Описание
Security update for git
This update for git fixes the following issues:
- CVE-2018-17456: Git allowed remote code execution during processing of a recursive 'git clone' of a superproject if a .gitmodules file has a URL field beginning with a '-' character. (boo#1110949).
Список пакетов
SUSE Linux Enterprise Module for Basesystem 15
git-core-2.16.4-3.6.1
SUSE Linux Enterprise Module for Development Tools 15
git-2.16.4-3.6.1
git-arch-2.16.4-3.6.1
git-cvs-2.16.4-3.6.1
git-daemon-2.16.4-3.6.1
git-doc-2.16.4-3.6.1
git-email-2.16.4-3.6.1
git-gui-2.16.4-3.6.1
git-svn-2.16.4-3.6.1
git-web-2.16.4-3.6.1
gitk-2.16.4-3.6.1
Ссылки
- Link for SUSE-SU-2018:3150-1
- E-Mail link for SUSE-SU-2018:3150-1
- SUSE Security Ratings
- SUSE Bug 1110949
- SUSE CVE CVE-2018-17456 page
Описание
Git before 2.14.5, 2.15.x before 2.15.3, 2.16.x before 2.16.5, 2.17.x before 2.17.2, 2.18.x before 2.18.1, and 2.19.x before 2.19.1 allows remote code execution during processing of a recursive "git clone" of a superproject if a .gitmodules file has a URL field beginning with a '-' character.
Затронутые продукты
SUSE Linux Enterprise Module for Basesystem 15:git-core-2.16.4-3.6.1
SUSE Linux Enterprise Module for Development Tools 15:git-2.16.4-3.6.1
SUSE Linux Enterprise Module for Development Tools 15:git-arch-2.16.4-3.6.1
SUSE Linux Enterprise Module for Development Tools 15:git-cvs-2.16.4-3.6.1
Ссылки
- CVE-2018-17456
- SUSE Bug 1110949