Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-15:Update
patchinfo.8189
_patchinfo
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _patchinfo of Package patchinfo.8189
<patchinfo incident="8189"> <issue id="1095219" tracker="bnc">VUL-0: CVE-2018-11235: git,libgit2: arbitrary code execution when recursively cloning a malicious repository</issue> <issue id="1100612" tracker="bnc">VUL-0: CVE-2018-10888: libgit2: an improper input validation leads to an out-of-bound read in git_delta_apply, allowing to read beyond delta limits</issue> <issue id="1100613" tracker="bnc">VUL-0: CVE-2018-10887: libgit2: integer overflow leads to out-of-bounds read in git_delta_apply, allowing to read before base array</issue> <issue id="1104641" tracker="bnc">VUL-0: libgit2: out-of-bounds reads when processing smart-protocol "ng" packets</issue> <issue tracker="cve" id="2018-11235"/> <issue tracker="cve" id="2018-10888"/> <issue tracker="cve" id="2018-10887"/> <issue tracker="cve" id="2018-15501"/> <category>security</category> <rating>important</rating> <packager>mgorse</packager> <description>This update for libgit2 to version 0.26.5 fixes the following issues: The following security vulnerabilities were addressed: - CVE-2018-10887: Fixed an integer overflow which in turn leads to an out of bound read, allowing to read the base object, which could be exploited by an attacker to cause denial of service (DoS) (bsc#1100613). - CVE-2018-10888: Fixed an out-of-bound read while reading a binary delta file, which could be exploited by an attacker t ocause a denial of service (DoS) (bsc#1100612). - CVE-2018-11235: Fixed a remote code execution, which could occur with a crafted .gitmodules file (bsc#1095219) - CVE-2018-15501: Prevent out-of-bounds reads when processing smart-protocol "ng" packets (bsc#1104641) </description> <summary>Security update for libgit2</summary> </patchinfo>
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor