CVE-2019-1348 log

Source
Severity High
Remote Yes
Type Arbitrary code execution
Description
A security issue has been found in git before 2.24.1 where the --export-marks option of git fast-import is exposed also via the in-stream command feature export-marks=... and it allows overwriting arbitrary paths.
Group Package Affected Fixed Severity Status Ticket
AVG-1075 libgit2 1:0.28.3-1 1:0.28.4-1 High Fixed
AVG-1073 git 2.24.0-1 2.24.1-1 High Fixed
Date Advisory Group Package Severity Description
18 Dec 2019 ASA-201912-6 AVG-1073 git High arbitrary code execution
18 Dec 2019 ASA-201912-5 AVG-1075 libgit2 High arbitrary code execution
References
https://github.com/git/git/commit/68061e3470210703cb15594194718d35094afdc0
https://lkml.org/lkml/2019/12/10/905