[Bug 1557787] [NEW] client/server RCEs in path_name()
Luke Faraone
luke at faraone.cc
Tue Mar 15 23:12:19 UTC 2016
*** This bug is a security vulnerability ***
Public security bug reported:
http://seclists.org/oss-sec/2016/q1/645
http://seclists.org/oss-sec/2016/q1/646
Fixed in 2.7.3 (path_name removed in 2.8.0rc0)
** Affects: git (Ubuntu)
Importance: High
Status: New
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2016-2315
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2016-2324
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to git in Ubuntu.
https://bugs.launchpad.net/bugs/1557787
Title:
client/server RCEs in path_name()
Status in git package in Ubuntu:
New
Bug description:
http://seclists.org/oss-sec/2016/q1/645
http://seclists.org/oss-sec/2016/q1/646
Fixed in 2.7.3 (path_name removed in 2.8.0rc0)
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/git/+bug/1557787/+subscriptions
More information about the foundations-bugs
mailing list