CVE-2016-10130

Source
Severity High
Remote Yes
Type Insufficient validation
Description
An issue has been discovered when checking certificate validity before clobbering the error variable. A valid parameter is provided to indicate whether the native cryptographic library considered the certificate to be correct. This parameter is always 1/true before the fix leading to a possible man-in-the-middle (MITM).
Group Package Affected Fixed Severity Status Ticket
AVG-131 libgit2 1:0.24.3-1 1:0.24.6-1 High Fixed
Date Advisory Group Package Severity Description
15 Jan 2017 ASA-201701-21 AVG-131 libgit2 High multiple issues
References
https://github.com/libgit2/libgit2/commit/9a64e62f0f20c9cf9b2e1609f037060eb2d8eb22