Описание
Security update for libgit2
libgit2 was updated to fix two security issues.
These security issues were fixed:
- CVE-2016-8568: Read out-of-bounds in git_oid_nfmt (bsc#1003810).
- CVE-2016-8569: DoS caused by a NULL pointer dereference in git_commit_message (bsc#1003810).
Список пакетов
SUSE Linux Enterprise Software Development Kit 12 SP2
libgit2-24-0.24.1-3.1
Ссылки
- Link for SUSE-SU-2016:2969-1
- E-Mail link for SUSE-SU-2016:2969-1
- SUSE Security Ratings
- SUSE Bug 1003810
- SUSE CVE CVE-2016-8568 page
- SUSE CVE CVE-2016-8569 page
Описание
The git_commit_message function in oid.c in libgit2 before 0.24.3 allows remote attackers to cause a denial of service (out-of-bounds read) via a cat-file command with a crafted object file.
Затронутые продукты
SUSE Linux Enterprise Software Development Kit 12 SP2:libgit2-24-0.24.1-3.1
Ссылки
- CVE-2016-8568
- SUSE Bug 1003810
- SUSE Bug 1019036
- SUSE Bug 1019037
Описание
The git_oid_nfmt function in commit.c in libgit2 before 0.24.3 allows remote attackers to cause a denial of service (NULL pointer dereference) via a cat-file command with a crafted object file.
Затронутые продукты
SUSE Linux Enterprise Software Development Kit 12 SP2:libgit2-24-0.24.1-3.1
Ссылки
- CVE-2016-8569
- SUSE Bug 1003810
- SUSE Bug 1019036
- SUSE Bug 1019037