CVE-2019-1352 log

Source
Severity Medium
Remote Yes
Type Arbitrary code execution
Description
A security issue has been found in git before 2.24.1 where it was unaware of NTFS Alternate Data Streams, allowing files inside the .git/ directory to be overwritten during a clone.
Group Package Affected Fixed Severity Status Ticket
AVG-1075 libgit2 1:0.28.3-1 1:0.28.4-1 High Fixed
AVG-1073 git 2.24.0-1 2.24.1-1 High Fixed
Date Advisory Group Package Severity Description
18 Dec 2019 ASA-201912-6 AVG-1073 git High arbitrary code execution
18 Dec 2019 ASA-201912-5 AVG-1075 libgit2 High arbitrary code execution
References
https://github.com/git/git/commit/7c3745fc6185495d5765628b4dfe1bd2c25a2981
https://lkml.org/lkml/2019/12/10/905