Summary: | <dev-vcs/git-{2.21.1,2.23.1-r1,2.24.1}: multiple vulnerabilities | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Thomas Deutschmann (RETIRED) <whissi> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | major | CC: | polynomial-c, robbat2 |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | A2 [glsa+ cve] | ||
Package list: |
dev-vcs/git-2.23.1-r1
dev-vcs/git-2.24.1
|
Runtime testing required: | Yes |
Description
Thomas Deutschmann (RETIRED)
2019-12-08 18:52:25 UTC
security: ACK email CSR-20191210-1. Will try to be available to bump at the embargo time end. Please contact me if it leaks early. Also email ACK. If Robin cannot be present in time I will be his backup. security: This appears to have dropped upstream BEFORE the embargo deadline. Tarballs appeared on the kernel.org mirrors an hour before the deadline, and the commits were visible in repos as of 2019/12/10 07:07 UTC. commit e2c18c18104d5ef0c65195f6f51af9f8ca861dda contains the bumps. arches, please test & stabilize: dev-vcs/git-2.21.1 dev-vcs/git-2.23.1-r1 dev-vcs/git-2.24.1 amd64 stable arm64 stable sparc stable ia64 stable x86 stable arm stable ppc stable s390 stable ppc64 stable sh stable New GLSA request filed. This issue was resolved and addressed in GLSA 202003-30 at https://security.gentoo.org/glsa/202003-30 by GLSA coordinator Thomas Deutschmann (whissi). |