git

Link package | bugs open | bugs closed | Wiki | GitHub | web search
Description the fast distributed version control system
Version 2.18.0-1 [extra]

Resolved

Group Affected Fixed Severity Status Ticket
AVG-711 2.17.0-1 2.17.1-1 Critical Fixed
AVG-377 2.14.0-1 2.14.1-1 Critical Fixed
AVG-267 2.12.2-4 2.13.0-1 High Fixed
Issue Group Severity Remote Type Description
CVE-2018-11235 AVG-711 Critical Yes Arbitrary code execution
A security issue has been found in git before 2.17.1. With a crafted .gitmodules file, a malicious project can execute an arbitrary script on a machine that...
CVE-2018-11233 AVG-711 Medium Yes Information disclosure
A security issue has been found in git before 2.17.1, where the code that sanify-check paths in is_ntfs_dotgit() could have been tricked into reading random...
CVE-2017-8386 AVG-267 High Yes Access restriction bypass
A security issue has been found in git < 2.12.3, allowing a remote restricted user to execute an interactive pager on the server by causing it to spawn "git...
CVE-2017-1000117 AVG-377 Critical Yes Arbitrary command execution
A security issue has been found in git < 2.14.1. A malicious third- party can give a crafted "ssh://..." URL to an unsuspecting victim, and an attempt to...

Advisories

Date Advisory Group Severity Description
01 Jun 2018 ASA-201806-1 AVG-711 Critical multiple issues
12 Aug 2017 ASA-201708-6 AVG-377 Critical arbitrary command execution
12 May 2017 ASA-201705-14 AVG-267 High access restriction bypass