FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-04-18 11:12:36 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
1d567278-87a5-11e4-879c-000c292ee6b8	git -- Arbitrary command execution on case-insensitive filesystems The Git Project reports: When using a case-insensitive filesystem an attacker can craft a malicious Git tree that will cause Git to overwrite its own .git/config file when cloning or checking out a repository, leading to arbitrary command execution in the client machine. If you are a hosting service whose users may fetch from your service to Windows or Mac OS X machines, you are strongly encouraged to update to protect such users who use existing versions of Git. Discovery 2014-12-19 Entry 2014-12-19 git < 2.2.1 CVE-2014-9390 https://github.com/blog/1938-git-client-vulnerability-announced http://article.gmane.org/gmane.linux.kernel/1853266

VuXML ID

Description

1d567278-87a5-11e4-879c-000c292ee6b8

git -- Arbitrary command execution on case-insensitive filesystems

The Git Project reports:

When using a case-insensitive filesystem an attacker can craft a malicious Git tree that will cause Git to overwrite its own .git/config file when cloning or checking out a repository, leading to arbitrary command execution in the client machine. If you are a hosting service whose users may fetch from your service to Windows or Mac OS X machines, you are strongly encouraged to update to protect such users who use existing versions of Git.

Discovery 2014-12-19
Entry 2014-12-19
git

< 2.2.1

CVE-2014-9390
https://github.com/blog/1938-git-client-vulnerability-announced
http://article.gmane.org/gmane.linux.kernel/1853266