CVE-2019-1352 log
| Source |
|
| Severity | Medium |
| Remote | Yes |
| Type | Arbitrary code execution |
| Description | A security issue has been found in git before 2.24.1 where it was unaware of NTFS Alternate Data Streams, allowing files inside the .git/ directory to be overwritten during a clone. |
| Group | Package | Affected | Fixed | Severity | Status | Ticket |
|---|---|---|---|---|---|---|
| AVG-1075 | libgit2 | 1:0.28.3-1 | 1:0.28.4-1 | High | Fixed | |
| AVG-1073 | git | 2.24.0-1 | 2.24.1-1 | High | Fixed |
| Date | Advisory | Group | Package | Severity | Type |
|---|---|---|---|---|---|
| 18 Dec 2019 | ASA-201912-6 | AVG-1073 | git | High | arbitrary code execution |
| 18 Dec 2019 | ASA-201912-5 | AVG-1075 | libgit2 | High | arbitrary code execution |
| References |
|---|
https://github.com/git/git/commit/7c3745fc6185495d5765628b4dfe1bd2c25a2981 https://lkml.org/lkml/2019/12/10/905 |