VDB
GCVE-110-MAGEIA-2016-119
GCVE-110-MAGEIA-2016-119
Advisory Published
There is a buffer overflow vulnerability possibly leading to remote code
execution in git. It can happen while pushing or cloning a repository with
a large filename or a large number of nested trees (CVE-2016-2315,
CVE-2016-2324).
The git package has been updated to version 2.7.4, which fixes this issue,
as well as several other bugs.
The cgit package bundles git, and its bundled copy of git has also been
updated to version 2.7.4.
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| Mageia | git | 0 (affected), 0 (affected), 2.7.4-1.mga5 (unaffected), 2.7.4-1.mga5 (unaffected) | — |
| Mageia | cgit | 0.12-1.2.mga5 (unaffected), 0 (affected), 0 (affected), 0.12-1.2.mga5 (unaffected) | — |
| Mageia | cdi-api | 0 (affected), 1.1-7.1.mga5 (unaffected) | — |
References
Fix dangling link in cdi-api package
advisory
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.