Severity High
Remote Yes
Type Insufficient validation
An issue has been discovered when checking certificate validity before clobbering the error variable. A valid parameter is provided to indicate whether the native cryptographic library considered the certificate to be correct. This parameter is always 1/true before the fix leading to a possible man-in-the-middle (MITM).
Group Package Affected Fixed Severity Status Ticket
AVG-131 libgit2 1:0.24.3-1 1:0.24.6-1 High Fixed
Date Advisory Group Package Severity Description
15 Jan 2017 ASA-201701-21 AVG-131 libgit2 High multiple issues