Test Kennung:	1.3.6.1.4.1.25623.1.0.63428
Kategorie:	Slackware Local Security Checks
Titel:	Slackware: Security Advisory (SSA:2009-051-02)
Zusammenfassung:	The remote host is missing an update for the 'git' package(s) announced via the SSA:2009-051-02 advisory.
Beschreibung:	Summary: The remote host is missing an update for the 'git' package(s) announced via the SSA:2009-051-02 advisory. Vulnerability Insight: New git packages are available for Slackware 12.0, 12.1, 12.2, and -current to fix security issues. More details about this issue may be found in the Common Vulnerabilities and Exposures (CVE) database: [link moved to references] There are other security issues related to gitweb, which Slackware does not ship, but could be added to a Slackware install. These problems are also fixed with this update. The CVE entries for the gitweb issues may be found here: [links moved to references] Here are the details from the Slackware 12.2 ChangeLog: +--------------------------+ patches/packages/git-1.6.1.3-i486-1_slack12.2.tgz: Upgraded to git-1.6.1.3. This fixes a vulnerability where running git-diff or git-grep on a hostile git repository would result in the execution of arbitrary code as the git user. For more information, see: [link moved to references] (* Security fix *) +--------------------------+ Affected Software/OS: 'git' package(s) on Slackware 12.0, Slackware 12.1, Slackware 12.2, Slackware current. Solution: Please install the updated package(s). CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2008-3546 BugTraq ID: 30549 http://www.securityfocus.com/bid/30549 Bugtraq: 20080812 rPSA-2008-0253-1 git gitweb (Google Search) http://www.securityfocus.com/archive/1/495391/100/0/threaded Debian Security Information: DSA-1637 (Google Search) http://www.debian.org/security/2008/dsa-1637 https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00729.html http://security.gentoo.org/glsa/glsa-200809-16.xml http://kerneltrap.org/mailarchive/git/2008/7/16/2529284 http://www.securitytracker.com/id?1020627 http://secunia.com/advisories/31347 http://secunia.com/advisories/31780 http://secunia.com/advisories/32029 http://secunia.com/advisories/32384 http://secunia.com/advisories/33964 http://www.ubuntu.com/usn/USN-723-1 http://www.vupen.com/english/advisories/2008/2306 XForce ISS Database: git-multiple-bo(44217) https://exchange.xforce.ibmcloud.com/vulnerabilities/44217 Common Vulnerability Exposure (CVE) ID: CVE-2008-5516 20090113 rPSA-2009-0005-1 git gitweb http://www.securityfocus.com/archive/1/500008/100/0/threaded 33964 34194 http://secunia.com/advisories/34194 4919 http://securityreason.com/securityalert/4919 ADV-2009-0175 http://www.vupen.com/english/advisories/2009/0175 DSA-1708 http://www.debian.org/security/2009/dsa-1708 GLSA-200903-15 http://www.gentoo.org/security/en/glsa/glsa-200903-15.xml SUSE-SR:2009:001 http://lists.opensuse.org/opensuse-security-announce/2009-01/msg00002.html USN-723-1 [oss-security] 20090120 Re: CVE request -- git http://www.openwall.com/lists/oss-security/2009/01/20/1 [oss-security] 20090121 Re: CVE request -- git http://www.openwall.com/lists/oss-security/2009/01/21/7 [oss-security] 20090123 Re: CVE request -- git http://www.openwall.com/lists/oss-security/2009/01/23/2 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=512330 http://repo.or.cz/w/git.git?a=commitdiff%3Bh=c582abae http://wiki.rpath.com/Advisories:rPSA-2009-0005 https://bugzilla.redhat.com/show_bug.cgi?id=479715 https://issues.rpath.com/browse/RPL-2936 Common Vulnerability Exposure (CVE) ID: CVE-2008-5517 33215 http://www.securityfocus.com/bid/33215 http://repo.or.cz/w/git.git?a=commitdiff%3Bh=516381d5
Copyright	Copyright (C) 2012 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.