ELSA-2015-2515

Опубликовано: 04 фев. 2016

Источник: oracle-oval

Платформа: Oracle Linux 6

Платформа: Oracle Linux 7

Описание

ELSA-2015-2515: git19-git security update (MODERATE)

[1.9.4-3.1]

fix arbitrary code execution via crafted URLs Resolves: #1273889

[1.9.4-3]

fix CVE-2014-9390 Resolves: rhbz#1220552

Обновленные пакеты

Oracle Linux 6

Oracle Linux x86_64

git19-emacs-git

1.9.4-3.el6.1

git19-emacs-git-el

1.9.4-3.el6.1

git19-git

1.9.4-3.el6.1

git19-git-all

1.9.4-3.el6.1

git19-git-cvs

1.9.4-3.el6.1

git19-git-daemon

1.9.4-3.el6.1

git19-git-email

1.9.4-3.el6.1

git19-git-gui

1.9.4-3.el6.1

git19-git-svn

1.9.4-3.el6.1

git19-gitk

1.9.4-3.el6.1

git19-gitweb

1.9.4-3.el6.1

git19-perl-Git

1.9.4-3.el6.1

git19-perl-Git-SVN

1.9.4-3.el6.1

Oracle Linux 7

Oracle Linux x86_64

git19-emacs-git

1.9.4-3.el7.1

git19-emacs-git-el

1.9.4-3.el7.1

git19-git

1.9.4-3.el7.1

git19-git-all

1.9.4-3.el7.1

git19-git-bzr

1.9.4-3.el7.1

git19-git-cvs

1.9.4-3.el7.1

git19-git-daemon

1.9.4-3.el7.1

git19-git-email

1.9.4-3.el7.1

git19-git-gui

1.9.4-3.el7.1

git19-git-hg

1.9.4-3.el7.1

git19-git-svn

1.9.4-3.el7.1

git19-gitk

1.9.4-3.el7.1

git19-gitweb

1.9.4-3.el7.1

git19-perl-Git

1.9.4-3.el7.1

git19-perl-Git-SVN

1.9.4-3.el7.1

Связанные CVE

CVE-2015-7545

Ссылки на источники

Связанные уязвимости

CVE-2015-7545

CVSS3: 9.8

ubuntu

больше 9 лет назад

The (1) git-remote-ext and (2) unspecified other remote helper programs in Git before 2.3.10, 2.4.x before 2.4.10, 2.5.x before 2.5.4, and 2.6.x before 2.6.1 do not properly restrict the allowed protocols, which might allow remote attackers to execute arbitrary code via a URL in a (a) .gitmodules file or (b) unknown other sources in a submodule.