oss-sec mailing list archives
request for CVEs for git clients
From: Kurt Seifried <kseifried () redhat com>
Date: Thu, 18 Dec 2014 16:38:24 -0700
Can we please get CVEs for https://github.com/blog/1938-vulnerability-announced-update-your-git-clients In addition, the following updated versions of Git address this vulnerability: The Git core team has announced maintenance releases for all current versions of Git (v1.8.5.6, v1.9.5, v2.0.5, v2.1.4, and v2.2.1). Git for Windows (also known as MSysGit) has released maintenance version 1.9.5. The two major Git libraries, libgit2 and JGit, have released maintenance versions with the fix. Third party software using these libraries is strongly encouraged to update. ==== looks like most Linux users are ok though "The vulnerability concerns Git and Git-compatible clients that access Git repositories in a case-insensitive or case-normalizing filesystem." -- Kurt Seifried -- Red Hat -- Product Security -- Cloud PGP A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993
Attachment:
signature.asc
Description: OpenPGP digital signature
Current thread:
- request for CVEs for git clients Kurt Seifried (Dec 18)
- Re: request for CVEs for git clients Kurt Seifried (Dec 18)
- Re: request for CVEs for git clients Russ Allbery (Dec 18)
- Re: request for CVEs for git clients Julien Cristau (Dec 20)
- Re: request for CVEs for git clients Russ Allbery (Dec 18)
- Re: request for CVEs for git clients Alex Gaynor (Dec 18)
- Re: request for CVEs for git clients Reed Loden (Dec 19)
- RE: request for CVEs for git clients Christey, Steven M. (Dec 19)
- Re: request for CVEs for git clients Kurt Seifried (Dec 18)