Please support VectorLinux!

Author Topic: 090224 git-1.6.1.3 closes known security vulnerability [VL 5.9 & VL 6.0]  (Read 3056 times)

caitlyn

  • Packager
  • Vectorian
  • ****
  • Posts: 2876
    • The Linux Works
The git packages in the extra repositories for VL 5.9 and VL 6.0 have a security vulnerability, a possible stack-based buffer overflow. 

See:  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3546

UPDATE: Updated git packages for VL 5.9/VL 5.9.1 and VL 6.0 are now available in the testing repositories for each release.
« Last Edit: February 24, 2009, 10:20:01 pm by caitlyn »
eMachines EL-1300G desktop, 1.6GHz AMD Athlon 2650e CPU, 4GB RAM, nVidia GeForce 6150 SE video
CentOS 6.5 (will try VL64-7.1 soon)

Toshiba Satellite A135-S4727,  Intel Pentium T2080 / 1.73 GHz, 2GB RAM, Intel GMA 950

HP Mini 110 netbook, 1.6GHz Intel Atom CPU, 2GB RAM, Intel 950 video, VL 7.1

caitlyn

  • Packager
  • Vectorian
  • ****
  • Posts: 2876
    • The Linux Works
UPDATE: The updated version of git is now in the extra repository rather than in testing.  Upgrade/installation via gslapt or slapt-get will now work regardless of whether or not you have testing enabled.
eMachines EL-1300G desktop, 1.6GHz AMD Athlon 2650e CPU, 4GB RAM, nVidia GeForce 6150 SE video
CentOS 6.5 (will try VL64-7.1 soon)

Toshiba Satellite A135-S4727,  Intel Pentium T2080 / 1.73 GHz, 2GB RAM, Intel GMA 950

HP Mini 110 netbook, 1.6GHz Intel Atom CPU, 2GB RAM, Intel 950 video, VL 7.1