Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Backports:SLE-12-SP1
patchinfo.6332
_patchinfo
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _patchinfo of Package patchinfo.6332
<patchinfo incident="6332"> <issue id="1019037" tracker="bnc">VUL-0: CVE-2016-10130,CVE-2017-5338,CVE-2017-5339: libgit2: MITM possible due to lack of parameter for certificate parameter</issue> <issue id="1019036" tracker="bnc">VUL-0: CVE-2016-10128,CVE-2016-10129: libgit2: edge cases in the Git Smart Protocol can lead to attempting to parse outside of the buffer</issue> <issue id="2016-10130" tracker="cve" /> <issue id="2016-10128" tracker="cve" /> <issue id="2016-10129" tracker="cve" /> <issue id="2017-5339" tracker="cve" /> <issue id="2017-5338" tracker="cve" /> <category>security</category> <rating>moderate</rating> <packager>sreeves1</packager> <description> This update for libgit2 to version 0.24.6 fixes the following issues: - CVE-2016-10130: When using the custom certificate callback or when using pygit2 or git2go a attacker could have caused an invalid certificate to be accepted (bsc#1019037). - CVE-2017-5338: When using the custom certificate callback or when using pygit2 or git2go a attacker could have caused an invalid certificate to be accepted (bsc#1019037). - CVE-2017-5339: When using the custom certificate callback or when using pygit2 or git2go a attacker could have caused an invalid certificate to be accepted (bsc#1019037). - CVE-2016-10128: Additional sanitization prevent some edge cases in the Git Smart Protocol which can lead to reading outside of a buffer (bsc#1019036). - CVE-2016-10129: Additional sanitization prevent some edge cases in the Git Smart Protocol which can lead to reading outside of a buffer (bsc#1019036). </description> <summary>Security update for libgit2</summary> </patchinfo>
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor