VectorLinux

Please login or register.

Login with username, password and session length
Advanced search  

News:

Visit our home page for VL info. For support and documentation, visit the Vector Linux Knowledge Center or search the Knowledge Center and this Forum using the search box above.

Author Topic: 090224 git-1.6.1.3 closes known security vulnerability [VL 5.9 & VL 6.0]  (Read 3101 times)

caitlyn

  • Packager
  • Vectorian
  • ****
  • Posts: 2876
    • The Linux Works

The git packages in the extra repositories for VL 5.9 and VL 6.0 have a security vulnerability, a possible stack-based buffer overflow. 

See:  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3546

UPDATE: Updated git packages for VL 5.9/VL 5.9.1 and VL 6.0 are now available in the testing repositories for each release.
« Last Edit: February 24, 2009, 10:20:01 pm by caitlyn »
Logged
eMachines EL-1300G desktop, 1.6GHz AMD Athlon 2650e CPU, 4GB RAM, nVidia GeForce 6150 SE video
CentOS 6.5 (will try VL64-7.1 soon)

Toshiba Satellite A135-S4727,  Intel Pentium T2080 / 1.73 GHz, 2GB RAM, Intel GMA 950

HP Mini 110 netbook, 1.6GHz Intel Atom CPU, 2GB RAM, Intel 950 video, VL 7.1

caitlyn

  • Packager
  • Vectorian
  • ****
  • Posts: 2876
    • The Linux Works

UPDATE: The updated version of git is now in the extra repository rather than in testing.  Upgrade/installation via gslapt or slapt-get will now work regardless of whether or not you have testing enabled.
Logged
eMachines EL-1300G desktop, 1.6GHz AMD Athlon 2650e CPU, 4GB RAM, nVidia GeForce 6150 SE video
CentOS 6.5 (will try VL64-7.1 soon)

Toshiba Satellite A135-S4727,  Intel Pentium T2080 / 1.73 GHz, 2GB RAM, Intel GMA 950

HP Mini 110 netbook, 1.6GHz Intel Atom CPU, 2GB RAM, Intel 950 video, VL 7.1