Advisories ยป MGASA-2020-0175

Updated git packages fix security vulnerability

Publication date: 16 Apr 2020
Modification date: 16 Apr 2020
Type: security
Affected Mageia releases : 7
CVE: CVE-2020-5260

Description

With a crafted URL that contains a newline in it, the credential helper
machinery can be fooled to give credential information for a wrong host.
The attack has been made impossible by forbidding a newline character in
any value passed via the credential protocol (CVE-2020-5260).
                

References

SRPMS

7/core