Описание
Security update for libgit2
This update for libgit2 fixes the following issues:
- CVE-2016-8568: Fixed and out-of-bounds read in git_oid_nfmt (bsc#1003810).
- CVE-2016-8569: DoS using a null pointer dereference in git_commit_message (bsc#1003810).
Список пакетов
openSUSE Leap 42.1
libgit2-0.22.1-5.1
libgit2-22-0.22.1-5.1
libgit2-22-32bit-0.22.1-5.1
libgit2-devel-0.22.1-5.1
Ссылки
- E-Mail link for openSUSE-SU-2017:0208-1
- SUSE Security Ratings
Описание
The git_commit_message function in oid.c in libgit2 before 0.24.3 allows remote attackers to cause a denial of service (out-of-bounds read) via a cat-file command with a crafted object file.
Затронутые продукты
openSUSE Leap 42.1:libgit2-0.22.1-5.1
openSUSE Leap 42.1:libgit2-22-0.22.1-5.1
openSUSE Leap 42.1:libgit2-22-32bit-0.22.1-5.1
openSUSE Leap 42.1:libgit2-devel-0.22.1-5.1
Ссылки
- CVE-2016-8568
- SUSE Bug 1003810
- SUSE Bug 1019036
- SUSE Bug 1019037
Описание
The git_oid_nfmt function in commit.c in libgit2 before 0.24.3 allows remote attackers to cause a denial of service (NULL pointer dereference) via a cat-file command with a crafted object file.
Затронутые продукты
openSUSE Leap 42.1:libgit2-0.22.1-5.1
openSUSE Leap 42.1:libgit2-22-0.22.1-5.1
openSUSE Leap 42.1:libgit2-22-32bit-0.22.1-5.1
openSUSE Leap 42.1:libgit2-devel-0.22.1-5.1
Ссылки
- CVE-2016-8569
- SUSE Bug 1003810
- SUSE Bug 1019036
- SUSE Bug 1019037