Zum Inhalt springen.
Sympa Menü

it-securitynotifies - [IT-SecNots] [SECURITY] [DSA 3521-1] git security update

it-securitynotifies AT lists.piratenpartei.de

Betreff: Sicherheitsankündigungen

Listenarchiv

[IT-SecNots] [SECURITY] [DSA 3521-1] git security update


Chronologisch Thread 
    < Chronologisch >      < Thread >
  • From: Salvatore Bonaccorso <carnil AT debian.org>
  • To: debian-security-announce AT lists.debian.org
  • Subject: [IT-SecNots] [SECURITY] [DSA 3521-1] git security update
  • Date: Sat, 19 Mar 2016 15:11:45 +0000
  • List-archive: <https://service.piratenpartei.de/pipermail/it-securitynotifies>
  • List-id: Sicherheitsankündigungen <it-securitynotifies.lists.piratenpartei.de>
  • List-url: <http://lists.debian.org/debian-security-announce/>
  • Old-return-path: <carnil AT master.debian.org>
  • Priority: urgent
  • Resent-date: Sat, 19 Mar 2016 15:12:02 +0000 (UTC)
  • Resent-from: debian-security-announce AT lists.debian.org
  • Resent-message-id: <hl7D-yaDCVN.A.X1G.CxW7WB@bendel>
  • Resent-sender: debian-security-announce-request AT lists.debian.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-3521-1 security AT debian.org
https://www.debian.org/security/ Salvatore Bonaccorso
March 19, 2016 https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : git
CVE ID : CVE-2016-2315 CVE-2016-2324
Debian Bug : 818318

Lael Cellier discovered two buffer overflow vulnerabilities in git, a
fast, scalable, distributed revision control system, which could be
exploited for remote execution of arbitrary code.

For the oldstable distribution (wheezy), these problems have been fixed
in version 1:1.7.10.4-1+wheezy3.

For the stable distribution (jessie), these problems have been fixed in
version 1:2.1.4-2.1+deb8u2.

For the unstable distribution (sid), these problems have been fixed in
version 1:2.8.0~rc3-1. CVE-2016-2315 was already fixed in version
1:2.7.0-1.

We recommend that you upgrade your git packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce AT lists.debian.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCgAGBQJW7WtSAAoJEAVMuPMTQ89En/4P/37MdL3kQWHuFymW/r9iV//0
yGwJVfmqclCGBcAnBDT+xfxQWNon1SW/v+XoQozKw2JJgnR6i3heHgmbd2OiG4EB
giiy6fpJdqQEvA+Mf0IqhcYEGJtkAa+WS4mPlWjWA8+IJ3gp05pWqnKAwjI2/RPn
BLp5XhvYnMT0O22i7ojXgHA6P2JL+MrFcPkeEtM5053x0RPbbjtdj9ptquiIul7D
Z9DghL7xAbydj5irO5oGGHgtuzXzwxj51Pod9TFY1C68AWAuebVBFifKxN3U0HKu
6sI7afX/EIgdbTNvyID5aJeJ3SJ00jmHkankWbgCtfl1Fy0xR+hcQa3CqnbndNlp
/PZutcaBtyC1+QrO4WcgctcflItPUCxrzPr57shzsKdsL5N+PI25nLBu9VM/7eqL
4dKKF9oNpaT0XKRAI7H91gF57knmqnmyWYEfzlooCQqSTvHenxQH8vYhEiaF7tfI
UwJLpkQqy8LqIFzBG9SU7XzIff8zSshrL7awc0woTDjvwSS0f5Y/M86XVVpbh8/8
VKxBKmPdCL0dXEoWC6mfHLtDysK9AMKj+aXL1sYukaqYl57WNLirzw7xLG2oHDVq
1FXAlDQ+UtveqaS8CaozEPY6dbyMV7316mnJ5i9hnwZLQI1R1goG8/Ecm/oz5Tx1
zrx08lCKzQfxtXUb4CBd
=Fp9P
-----END PGP SIGNATURE-----



  • [IT-SecNots] [SECURITY] [DSA 3521-1] git security update, Salvatore Bonaccorso, 19.03.2016

Archiv bereitgestellt durch MHonArc 2.6.19.

Seitenanfang