----------------------------------------------------------------------

Do you need accurate and reliable IDS / IPS / AV detection rules?

Get in-depth vulnerability details:
http://secunia.com/binary_analysis/sample_analysis/

----------------------------------------------------------------------

TITLE:
Debian update for git-core

SECUNIA ADVISORY ID:
SA31780

VERIFY ADVISORY:
http://secunia.com/advisories/31780/

CRITICAL:
Moderately critical

IMPACT:
DoS, System access

WHERE:
>From remote

OPERATING SYSTEM:
Debian GNU/Linux 4.0
http://secunia.com/advisories/product/13844/
Debian GNU/Linux unstable alias sid
http://secunia.com/advisories/product/530/

DESCRIPTION:
Debian has issued an update for git-core. This fixes some
vulnerabilities, which can be exploited by malicious people to
compromise a user's system.

For more information:
SA31347

SOLUTION:
Apply updated packages.

-- Debian GNU/Linux 4.0 alias etch --

Source archives:

http://security.debian.org/pool/updates/main/g/git-core/git-core_1.4.4.4-2.1+etch1.dsc
Size/MD5 checksum: 801 e1da32690d937c31112734e3a568a6b2
http://security.debian.org/pool/updates/main/g/git-core/git-core_1.4.4.4.orig.tar.gz
Size/MD5 checksum: 1054130 99bc7ea441226f792b6f796a838e7ef0
http://security.debian.org/pool/updates/main/g/git-core/git-core_1.4.4.4-2.1+etch1.diff.gz
Size/MD5 checksum: 80042 b10d0f2f899b73e92cc22fd0e7616f8a

Architecture independent packages:

http://security.debian.org/pool/updates/main/g/git-core/git-arch_1.4.4.4-2.1+etch1_all.deb
Size/MD5 checksum: 68534 bc1c4be53e445eb2a9a1cba42410f85e
http://security.debian.org/pool/updates/main/g/git-core/git-cvs_1.4.4.4-2.1+etch1_all.deb
Size/MD5 checksum: 93752 fbbef80ad27745f79072bce3e5ae3a96
http://security.debian.org/pool/updates/main/g/git-core/git-email_1.4.4.4-2.1+etch1_all.deb
Size/MD5 checksum: 62850 dfaff5a7df0025792768a536fae519af
http://security.debian.org/pool/updates/main/g/git-core/gitweb_1.4.4.4-2.1+etch1_all.deb
Size/MD5 checksum: 88008 b10f4275020e838c1fb1a1af6ccef056
http://security.debian.org/pool/updates/main/g/git-core/git-daemon-run_1.4.4.4-2.1+etch1_all.deb
Size/MD5 checksum: 55366 5b7be4b5951849b301d1faddf831dff8
http://security.debian.org/pool/updates/main/g/git-core/git-doc_1.4.4.4-2.1+etch1_all.deb
Size/MD5 checksum: 466200 0a21d338c7741147ff36242abaf3b402
http://security.debian.org/pool/updates/main/g/git-core/git-svn_1.4.4.4-2.1+etch1_all.deb
Size/MD5 checksum: 100590 990844afb17ba526bbffb49796497b6e
http://security.debian.org/pool/updates/main/g/git-core/gitk_1.4.4.4-2.1+etch1_all.deb
Size/MD5 checksum: 99352 a2d4c126758efa9fa9a549e8736f80a3

alpha architecture (DEC Alpha)

http://security.debian.org/pool/updates/main/g/git-core/git-core_1.4.4.4-2.1+etch1_alpha.deb
Size/MD5 checksum: 3092536 10a91198e5606dc6b1f6037803389d53

amd64 architecture (AMD x86_64 (AMD64))

http://security.debian.org/pool/updates/main/g/git-core/git-core_1.4.4.4-2.1+etch1_amd64.deb
Size/MD5 checksum: 2627502 3fad9097fef2d907e66a28c9cb3f9684

arm architecture (ARM)

http://security.debian.org/pool/updates/main/g/git-core/git-core_1.4.4.4-2.1+etch1_arm.deb
Size/MD5 checksum: 2317560 de4bd89d3a608df2b1216f86cf0b8b53

hppa architecture (HP PA RISC)

http://security.debian.org/pool/updates/main/g/git-core/git-core_1.4.4.4-2.1+etch1_hppa.deb
Size/MD5 checksum: 2692126 53c2bf7b21e779e94c34405201be7910

i386 architecture (Intel ia32)

http://security.debian.org/pool/updates/main/g/git-core/git-core_1.4.4.4-2.1+etch1_i386.deb
Size/MD5 checksum: 2330734 769253444bc1f266f706bc742bec86ee

ia64 architecture (Intel ia64)

http://security.debian.org/pool/updates/main/g/git-core/git-core_1.4.4.4-2.1+etch1_ia64.deb
Size/MD5 checksum: 3813238 65d7e5064d427e425173653300a6b5c6

mips architecture (MIPS (Big Endian))

http://security.debian.org/pool/updates/main/g/git-core/git-core_1.4.4.4-2.1+etch1_mips.deb
Size/MD5 checksum: 2784982 4cd7c71d0cb63880562ec56b9c30ba0f

mipsel architecture (MIPS (Little Endian))

http://security.debian.org/pool/updates/main/g/git-core/git-core_1.4.4.4-2.1+etch1_mipsel.deb
Size/MD5 checksum: 2799604 8cedf2b70c763b893500a04d42ffa82d

powerpc architecture (PowerPC)

http://security.debian.org/pool/updates/main/g/git-core/git-core_1.4.4.4-2.1+etch1_powerpc.deb
Size/MD5 checksum: 2636198 fe400a070ce9d89c60dc619334501d94

s390 architecture (IBM S/390)

http://security.debian.org/pool/updates/main/g/git-core/git-core_1.4.4.4-2.1+etch1_s390.deb
Size/MD5 checksum: 2620338 2c0192889678a8159a26c1f8c9d3a970

sparc architecture (Sun SPARC/UltraSPARC)

http://security.debian.org/pool/updates/main/g/git-core/git-core_1.4.4.4-2.1+etch1_sparc.deb
Size/MD5 checksum: 2278862 cd969645dfe4fb36e457dabc3a5c7516

-- Debian GNU/Linux unstable alias sid --

Fixed in version 1.5.6.5-1.

ORIGINAL ADVISORY:
DSA-1637-1:
http://lists.debian.org/debian-security-announce/2008/msg00226.html

OTHER REFERENCES:
SA31347:
http://secunia.com/advisories/31347/

----------------------------------------------------------------------

About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.

Subscribe:
http://secunia.com/advisories/secunia_security_advisories/

Definitions: (Criticality, Where etc.)
http://secunia.com/advisories/about_secunia_advisories/


Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.

----------------------------------------------------------------------

Unsubscribe: Secunia Security Advisories
http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org

----------------------------------------------------------------------