Advisories » MGASA-2015-0396

Updated git packages fix security vulnerability

Publication date: 13 Oct 2015
Modification date: 13 Oct 2015
Type: security
Affected Mageia releases : 5
CVE: CVE pending

Description

The git package has been updated to version 2.3.10, fixing a few security
issues.  These include buffer and integer overflow issues with long file
path names and large files, as well as a remote code execution flaw with
some protocols like git-remote-ext and specially crafted URLs.  See the
upstream release notes for details.
                

References

• https://bugs.mageia.org/show_bug.cgi?id=16913
• https://raw.githubusercontent.com/git/git/master/Documentation/RelNotes/2.3.9.txt
• https://raw.githubusercontent.com/git/git/master/Documentation/RelNotes/2.3.10.txt
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE pending

SRPMS

5/core

• git-2.3.10-1.mga5