CVE-2016-10130 log
Source |
|
Severity | High |
Remote | Yes |
Type | Insufficient validation |
Description | An issue has been discovered when checking certificate validity before clobbering the error variable. A valid parameter is provided to indicate whether the native cryptographic library considered the certificate to be correct. This parameter is always 1/true before the fix leading to a possible man-in-the-middle (MITM). |
Group | Package | Affected | Fixed | Severity | Status | Ticket |
---|---|---|---|---|---|---|
AVG-131 | libgit2 | 1:0.24.3-1 | 1:0.24.6-1 | High | Fixed |
Date | Advisory | Group | Package | Severity | Type |
---|---|---|---|---|---|
15 Jan 2017 | ASA-201701-21 | AVG-131 | libgit2 | High | multiple issues |
References |
---|
https://github.com/libgit2/libgit2/commit/9a64e62f0f20c9cf9b2e1609f037060eb2d8eb22 |