AVG-711

Package git
Status Fixed
Severity Critical
Type multiple issues
Affected 2.17.0-1
Fixed 2.17.1-1
Current 2.23.0-1 [extra]
Ticket None
Created Tue May 29 19:43:40 2018
Issue Severity Remote Type Description
CVE-2018-11235 Critical Yes Arbitrary code execution
A security issue has been found in git before 2.17.1. With a crafted .gitmodules file, a malicious project can execute an arbitrary script on a machine that...
CVE-2018-11233 Medium Yes Information disclosure
A security issue has been found in git before 2.17.1, where the code that sanify-check paths in is_ntfs_dotgit() could have been tricked into reading random...
Date Advisory Package Description
01 Jun 2018 ASA-201806-1 git multiple issues
References
https://lkml.org/lkml/2018/5/29/889