel-kvmsmall-devel-5.3.18-lp152.36 is installed
  • OR kernel-macros-5.3.18-lp152.36 is installed
  • OR kernel-obs-build-5.3.18-lp152.36 is installed
  • OR kernel-obs-qa-5.3.18-lp152.36 is installed
  • OR kernel-preempt-5.3.18-lp152.36 is installed
  • OR kernel-preempt-devel-5.3.18-lp152.36 is installed
  • OR kernel-source-5.3.18-lp152.36 is installed
  • OR kernel-source-vanilla-5.3.18-lp152.36 is installed
  • OR kernel-syms-5.3.18-lp152.36 is installed
  • OR libdpdk-20_0-19.11.1-lp152.2.5 is installed
  • OR mhvtl-1.62-lp152.2.2 is installed
  • OR mhvtl-kmp-default-1.62_k5.3.18_lp152.36-lp152.2.2 is installed
  • OR mhvtl-kmp-preempt-1.62_k5.3.18_lp152.36-lp152.2.2 is installed
  • OR openafs-1.8.5-lp152.2.2 is installed
  • OR openafs-authlibs-1.8.5-lp152.2.2 is installed
  • OR openafs-authlibs-devel-1.8.5-lp152.2.2 is installed
  • OR openafs-client-1.8.5-lp152.2.2 is installed
  • OR openafs-devel-1.8.5-lp152.2.2 is installed
  • OR openafs-fuse_client-1.8.5-lp152.2.2 is installed
  • OR openafs-kernel-source-1.8.5-lp152.2.2 is installed
  • OR openafs-kmp-default-1.8.5_k5.3.18_lp152.36-lp152.2.2 is installed
  • OR openafs-kmp-preempt-1.8.5_k5.3.18_lp152.36-lp152.2.2 is installed
  • OR openafs-server-1.8.5-lp152.2.2 is installed
  • OR pcfclock-0.44-lp152.4.2 is installed
  • OR pcfclock-kmp-default-0.44_k5.3.18_lp152.36-lp152.4.2 is installed
  • OR pcfclock-kmp-preempt-0.44_k5.3.18_lp152.36-lp152.4.2 is installed
  • OR python3-virtualbox-6.1.10-lp152.2.2 is installed
  • OR rtl8812au-5.6.4.2+git20200318.49e98ff-lp152.2.2 is installed
  • OR rtl8812au-kmp-default-5.6.4.2+git20200318.49e98ff_k5.3.18_lp152.36-lp152.2.2 is installed
  • OR rtl8812au-kmp-preempt-5.6.4.2+git20200318.49e98ff_k5.3.18_lp152.36-lp152.2.2 is installed
  • OR sysdig-0.26.5-lp152.3.2 is installed
  • OR sysdig-kmp-default-0.26.5_k5.3.18_lp152.36-lp152.3.2 is installed
  • OR sysdig-kmp-preempt-0.26.5_k5.3.18_lp152.36-lp152.3.2 is installed
  • OR v4l2loopback-0.12.5-lp152.2.2 is installed
  • OR v4l2loopback-kmp-default-0.12.5_k5.3.18_lp152.36-lp152.2.2 is installed
  • OR v4l2loopback-kmp-preempt-0.12.5_k5.3.18_lp152.36-lp152.2.2 is installed
  • OR v4l2loopback-utils-0.12.5-lp152.2.2 is installed
  • OR vhba-kmp-20200106-lp152.2.2 is installed
  • OR vhba-kmp-default-20200106_k5.3.18_lp152.36-lp152.2.2 is installed
  • OR vhba-kmp-preempt-20200106_k5.3.18_lp152.36-lp152.2.2 is installed
  • OR virtualbox-6.1.10-lp152.2.2 is installed
  • OR virtualbox-devel-6.1.10-lp152.2.2 is installed
  • OR virtualbox-guest-desktop-icons-6.1.10-lp152.2.2 is installed
  • OR virtualbox-guest-source-6.1.10-lp152.2.2 is installed
  • OR virtualbox-guest-tools-6.1.10-lp152.2.2 is installed
  • OR virtualbox-guest-x11-6.1.10-lp152.2.2 is installed
  • OR virtualbox-host-source-6.1.10-lp152.2.2 is installed
  • OR virtualbox-kmp-default-6.1.10_k5.3.18_lp152.36-lp152.2.2 is installed
  • OR virtualbox-kmp-preempt-6.1.10_k5.3.18_lp152.36-lp152.2.2 is installed
  • OR virtualbox-qt-6.1.10-lp152.2.2 is installed
  • OR virtualbox-vnc-6.1.10-lp152.2.2 is installed
  • OR virtualbox-websrv-6.1.10-lp152.2.2 is installed
  • OR xtables-addons-3.9-lp152.2.2 is installed
  • OR xtables-addons-kmp-default-3.9_k5.3.18_lp152.36-lp152.2.2 is installed
  • OR xtables-addons-kmp-preempt-3.9_k5.3.18_lp152.36-lp152.2.2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND Package Information
  • java-1_8_0-ibm-1.8.0_sr4.10-30.5 is installed
  • OR java-1_8_0-ibm-alsa-1.8.0_sr4.10-30.5 is installed
  • OR java-1_8_0-ibm-plugin-1.8.0_sr4.10-30.5 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-BCL is installed
  • AND Package Information
  • java-1_8_0-ibm-1.8.0_sr5.40-30.54 is installed
  • OR java-1_8_0-ibm-alsa-1.8.0_sr5.40-30.54 is installed
  • OR java-1_8_0-ibm-plugin-1.8.0_sr5.40-30.54 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-ESPOS is installed
  • AND Package Information
  • libjavascriptcoregtk-4_0-18-2.28.2-2.53 is installed
  • OR libwebkit2gtk-4_0-37-2.28.2-2.53 is installed
  • OR libwebkit2gtk3-lang-2.28.2-2.53 is installed
  • OR typelib-1_0-JavaScriptCore-4_0-2.28.2-2.53 is installed
  • OR typelib-1_0-WebKit2-4_0-2.28.2-2.53 is installed
  • OR webkit2gtk-4_0-injected-bundles-2.28.2-2.53 is installed
  • OR webkit2gtk3-2.28.2-2.53 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-LTSS is installed
  • AND Package Information
  • kgraft-patch-4_4_156-94_61-default-8-2 is installed
  • OR kgraft-patch-SLE12-SP3_Update_19-8-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
  • AND Package Information
  • libQtWebKit4-4.8.7+2.3.4-4.7 is installed
  • OR libQtWebKit4-32bit-4.8.7+2.3.4-4.7 is installed
  • OR libqca2-2.0.3-17.7 is installed
  • OR libqca2-32bit-2.0.3-17.7 is installed
  • OR libqt4-4.8.7-8.8 is installed
  • OR libqt4-32bit-4.8.7-8.8 is installed
  • OR libqt4-devel-doc-4.8.7-8.8 is installed
  • OR libqt4-qt3support-4.8.7-8.8 is installed
  • OR libqt4-qt3support-32bit-4.8.7-8.8 is installed
  • OR libqt4-sql-4.8.7-8.8 is installed
  • OR libqt4-sql-32bit-4.8.7-8.8 is installed
  • OR libqt4-sql-mysql-4.8.7-8.8 is installed
  • OR libqt4-sql-plugins-4.8.7-8.8 is installed
  • OR libqt4-sql-sqlite-4.8.7-8.8 is installed
  • OR libqt4-x11-4.8.7-8.8 is installed
  • OR libqt4-x11-32bit-4.8.7-8.8 is installed
  • OR qt4-x11-tools-4.8.7-8.8 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND Package Information
  • ceph-common-12.2.8+git.1536505967.080f2248ff-2.15 is installed
  • OR libcephfs2-12.2.8+git.1536505967.080f2248ff-2.15 is installed
  • OR librados2-12.2.8+git.1536505967.080f2248ff-2.15 is installed
  • OR libradosstriper1-12.2.8+git.1536505967.080f2248ff-2.15 is installed
  • OR librbd1-12.2.8+git.1536505967.080f2248ff-2.15 is installed
  • OR librgw2-12.2.8+git.1536505967.080f2248ff-2.15 is installed
  • OR python-cephfs-12.2.8+git.1536505967.080f2248ff-2.15 is installed
  • OR python-rados-12.2.8+git.1536505967.080f2248ff-2.15 is installed
  • OR python-rbd-12.2.8+git.1536505967.080f2248ff-2.15 is installed
  • OR python-rgw-12.2.8+git.1536505967.080f2248ff-2.15 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 8 is installed
  • AND Package Information
  • git-2.12.3-27.22 is installed
  • OR git-core-2.12.3-27.22 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 9 is installed
  • AND Package Information
  • libfreebl3-3.53.1-58.48 is installed
  • OR libfreebl3-32bit-3.53.1-58.48 is installed
  • OR libfreebl3-hmac-3.53.1-58.48 is installed
  • OR libfreebl3-hmac-32bit-3.53.1-58.48 is installed
  • OR libsoftokn3-3.53.1-58.48 is installed
  • OR libsoftokn3-32bit-3.53.1-58.48 is installed
  • OR libsoftokn3-hmac-3.53.1-58.48 is installed
  • OR libsoftokn3-hmac-32bit-3.53.1-58.48 is installed
  • OR mozilla-nspr-4.25-19.15 is installed
  • OR mozilla-nspr-32bit-4.25-19.15 is installed
  • OR mozilla-nspr-devel-4.25-19.15 is installed
  • OR mozilla-nss-3.53.1-58.48 is installed
  • OR mozilla-nss-32bit-3.53.1-58.48 is installed
  • OR mozilla-nss-certs-3.53.1-58.48 is installed
  • OR mozilla-nss-certs-32bit-3.53.1-58.48 is installed
  • OR mozilla-nss-devel-3.53.1-58.48 is installed
  • OR mozilla-nss-sysinit-3.53.1-58.48 is installed
  • OR mozilla-nss-sysinit-32bit-3.53.1-58.48 is installed
  • OR mozilla-nss-tools-3.53.1-58.48 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 8 is installed
  • AND gdb-8.3.1-2.14 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 9 is installed
  • AND Package Information
  • xorg-x11-server-1.19.6-4.11 is installed
  • OR xorg-x11-server-extra-1.19.6-4.11 is installed
    • BACK