Описание
Security update for git
This update for git fixes a buffer overflow issue that had the potential to be abused for remote execution of arbitrary code (CVE-2016-2315, CVE-2016-2324, bsc#971328).
Список пакетов
openSUSE Leap 42.1
git-2.6.2-3.1
git-arch-2.6.2-3.1
git-core-2.6.2-3.1
git-credential-gnome-keyring-2.6.2-3.1
git-cvs-2.6.2-3.1
git-daemon-2.6.2-3.1
git-doc-2.6.2-3.1
git-email-2.6.2-3.1
git-gui-2.6.2-3.1
git-svn-2.6.2-3.1
git-web-2.6.2-3.1
gitk-2.6.2-3.1
Ссылки
- E-Mail link for openSUSE-SU-2016:0802-1
- SUSE Security Ratings
Описание
revision.c in git before 2.7.4 uses an incorrect integer data type, which allows remote attackers to execute arbitrary code via a (1) long filename or (2) many nested trees, leading to a heap-based buffer overflow.
Затронутые продукты
openSUSE Leap 42.1:git-2.6.2-3.1
openSUSE Leap 42.1:git-arch-2.6.2-3.1
openSUSE Leap 42.1:git-core-2.6.2-3.1
openSUSE Leap 42.1:git-credential-gnome-keyring-2.6.2-3.1
Ссылки
- CVE-2016-2315
- SUSE Bug 971328
Описание
Integer overflow in Git before 2.7.4 allows remote attackers to execute arbitrary code via a (1) long filename or (2) many nested trees, which triggers a heap-based buffer overflow.
Затронутые продукты
openSUSE Leap 42.1:git-2.6.2-3.1
openSUSE Leap 42.1:git-arch-2.6.2-3.1
openSUSE Leap 42.1:git-core-2.6.2-3.1
openSUSE Leap 42.1:git-credential-gnome-keyring-2.6.2-3.1
Ссылки
- CVE-2016-2324
- SUSE Bug 971328