VDB

GCVE-110-MAGEIA-2016-119

GCVE-110-MAGEIA-2016-119
Advisory Published
Vulnetix · Advisory published March 25, 2016
There is a buffer overflow vulnerability possibly leading to remote code execution in git. It can happen while pushing or cloning a repository with a large filename or a large number of nested trees (CVE-2016-2315, CVE-2016-2324). The git package has been updated to version 2.7.4, which fixes this issue, as well as several other bugs. The cgit package bundles git, and its bundled copy of git has also been updated to version 2.7.4.

Affected Products

VendorProductVersionsPlatforms
Mageiagit0 (affected), 0 (affected), 2.7.4-1.mga5 (unaffected), 2.7.4-1.mga5 (unaffected)
Mageiacgit0.12-1.2.mga5 (unaffected), 0 (affected), 0 (affected), 0.12-1.2.mga5 (unaffected)
Mageiacdi-api0 (affected), 1.1-7.1.mga5 (unaffected)

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›