Ubuntu
git package

client/server RCEs in path_name()

Bug #1557787 reported by Luke Faraone
312
This bug affects 9 people
Affects Status Importance Assigned to Milestone
git (Debian)
Fix Released
Unknown
git (Ubuntu)
Fix Released
High
Tyler Hicks
Precise
Fix Released
Undecided
Unassigned
Trusty
Fix Released
Undecided
Unassigned
Wily
Fix Released
Undecided
Unassigned

Bug Description

http://seclists.org/oss-sec/2016/q1/645
http://seclists.org/oss-sec/2016/q1/646

Fixed in 2.7.4 (contains backported removal of path_name from 2.8.0rc0)

See original description

CVE References

Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package git - 1:2.7.3-0ubuntu1

---------------
git (1:2.7.3-0ubuntu1) xenial; urgency=medium

  * New upstream release, with critical security bugfixes (LP: #1557787)

 -- Adam Conrad <email address hidden> Tue, 15 Mar 2016 17:39:56 -0600

Changed in git (Ubuntu):
status: New → Fix Released
Bug Watch Updater (bug-watch-updater)
Changed in git (Debian):
status: Unknown → Confirmed
Revision history for this message
Launchpad Janitor (janitor) wrote :

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in git (Ubuntu Trusty):
status: New → Confirmed
Changed in git (Ubuntu Wily):
status: New → Confirmed
Bug Watch Updater (bug-watch-updater)
Changed in git (Debian):
status: Confirmed → Fix Released
Revision history for this message
Jonathan Nieder (jrnieder) wrote :

2.7.4 has the fixes you're looking for.

Luke Faraone (lfaraone)
Changed in git (Ubuntu):
status: Fix Released → Triaged
Reed Loden (reed)
Changed in git (Ubuntu Precise):
status: New → Confirmed
Luke Faraone (lfaraone)
description: updated
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package git - 1:1.9.1-1ubuntu0.3

---------------
git (1:1.9.1-1ubuntu0.3) trusty-security; urgency=medium

  * SECURITY UPDATE: Fix denial of service or possible arbitrary remote code
    execution (LP: #1557787)
    - debian/diff/0016-CVE-2016-2315.patch: Be explicit about the amount of
      memory being copied
    - CVE-2016-2315
  * SECURITY UPDATE: Fix denial of service or possible arbitrary remote code
    execution
    - debian/diff/0017-CVE-2016-2324.patch: Use the correct type and maximum
      size checks when calculating string lengths to prevent integer overflow
    - CVE-2016-2324

 -- Tyler Hicks <email address hidden> Mon, 21 Mar 2016 09:44:28 -0500

Changed in git (Ubuntu Trusty):
status: Confirmed → Fix Released
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package git - 1:2.5.0-1ubuntu0.2

---------------
git (1:2.5.0-1ubuntu0.2) wily-security; urgency=medium

  * SECURITY UPDATE: Fix denial of service or possible arbitrary remote code
    execution (LP: #1557787)
    - debian/diff/0013-CVE-2016-2315.patch: Be explicit about the amount of
      memory being copied
    - CVE-2016-2315
  * SECURITY UPDATE: Fix denial of service or possible arbitrary remote code
    execution
    - debian/diff/0014-CVE-2016-2324.patch: Use the correct type and maximum
      size checks when calculating string lengths to prevent integer overflow
    - CVE-2016-2324

 -- Tyler Hicks <email address hidden> Mon, 21 Mar 2016 09:40:02 -0500

Changed in git (Ubuntu Wily):
status: Confirmed → Fix Released
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package git - 1:1.7.9.5-1ubuntu0.3

---------------
git (1:1.7.9.5-1ubuntu0.3) precise-security; urgency=medium

  * SECURITY UPDATE: Fix denial of service or possible arbitrary remote code
    execution (LP: #1557787)
    - debian/diff/0023-CVE-2016-2315.patch: Be explicit about the amount of
      memory being copied
    - CVE-2016-2315
  * SECURITY UPDATE: Fix denial of service or possible arbitrary remote code
    execution
    - debian/diff/0024-CVE-2016-2324.patch: Use the correct type and maximum
      size checks when calculating string lengths to prevent integer overflow
    - CVE-2016-2324

 -- Tyler Hicks <email address hidden> Mon, 21 Mar 2016 09:44:42 -0500

Changed in git (Ubuntu Precise):
status: Confirmed → Fix Released
Tyler Hicks (tyhicks)
Changed in git (Ubuntu):
assignee: nobody → Tyler Hicks (tyhicks)
status: Triaged → In Progress
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package git - 1:2.7.4-0ubuntu1

---------------
git (1:2.7.4-0ubuntu1) xenial; urgency=medium

  * SECURITY UPDATE: New upstream release to fix denial of service or possible
    remote code execution (LP: #1557787)
    + CVE-2016-2324
    + The previous upload only fixed one of the two security issues and 2.7.4
      is needed to address the second

 -- Tyler Hicks <email address hidden> Tue, 22 Mar 2016 18:32:49 -0500

Changed in git (Ubuntu):
status: In Progress → Fix Released
To post a comment you must log in.
This report contains Public Security information  
Everyone can see this security related information.

Duplicates of this bug

Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.