Описание
Security update for git
This update for git fixes the following issue:
- CVE-2018-17456: Git allowed remote code execution during processing of a recursive 'git clone' of a superproject if a .gitmodules file has a URL field beginning with a '-' character. (boo#1110949).
Список пакетов
SUSE Linux Enterprise Server 12 SP4
git-core-2.12.3-27.17.2
SUSE Linux Enterprise Server for SAP Applications 12 SP4
git-core-2.12.3-27.17.2
SUSE Linux Enterprise Software Development Kit 12 SP4
git-2.12.3-27.17.2
git-arch-2.12.3-27.17.2
git-core-2.12.3-27.17.2
git-cvs-2.12.3-27.17.2
git-daemon-2.12.3-27.17.2
git-doc-2.12.3-27.17.2
git-email-2.12.3-27.17.2
git-gui-2.12.3-27.17.2
git-svn-2.12.3-27.17.2
git-web-2.12.3-27.17.2
gitk-2.12.3-27.17.2
Ссылки
- Link for SUSE-SU-2018:4088-3
- E-Mail link for SUSE-SU-2018:4088-3
- SUSE Security Ratings
- SUSE Bug 1110949
- SUSE CVE CVE-2018-17456 page
Описание
Git before 2.14.5, 2.15.x before 2.15.3, 2.16.x before 2.16.5, 2.17.x before 2.17.2, 2.18.x before 2.18.1, and 2.19.x before 2.19.1 allows remote code execution during processing of a recursive "git clone" of a superproject if a .gitmodules file has a URL field beginning with a '-' character.
Затронутые продукты
SUSE Linux Enterprise Server 12 SP4:git-core-2.12.3-27.17.2
SUSE Linux Enterprise Server for SAP Applications 12 SP4:git-core-2.12.3-27.17.2
SUSE Linux Enterprise Software Development Kit 12 SP4:git-2.12.3-27.17.2
SUSE Linux Enterprise Software Development Kit 12 SP4:git-arch-2.12.3-27.17.2
Ссылки
- CVE-2018-17456
- SUSE Bug 1110949