Security update for libgit2
libgit2 was updated to fix an arbitrary command execution vulnerability on case-insentitive file systems.
The following vulnerability was fixed:
* When using programs using libgit2 on case-insensitive filesystems, .git/config could be overwritten, which allowed execution of arbitrary commands (boo#925040, CVE-2014-9390).
The configuration is uncommon as all default file systems on openSUSE are case sensitive.
Additionally, on openSUSE 13.2 libgit2 was updated to version 0.21.5 to backport further critical fixes.
-
Submitted by
Dominique Leuenberger (dimstar)
Fixed bugs
bnc#925040
VUL-0: CVE-2014-9390: libgit2: arbitrary command execution vulnerability on case-insensitive file systems
