This bug was fixed in the package git - 1:1.9.1-1ubuntu0.3
---------------
git (1:1.9.1-1ubuntu0.3) trusty-security; urgency=medium
* SECURITY UPDATE: Fix denial of service or possible arbitrary remote code
execution (LP: #1557787)
- debian/diff/0016-CVE-2016-2315.patch: Be explicit about the amount of
memory being copied
- CVE-2016-2315
* SECURITY UPDATE: Fix denial of service or possible arbitrary remote code
execution
- debian/diff/0017-CVE-2016-2324.patch: Use the correct type and maximum
size checks when calculating string lengths to prevent integer overflow
- CVE-2016-2324
-- Tyler Hicks <[email protected]> Mon, 21 Mar 2016 09:44:28 -0500
** Changed in: git (Ubuntu Trusty)
Status: Confirmed => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1557787
Title:
client/server RCEs in path_name()
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/git/+bug/1557787/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
