AVG-1075 log
| Package | libgit2 |
| Status | Fixed |
| Severity | High |
| Type | arbitrary code execution |
| Affected | 1:0.28.3-1 |
| Fixed | 1:0.28.4-1 |
| Current | 1:1.9.1-1 [extra] |
| Ticket | None |
| Created | Tue Dec 10 22:10:46 2019 |
| Issue | Severity | Remote | Type | Description |
|---|---|---|---|---|
| CVE-2019-1387 | Medium | Yes | Arbitrary code execution | A security issue has been found in git before 2.24.1 where recursive clones are currently affected by a vulnerability that is caused by too-lax validation... |
| CVE-2019-1352 | Medium | Yes | Arbitrary code execution | A security issue has been found in git before 2.24.1 where it was unaware of NTFS Alternate Data Streams, allowing files inside the .git/ directory to be... |
| CVE-2019-1349 | Medium | Yes | Arbitrary code execution | A security issue has been found in git before 2.24.1 when using submodule paths that refer to the same file system entity (e.g. using the NTFS Alternate... |
| CVE-2019-1348 | High | Yes | Arbitrary code execution | A security issue has been found in git before 2.24.1 where the --export-marks option of git fast-import is exposed also via the in- stream command feature... |
| Date | Advisory | Package | Type |
|---|---|---|---|
| 18 Dec 2019 | ASA-201912-5 | libgit2 | arbitrary code execution |