Summary: | <dev-vcs/git-{2.3.10,2.4.10}: arbitrary code execution via crafted URLs (CVE-2015-7545) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Agostino Sarubbo <ago> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | polynomial-c, robbat2 |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://bugzilla.redhat.com/show_bug.cgi?id=1269794 | ||
Whiteboard: | B2 [glsa cve] | ||
Package list: | Runtime testing required: | --- |
Description
Agostino Sarubbo
2015-10-12 07:45:51 UTC
AFAIK the same fixes went into =dev-vcs/git-2.3.10, =dev-vcs/git-2.4.10 and =dev-vcs/git-2.5.4 So I'd prefer to stabilize =dev-vcs/git-2.3.10 and =dev-vcs/git-2.4.10: Arches please test and mark stable the above mentioned two versions. Target keywords are: alpha amd64 arm ~arm64 hppa ia64 ~mips ppc ppc64 ~s390 ~sh sparc x86 ~ppc-aix ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~x64-freebsd ~x86-freebsd ~ia64-hpux ~x86-interix ~amd64-linux ~arm-linux ~ia64-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris amd64 stable Stable for PPC64. x86 stable Stable for HPPA. Stable on alpha. arm stable ppc stable sparc stable ia64 stable commit 6064b8095a426e5e985ad64632ac58674c9fcea9 Author: Lars Wendler <polynomial-c@gentoo.org> Date: Thu Nov 19 15:23:15 2015 dev-vcs/git: Removed vulnerable versions (bug #562884). Package-Manager: portage-2.2.25 Signed-off-by: Lars Wendler <polynomial-c@gentoo.org> Arches and Maintainer(s), Thank you for your work. New GLSA Request filed. This issue was resolved and addressed in GLSA 201605-01 at https://security.gentoo.org/glsa/201605-01 by GLSA coordinator Kristian Fiskerstrand (K_F). |