FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-04-24 21:00:48 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
7f645ee5-7681-11e5-8519-005056ac623eGit -- Execute arbitrary code

Git release notes:

Some protocols (like git-remote-ext) can execute arbitrary code found in the URL. The URLs that submodules use may come from arbitrary sources (e.g., .gitmodules files in a remote repository), and can hurt those who blindly enable recursive fetch. Restrict the allowed protocols to well known and safe ones.


Discovery 2015-09-23
Entry 2015-10-19
Modified 2015-12-12
git
< 2.6.1

git-gui
< 2.6.1

git-lite
< 2.6.1

git-subversion
< 2.6.1

CVE-2015-7545
https://raw.githubusercontent.com/git/git/master/Documentation/RelNotes/2.6.1.txt
http://www.openwall.com/lists/oss-security/2015/12/11/7
d2a84feb-ebe0-11e5-92ce-002590263bf5git -- integer overflow

Debian reports:

integer overflow due to a loop which adds more to "len".


Discovery 2016-02-24
Entry 2016-03-18
git
< 2.4.11

ge 2.5.0 lt 2.5.5

ge 2.6.0 lt 2.6.6

ge 2.7.0 lt 2.7.4

git-gui
< 2.4.11

ge 2.5.0 lt 2.5.5

ge 2.6.0 lt 2.6.6

ge 2.7.0 lt 2.7.4

git-lite
< 2.4.11

ge 2.5.0 lt 2.5.5

ge 2.6.0 lt 2.6.6

ge 2.7.0 lt 2.7.4

git-subversion
< 2.4.11

ge 2.5.0 lt 2.5.5

ge 2.6.0 lt 2.6.6

ge 2.7.0 lt 2.7.4

CVE-2016-2324
https://security-tracker.debian.org/tracker/CVE-2016-2324
https://github.com/git/git/commit/9831e92bfa833ee9c0ce464bbc2f941ae6c2698d