Apple Security Advisory 2016-05-03-1 - Xcode 7.3.1 is now available and addresses a heap-based buffer overflow vulnerability.
de7ad5b8d22c9f8865c6a0c295ca9fbf8e157d1ed947788a5de45f67ca0e0e1e
Red Hat Security Advisory 2016-0497-01 - Git is a distributed revision control system with a decentralized architecture. As opposed to centralized version control systems with a client-server model, Git ensures that each working copy of a Git repository is an exact copy with complete revision history. This not only allows the user to work on and contribute to projects without the need to have permission to push the changes to their official repositories, but also makes it possible for the user to work with no network connection. An integer truncation flaw and an integer overflow flaw, both leading to a heap-based buffer overflow, were found in the way Git processed certain path information. A remote attacker could create a specially crafted Git repository that would cause a Git client or server to crash or, possibly, execute arbitrary code.
212fda6729a6768d6f7ad3d832d6f9ef4276e13fe9fc71f9ae59f9653f50af59
Red Hat Security Advisory 2016-0496-01 - Git is a distributed revision control system with a decentralized architecture. As opposed to centralized version control systems with a client-server model, Git ensures that each working copy of a Git repository is an exact copy with complete revision history. This not only allows the user to work on and contribute to projects without the need to have permission to push the changes to their official repositories, but also makes it possible for the user to work with no network connection. An integer truncation flaw and an integer overflow flaw, both leading to a heap-based buffer overflow, were found in the way Git processed certain path information. A remote attacker could create a specially crafted Git repository that would cause a Git client or server to crash or, possibly, execute arbitrary code.
33481f9b2e323032036bbac27addbdbb7aca8f0d60afb5adf509af12b34245cc
Ubuntu Security Notice 2938-1 - Lael Cellier discovered that Git incorrectly handled path strings in crafted Git repositories. A remote attacker could use this issue to cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking Git.
d4a0d948833adb3e11088215135e259147bc0b69370d9650067ca30edb3e8b2c
Debian Linux Security Advisory 3521-1 - Lael Cellier discovered two buffer overflow vulnerabilities in git, a fast, scalable, distributed revision control system, which could be exploited for remote execution of arbitrary code.
46ec78cd04db91be6d28705ff766c6c3e38dbbceacb349ca0705d85b151da1e9
Slackware Security Advisory - New git packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix security issues.
1c99e71a3fad9650a752f68bbbef7c024a33b46b4b822521373fefb124404fdb