Your message dated Wed, 7 Mar 2007 10:30:45 +0000
with message-id <[EMAIL PROTECTED]>
and subject line Bug#413629: "'git http-push' had a few buffer overruns."
has caused the attached Bug report to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere.  Please contact me immediately.)

Debian bug tracking system administrator
(administrator, Debian Bugs database)

--- Begin Message ---
Package: git-core
Version: 1.5.0.2-1
Severity: grave
Tags: security

The relevant commits are, as far as I know:

commit eecc8367f4eaafc8449fc08c4e33f3f8ac474469
Author: Eygene Ryabinkin <[EMAIL PROTECTED]>
Date:   Thu Mar 1 19:09:12 2007 +0300

    Another memory overrun in http-push.c

    Use of strlcpy() are wrong, as the source buffer at these
    locations may not be NUL-terminated.

commit 2c46759db757eb742590e8547cb0c63e8bdb1da1
Author: Eygene Ryabinkin <[EMAIL PROTECTED]>
Date:   Wed Feb 28 12:12:02 2007 -0800

    http-push.c::lock_remote(): validate all remote refs.

    Starting from offset 11 might have been good back when it was
    only used for updating "refs/heads/*", but it is used to update
    "info/refs" and "refs/tags/*" as well.

    Signed-off-by: Junio C Hamano <[EMAIL PROTECTED]>



--- End Message ---
--- Begin Message ---
found 413629 1:1.4.4.4-1
quit

Version: 1:1.5.0.3-1

On Tue, Mar 06, 2007 at 09:51:46AM +0100, Florian Weimer wrote:
> The relevant commits are, as far as I know:
> 
> commit eecc8367f4eaafc8449fc08c4e33f3f8ac474469

> commit 2c46759db757eb742590e8547cb0c63e8bdb1da1

Hi, both commits are included in git-core 1:1.5.0.3-1 available in sid.

While I think 2c46759 doesn't have a security impact, eecc836 seems to
have, what do you think?  git-core 1:1.4.4.4-1 in etch has both problems
not fixed yet.

Thanks, Gerrit.

--- End Message ---

Reply via email to