git

Link package | bugs open | bugs closed | Wiki | GitHub | web search
Description the fast distributed version control system
Version 2.24.0-1 [extra]

Resolved

Group Affected Fixed Severity Status Ticket
AVG-776 2.19.0-1 2.19.1-1 High Fixed
AVG-711 2.17.0-1 2.17.1-1 Critical Fixed
AVG-377 2.14.0-1 2.14.1-1 Critical Fixed
AVG-267 2.12.2-4 2.13.0-1 High Fixed
Issue Group Severity Remote Type Description
CVE-2018-17456 AVG-776 High Yes Arbitrary code execution
A security issue has been found in git versions prior to 2.19.1, which allows an attacker to execute arbitrary code by crafting a malicious .gitmodules file...
CVE-2018-11235 AVG-711 Critical Yes Arbitrary code execution
A security issue has been found in git before 2.17.1. With a crafted .gitmodules file, a malicious project can execute an arbitrary script on a machine that...
CVE-2018-11233 AVG-711 Medium Yes Information disclosure
A security issue has been found in git before 2.17.1, where the code that sanify-check paths in is_ntfs_dotgit() could have been tricked into reading random...
CVE-2017-1000117 AVG-377 Critical Yes Arbitrary command execution
A security issue has been found in git < 2.14.1. A malicious third- party can give a crafted "ssh://..." URL to an unsuspecting victim, and an attempt to...
CVE-2017-8386 AVG-267 High Yes Access restriction bypass
A security issue has been found in git < 2.12.3, allowing a remote restricted user to execute an interactive pager on the server by causing it to spawn "git...

Advisories

Date Advisory Group Severity Description
09 Oct 2018 ASA-201810-7 AVG-776 High arbitrary code execution
01 Jun 2018 ASA-201806-1 AVG-711 Critical multiple issues
12 Aug 2017 ASA-201708-6 AVG-377 Critical arbitrary command execution
12 May 2017 ASA-201705-14 AVG-267 High access restriction bypass