Twenty Year Anniversary

Debian Security Advisory 4311-1

Debian Security Advisory 4311-1
Posted Oct 6, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4311-1 - joernchen of Phenoelit discovered that git, a fast, scalable, distributed revision control system, is prone to an arbitrary code execution vulnerability via a specially crafted .gitmodules file in a project cloned with --recurse-submodules.

tags | advisory, arbitrary, code execution
systems | linux, debian
advisories | CVE-2018-17456
MD5 | 1f8a5f684261b89f6eecc6b077fa556f

Debian Security Advisory 4311-1

Change Mirror Download
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-4311-1 security@debian.org
https://www.debian.org/security/ Salvatore Bonaccorso
October 05, 2018 https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : git
CVE ID : CVE-2018-17456

joernchen of Phenoelit discovered that git, a fast, scalable,
distributed revision control system, is prone to an arbitrary code
execution vulnerability via a specially crafted .gitmodules file in a
project cloned with --recurse-submodules.

For the stable distribution (stretch), this problem has been fixed in
version 1:2.11.0-3+deb9u4.

We recommend that you upgrade your git packages.

For the detailed security status of git please refer to its security
tracker page at:
https://security-tracker.debian.org/tracker/git

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAlu3u3VfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND
z0THNg//bQWiuaFs6H9tqs7zriONRYmNkx0yrM1MMJw+OmwrBHhNyLBOxu3eLybi
qexWWiDUeGeqa+RWYNzsUQDQqM2uGlj8BOwPmVD1m53LM1CdOJVgqPt+m1iVyTqV
5gg279p+Svyv8JCcoXRNOd6RysPaqZDcy/9gAb2GgLZ/uOQM1SnCDRd1br+V2NHE
hmF/DQcwU4OM8sDVECtUhiECQJw0/Gwrc/U0ROkZwycj1VdfDvEFmUohscBnwBIA
agBJ1Nl+z/bxLOwMkXcp9dLsmJO9OtJ7SU+oM9Kii18MNpZcz+WdrIMN6Lqk3oIX
b8BkK5/nUWInKLpp2KYEXg0QODkcCPKbITyY4KkKcT98BYWlixvddMkXc3Q1mDzc
8yZ52fksUkvF9LWWHsnQowdemjLeUNszYoLdTUaJdngKUwLcwVHJJLtThHXXc7+q
CDwPDOugPpQ37cLu9/LxT2GFdM94F5H1315MV+kugPE5ufUugAtVIzaeT1FGQQpQ
tiESs7oC33U3Gcd3oQbFL7XCx42Xrso/ODXR9hM1tGnYGLbnXI1GBxpUlYZ9Mbnw
jgAAlGI2u11INJNRmtUd1Z2bKFf8DwnQqxGrIN3Z7xc+BwNuXBYNyg9nXXnL5/SG
QISYd9OlWOHq1Ohr1z2j9ltiyRZR5a2zTdvFmRHi/P5VFfZxvVA=
=F/9G
-----END PGP SIGNATURE-----

Comments

RSS Feed Subscribe to this comment feed

No comments yet, be the first!

Login or Register to post a comment

File Archive:

November 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    10 Files
  • 2
    Nov 2nd
    15 Files
  • 3
    Nov 3rd
    2 Files
  • 4
    Nov 4th
    2 Files
  • 5
    Nov 5th
    32 Files
  • 6
    Nov 6th
    27 Files
  • 7
    Nov 7th
    8 Files
  • 8
    Nov 8th
    9 Files
  • 9
    Nov 9th
    17 Files
  • 10
    Nov 10th
    2 Files
  • 11
    Nov 11th
    2 Files
  • 12
    Nov 12th
    33 Files
  • 13
    Nov 13th
    29 Files
  • 14
    Nov 14th
    23 Files
  • 15
    Nov 15th
    45 Files
  • 16
    Nov 16th
    11 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close