Bug ID | 910756 |
---|---|
Summary | CVE-2014-9390: git: arbitrary command execution vulnerability on case-insensitive file systems |
Classification | openSUSE |
Product | openSUSE Distribution |
Version | 13.2 |
Hardware | Other |
OS | Other |
Status | NEW |
Severity | Normal |
Priority | P5 - None |
Component | Security |
Assignee | security-team@suse.de |
Reporter | Andreas.Stieger@gmx.de |
QA Contact | qa-bugs@suse.de |
Found By | --- |
Blocker | --- |
From http://article.gmane.org/gmane.linux.kernel/1853266 > This is a security-fix for CVE-2014-9390, which affects users on > Windows and Mac OS X but not typical UNIX users. A set of new > releases for older maintenance tracks (v1.8.5.6, v1.9.5, v2.0.5, and > v2.1.4) are published at the same time and they contain the same fix. > Various implementations and ports, including Git for Windows, Git OS > X installer, JGit & EGit, libgit2 (and Visual Studio which uses it) > have been updated at the same time. > > Even though the issue may not affect Linux users, if you are a > hosting service whose users may fetch from your service to Windows > or Mac OS X machines, you are strongly encouraged to update to > protect such users who use existing versions of Git. Not directly affected, but updates to 1.8.5.6, 1.9.5, 2.0.5, 2.1.4, 2.2.1 should be advised.