Summary: | <dev-libs/libgit2-0.26.2: multiple DoS vulnerabilities | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Michał Górny <mgorny> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | gnome, mgorny |
Priority: | Normal | Flags: | stable-bot:
sanity-check+
|
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://github.com/libgit2/libgit2/releases/tag/v0.26.2 | ||
Whiteboard: | B3 [noglsa cve] | ||
Package list: |
dev-libs/libgit2-0.26.2
|
Runtime testing required: | No |
Description
Michał Górny
2018-03-09 07:28:58 UTC
(In reply to Michał Górny from comment #0) > > @security, could you do your thing and advise? Thanks Michał, setting whiteboard, and calling arches for stabilization. @Arches, please test and mark stable. amd64 stable x86 stable CVE-2018-8099 (https://nvd.nist.gov/vuln/detail/CVE-2018-8099): Incorrect returning of an error code in the index.c:read_entry() function leads to a double free in libgit2 before v0.26.2, which allows an attacker to cause a denial of service via a crafted repository index file. CVE-2018-8098 (https://nvd.nist.gov/vuln/detail/CVE-2018-8098): Integer overflow in the index.c:read_entry() function while decompressing a compressed prefix length in libgit2 before v0.26.2 allows an attacker to cause a denial of service (out-of-bounds read) via a crafted repository index file. GLSA Vote: No Please remove vulnerable versions. Thank you The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=4e09c049b001b8f3f930fb69a249563d5f2c3389 commit 4e09c049b001b8f3f930fb69a249563d5f2c3389 Author: Michał Górny <mgorny@gentoo.org> AuthorDate: 2018-03-20 16:15:58 +0000 Commit: Michał Górny <mgorny@gentoo.org> CommitDate: 2018-03-20 16:15:59 +0000 dev-libs/libgit2: Drop old, vulnerable 0.26.0 Bug: https://bugs.gentoo.org/649984 dev-libs/libgit2/Manifest | 1 - dev-libs/libgit2/libgit2-0.26.0.ebuild | 75 ---------------------------------- 2 files changed, 76 deletions(-)} |