Vulnerabilities > CVE-2019-1387 - Unspecified vulnerability in Git-Scm GIT

047910
CVSS 8.8 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
HIGH
Integrity impact
HIGH
Availability impact
HIGH
network
low complexity
git-scm
nessus

Summary

An issue was found in Git before v2.24.1, v2.23.1, v2.22.2, v2.21.1, v2.20.2, v2.19.3, v2.18.2, v2.17.3, v2.16.6, v2.15.4, and v2.14.6. Recursive clones are currently affected by a vulnerability that is caused by too-lax validation of submodule names, allowing very targeted attacks via remote code execution in recursive clones.

Nessus

  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2019-1CEC196E20.NASL
    descriptionPer the upstream release announcement¹, this release fixes
    last seen2020-06-01
    modified2020-06-02
    plugin id132639
    published2020-01-06
    reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/132639
    titleFedora 30 : git (2019-1cec196e20)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Fedora Security Advisory FEDORA-2019-1cec196e20.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(132639);
      script_version("1.2");
      script_cvs_date("Date: 2020/01/08");
    
      script_cve_id("CVE-2019-1348", "CVE-2019-1349", "CVE-2019-1350", "CVE-2019-1351", "CVE-2019-1352", "CVE-2019-1353", "CVE-2019-1354", "CVE-2019-1387", "CVE-2019-19604");
      script_xref(name:"FEDORA", value:"2019-1cec196e20");
    
      script_name(english:"Fedora 30 : git (2019-1cec196e20)");
      script_summary(english:"Checks rpm output for the updated package.");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Fedora host is missing a security update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Per the upstream release announcement¹, this release fixes
    'various security flaws, which allowed an attacker to overwrite
    arbitrary paths, remotely execute code, and/or overwrite files in the
    .git/ directory etc. See the release notes attached for the list for
    their descriptions and CVE identifiers.'
    
    Refer to the 2.14.6 release notes² for details on these
    vulnerabilities.
    
    ¹
    https://lore.kernel.org/git/[email protected]
    / ²
    https://www.kernel.org/pub/software/scm/git/docs/RelNotes/2.14.6.txt
    
    Note that Tenable Network Security has extracted the preceding
    description block directly from the Fedora update system website.
    Tenable has attempted to automatically clean and format it as much as
    possible without introducing additional issues."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bodhi.fedoraproject.org/updates/FEDORA-2019-1cec196e20"
      );
      # https://lore.kernel.org/git/[email protected]/
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?d05d9ca8"
      );
      script_set_attribute(attribute:"solution", value:"Update the affected git package.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
      script_set_attribute(attribute:"cvss_score_source", value:"CVE-2019-19604");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:git");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:30");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2019/12/11");
      script_set_attribute(attribute:"patch_publication_date", value:"2020/01/04");
      script_set_attribute(attribute:"plugin_publication_date", value:"2020/01/06");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Fedora Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/RedHat/release");
    if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora");
    os_ver = pregmatch(pattern: "Fedora.*release ([0-9]+)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora");
    os_ver = os_ver[1];
    if (! preg(pattern:"^30([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 30", "Fedora " + os_ver);
    
    if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu);
    
    
    flag = 0;
    if (rpm_check(release:"FC30", reference:"git-2.21.1-1.fc30")) flag++;
    
    
    if (flag)
    {
      security_report_v4(
        port       : 0,
        severity   : SECURITY_HOLE,
        extra      : rpm_report_get()
      );
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "git");
    }
    
  • NASL familyCentOS Local Security Checks
    NASL idCENTOS_RHSA-2020-0124.NASL
    descriptionAn update for git is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Git is a distributed revision control system with a decentralized architecture. As opposed to centralized version control systems with a client-server model, Git ensures that each working copy of a Git repository is an exact copy with complete revision history. This not only allows the user to work on and contribute to projects without the need to have permission to push the changes to their official repositories, but also makes it possible for the user to work with no network connection. Security Fix(es) : * git: Remote code execution in recursive clones with nested submodules (CVE-2019-1387) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
    last seen2020-06-01
    modified2020-06-02
    plugin id133100
    published2020-01-21
    reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/133100
    titleCentOS 7 : git (CESA-2020:0124)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Red Hat Security Advisory RHSA-2020:0124 and 
    # CentOS Errata and Security Advisory 2020:0124 respectively.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(133100);
      script_version("1.2");
      script_cvs_date("Date: 2020/01/23");
    
      script_cve_id("CVE-2019-1387");
      script_xref(name:"RHSA", value:"2020:0124");
    
      script_name(english:"CentOS 7 : git (CESA-2020:0124)");
      script_summary(english:"Checks rpm output for the updated packages");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote CentOS host is missing one or more security updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "An update for git is now available for Red Hat Enterprise Linux 7.
    
    Red Hat Product Security has rated this update as having a security
    impact of Important. A Common Vulnerability Scoring System (CVSS) base
    score, which gives a detailed severity rating, is available for each
    vulnerability from the CVE link(s) in the References section.
    
    Git is a distributed revision control system with a decentralized
    architecture. As opposed to centralized version control systems with a
    client-server model, Git ensures that each working copy of a Git
    repository is an exact copy with complete revision history. This not
    only allows the user to work on and contribute to projects without the
    need to have permission to push the changes to their official
    repositories, but also makes it possible for the user to work with no
    network connection.
    
    Security Fix(es) :
    
    * git: Remote code execution in recursive clones with nested
    submodules (CVE-2019-1387)
    
    For more details about the security issue(s), including the impact, a
    CVSS score, acknowledgments, and other related information, refer to
    the CVE page(s) listed in the References section."
      );
      # https://lists.centos.org/pipermail/centos-announce/2020-January/035606.html
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?dd7b17a1"
      );
      script_set_attribute(attribute:"solution", value:"Update the affected git packages.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
      script_set_attribute(attribute:"cvss_score_source", value:"CVE-2019-1387");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:emacs-git");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:emacs-git-el");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:git");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:git-all");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:git-bzr");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:git-cvs");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:git-daemon");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:git-email");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:git-gnome-keyring");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:git-gui");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:git-hg");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:git-instaweb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:git-p4");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:git-svn");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:gitk");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:gitweb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:perl-Git");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:perl-Git-SVN");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:centos:centos:7");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2019/12/18");
      script_set_attribute(attribute:"patch_publication_date", value:"2020/01/18");
      script_set_attribute(attribute:"plugin_publication_date", value:"2020/01/21");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"CentOS Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/CentOS/release", "Host/CentOS/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/CentOS/release");
    if (isnull(release) || "CentOS" >!< release) audit(AUDIT_OS_NOT, "CentOS");
    os_ver = pregmatch(pattern: "CentOS(?: Linux)? release ([0-9]+)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "CentOS");
    os_ver = os_ver[1];
    if (! preg(pattern:"^7([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "CentOS 7.x", "CentOS " + os_ver);
    
    if (!get_kb_item("Host/CentOS/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "CentOS", cpu);
    
    
    flag = 0;
    if (rpm_check(release:"CentOS-7", cpu:"x86_64", reference:"emacs-git-1.8.3.1-21.el7_7")) flag++;
    if (rpm_check(release:"CentOS-7", cpu:"x86_64", reference:"emacs-git-el-1.8.3.1-21.el7_7")) flag++;
    if (rpm_check(release:"CentOS-7", cpu:"x86_64", reference:"git-1.8.3.1-21.el7_7")) flag++;
    if (rpm_check(release:"CentOS-7", cpu:"x86_64", reference:"git-all-1.8.3.1-21.el7_7")) flag++;
    if (rpm_check(release:"CentOS-7", cpu:"x86_64", reference:"git-bzr-1.8.3.1-21.el7_7")) flag++;
    if (rpm_check(release:"CentOS-7", cpu:"x86_64", reference:"git-cvs-1.8.3.1-21.el7_7")) flag++;
    if (rpm_check(release:"CentOS-7", cpu:"x86_64", reference:"git-daemon-1.8.3.1-21.el7_7")) flag++;
    if (rpm_check(release:"CentOS-7", cpu:"x86_64", reference:"git-email-1.8.3.1-21.el7_7")) flag++;
    if (rpm_check(release:"CentOS-7", cpu:"x86_64", reference:"git-gnome-keyring-1.8.3.1-21.el7_7")) flag++;
    if (rpm_check(release:"CentOS-7", cpu:"x86_64", reference:"git-gui-1.8.3.1-21.el7_7")) flag++;
    if (rpm_check(release:"CentOS-7", cpu:"x86_64", reference:"git-hg-1.8.3.1-21.el7_7")) flag++;
    if (rpm_check(release:"CentOS-7", cpu:"x86_64", reference:"git-instaweb-1.8.3.1-21.el7_7")) flag++;
    if (rpm_check(release:"CentOS-7", cpu:"x86_64", reference:"git-p4-1.8.3.1-21.el7_7")) flag++;
    if (rpm_check(release:"CentOS-7", cpu:"x86_64", reference:"git-svn-1.8.3.1-21.el7_7")) flag++;
    if (rpm_check(release:"CentOS-7", cpu:"x86_64", reference:"gitk-1.8.3.1-21.el7_7")) flag++;
    if (rpm_check(release:"CentOS-7", cpu:"x86_64", reference:"gitweb-1.8.3.1-21.el7_7")) flag++;
    if (rpm_check(release:"CentOS-7", cpu:"x86_64", reference:"perl-Git-1.8.3.1-21.el7_7")) flag++;
    if (rpm_check(release:"CentOS-7", cpu:"x86_64", reference:"perl-Git-SVN-1.8.3.1-21.el7_7")) flag++;
    
    
    if (flag)
    {
      security_report_v4(
        port       : 0,
        severity   : SECURITY_WARNING,
        extra      : rpm_report_get()
      );
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "emacs-git / emacs-git-el / git / git-all / git-bzr / git-cvs / etc");
    }
    
  • NASL familyGentoo Local Security Checks
    NASL idGENTOO_GLSA-202003-30.NASL
    descriptionThe remote host is affected by the vulnerability described in GLSA-202003-30 (Git: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in Git. Please review the CVE identifiers referenced below for details. Impact : An attacker could possibly overwrite arbitrary paths, execute arbitrary code, and overwrite files in the .git directory. Workaround : There is no known workaround at this time.
    last seen2020-03-24
    modified2020-03-16
    plugin id134607
    published2020-03-16
    reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/134607
    titleGLSA-202003-30 : Git: Multiple vulnerabilities
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from Gentoo Linux Security Advisory GLSA 202003-30.
    #
    # The advisory text is Copyright (C) 2001-2020 Gentoo Foundation, Inc.
    # and licensed under the Creative Commons - Attribution / Share Alike 
    # license. See http://creativecommons.org/licenses/by-sa/3.0/
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(134607);
      script_version("1.3");
      script_set_attribute(attribute:"plugin_modification_date", value:"2020/03/23");
    
      script_cve_id("CVE-2019-1348", "CVE-2019-1349", "CVE-2019-1350", "CVE-2019-1351", "CVE-2019-1352", "CVE-2019-1353", "CVE-2019-1354", "CVE-2019-1387", "CVE-2019-19604");
      script_xref(name:"GLSA", value:"202003-30");
    
      script_name(english:"GLSA-202003-30 : Git: Multiple vulnerabilities");
      script_summary(english:"Checks for updated package(s) in /var/db/pkg");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:
    "The remote Gentoo host is missing one or more security-related
    patches."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "The remote host is affected by the vulnerability described in GLSA-202003-30
    (Git: Multiple vulnerabilities)
    
        Multiple vulnerabilities have been discovered in Git. Please review the
          CVE identifiers referenced below for details.
      
    Impact :
    
        An attacker could possibly overwrite arbitrary paths, execute arbitrary
          code, and overwrite files in the .git directory.
      
    Workaround :
    
        There is no known workaround at this time."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://security.gentoo.org/glsa/202003-30"
      );
      script_set_attribute(
        attribute:"solution", 
        value:
    "All Git 2.21.x users should upgrade to the latest version:
          # emerge --sync
          # emerge --ask --oneshot --verbose '>=dev-vcs/git-2.21.1'
        All Git 2.23.x users should upgrade to the latest version:
          # emerge --sync
          # emerge --ask --oneshot --verbose '>=dev-vcs/git-2.23.1-r1'
        All Git 2.24.x users should upgrade to the latest version:
          # emerge --sync
          # emerge --ask --oneshot --verbose '>=dev-vcs/git-2.24.1'"
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
      script_set_attribute(attribute:"cvss_score_source", value:"CVE-2019-19604");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:git");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:gentoo:linux");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2019/12/11");
      script_set_attribute(attribute:"patch_publication_date", value:"2020/03/15");
      script_set_attribute(attribute:"plugin_publication_date", value:"2020/03/16");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Gentoo Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/Gentoo/release", "Host/Gentoo/qpkg-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("qpkg.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    if (!get_kb_item("Host/Gentoo/release")) audit(AUDIT_OS_NOT, "Gentoo");
    if (!get_kb_item("Host/Gentoo/qpkg-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    
    flag = 0;
    
    if (qpkg_check(package:"dev-vcs/git", unaffected:make_list("rge 2.21.1", "rge 2.23.1-r1", "rge 2.24.1"), vulnerable:make_list("lt 2.24.1"))) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());
      else security_hole(0);
      exit(0);
    }
    else
    {
      tested = qpkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "Git");
    }
    
  • NASL familyNewStart CGSL Local Security Checks
    NASL idNEWSTART_CGSL_NS-SA-2020-0014_GIT.NASL
    descriptionThe remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has git packages installed that are affected by a vulnerability: - A flaw was discovered where git improperly validates submodules
    last seen2020-05-15
    modified2020-04-21
    plugin id135761
    published2020-04-21
    reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/135761
    titleNewStart CGSL CORE 5.04 / MAIN 5.04 : git Vulnerability (NS-SA-2020-0014)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    
    
    # The descriptive text and package checks in this plugin were
    # extracted from ZTE advisory NS-SA-2020-0014. The text
    # itself is copyright (C) ZTE, Inc.
    
    
    include('compat.inc');
    
    if (description)
    {
      script_id(135761);
      script_version("1.2");
      script_set_attribute(attribute:"plugin_modification_date", value:"2020/04/23");
    
      script_cve_id("CVE-2019-1387");
    
      script_name(english:"NewStart CGSL CORE 5.04 / MAIN 5.04 : git Vulnerability (NS-SA-2020-0014)");
    
      script_set_attribute(attribute:"synopsis", value:
    "The remote machine is affected by a vulnerability.");
      script_set_attribute(attribute:"description", value:
    "The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has git packages installed that are affected by a
    vulnerability:
    
      - A flaw was discovered where git improperly validates
        submodules' names used to construct git metadata paths
        and does not prevent them from being nested in existing
        directories used to store another submodule's metadata.
        A remote attacker could abuse this flaw to trick a
        victim user into cloning a malicious repository
        containing submodules, which, when recursively cloned,
        would trigger the flaw and remotely execute code on the
        victim's machine. (CVE-2019-1387)
    
    Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version
    number.");
      script_set_attribute(attribute:"see_also", value:"http://security.gd-linux.com/notice/NS-SA-2020-0014");
      script_set_attribute(attribute:"solution", value:
    "Upgrade the vulnerable CGSL git packages. Note that updated packages may not be available yet. Please contact ZTE for
    more information.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
      script_set_attribute(attribute:"cvss_score_source", value:"CVE-2019-1387");
    
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2020/03/04");
      script_set_attribute(attribute:"patch_publication_date", value:"2020/03/04");
      script_set_attribute(attribute:"plugin_publication_date", value:"2020/04/21");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_family(english:"NewStart CGSL Local Security Checks");
    
      script_copyright(english:"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/ZTE-CGSL/release", "Host/ZTE-CGSL/rpm-list", "Host/cpu");
    
      exit(0);
    }
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    
    release = get_kb_item("Host/ZTE-CGSL/release");
    if (isnull(release) || release !~ "^CGSL (MAIN|CORE)") audit(AUDIT_OS_NOT, "NewStart Carrier Grade Server Linux");
    
    if (release !~ "CGSL CORE 5.04" &&
        release !~ "CGSL MAIN 5.04")
      audit(AUDIT_OS_NOT, 'NewStart CGSL CORE 5.04 / NewStart CGSL MAIN 5.04');
    
    if (!get_kb_item("Host/ZTE-CGSL/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "NewStart Carrier Grade Server Linux", cpu);
    
    flag = 0;
    
    pkgs = {
      "CGSL CORE 5.04": [
        "emacs-git-1.8.3.1-21.el7_7",
        "emacs-git-el-1.8.3.1-21.el7_7",
        "git-1.8.3.1-21.el7_7",
        "git-all-1.8.3.1-21.el7_7",
        "git-bzr-1.8.3.1-21.el7_7",
        "git-cvs-1.8.3.1-21.el7_7",
        "git-daemon-1.8.3.1-21.el7_7",
        "git-debuginfo-1.8.3.1-21.el7_7",
        "git-email-1.8.3.1-21.el7_7",
        "git-gnome-keyring-1.8.3.1-21.el7_7",
        "git-gui-1.8.3.1-21.el7_7",
        "git-hg-1.8.3.1-21.el7_7",
        "git-instaweb-1.8.3.1-21.el7_7",
        "git-p4-1.8.3.1-21.el7_7",
        "git-svn-1.8.3.1-21.el7_7",
        "gitk-1.8.3.1-21.el7_7",
        "gitweb-1.8.3.1-21.el7_7",
        "perl-Git-1.8.3.1-21.el7_7",
        "perl-Git-SVN-1.8.3.1-21.el7_7"
      ],
      "CGSL MAIN 5.04": [
        "emacs-git-1.8.3.1-21.el7_7",
        "emacs-git-el-1.8.3.1-21.el7_7",
        "git-1.8.3.1-21.el7_7",
        "git-all-1.8.3.1-21.el7_7",
        "git-bzr-1.8.3.1-21.el7_7",
        "git-cvs-1.8.3.1-21.el7_7",
        "git-daemon-1.8.3.1-21.el7_7",
        "git-debuginfo-1.8.3.1-21.el7_7",
        "git-email-1.8.3.1-21.el7_7",
        "git-gnome-keyring-1.8.3.1-21.el7_7",
        "git-gui-1.8.3.1-21.el7_7",
        "git-hg-1.8.3.1-21.el7_7",
        "git-instaweb-1.8.3.1-21.el7_7",
        "git-p4-1.8.3.1-21.el7_7",
        "git-svn-1.8.3.1-21.el7_7",
        "gitk-1.8.3.1-21.el7_7",
        "gitweb-1.8.3.1-21.el7_7",
        "perl-Git-1.8.3.1-21.el7_7",
        "perl-Git-SVN-1.8.3.1-21.el7_7"
      ]
    };
    pkg_list = pkgs[release];
    
    foreach (pkg in pkg_list)
      if (rpm_check(release:"ZTE " + release, reference:pkg)) flag++;
    
    if (flag)
    {
      security_report_v4(
        port       : 0,
        severity   : SECURITY_WARNING,
        extra      : rpm_report_get()
      );
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "git");
    }
    
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2020-1121-1.NASL
    descriptionThis update for git fixes the following issues : Security issues fixed : CVE-2020-11008: Specially crafted URLs may have tricked the credentials helper to providing credential information that is not appropriate for the protocol in use and host being contacted (bsc#1169936) git was updated to 2.26.1 (bsc#1169786, jsc#ECO-1628, bsc#1149792) Fix git-daemon not starting after conversion from sysvinit to systemd service (bsc#1169605). CVE-2020-5260: Specially crafted URLs with newline characters could have been used to make the Git client to send credential information for a wrong host to the attacker
    last seen2020-05-06
    modified2020-04-29
    plugin id136074
    published2020-04-29
    reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/136074
    titleSUSE SLED15 / SLES15 Security Update : git (SUSE-SU-2020:1121-1)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from SUSE update advisory SUSE-SU-2020:1121-1.
    # The text itself is copyright (C) SUSE.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(136074);
      script_version("1.2");
      script_set_attribute(attribute:"plugin_modification_date", value:"2020/05/04");
    
      script_cve_id("CVE-2017-15298", "CVE-2018-11233", "CVE-2018-11235", "CVE-2018-17456", "CVE-2019-1348", "CVE-2019-1349", "CVE-2019-1350", "CVE-2019-1351", "CVE-2019-1352", "CVE-2019-1353", "CVE-2019-1354", "CVE-2019-1387", "CVE-2019-19604", "CVE-2020-11008", "CVE-2020-5260");
    
      script_name(english:"SUSE SLED15 / SLES15 Security Update : git (SUSE-SU-2020:1121-1)");
      script_summary(english:"Checks rpm output for the updated packages.");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote SUSE host is missing one or more security updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "This update for git fixes the following issues :
    
    Security issues fixed :
    
    CVE-2020-11008: Specially crafted URLs may have tricked the
    credentials helper to providing credential information that is not
    appropriate for the protocol in use and host being contacted
    (bsc#1169936)
    
    git was updated to 2.26.1 (bsc#1169786, jsc#ECO-1628, bsc#1149792)
    
    Fix git-daemon not starting after conversion from sysvinit to systemd
    service (bsc#1169605).
    
    CVE-2020-5260: Specially crafted URLs with newline characters could
    have been used to make the Git client to send credential information
    for a wrong host to the attacker's site bsc#1168930
    
    git 2.26.0 (bsc#1167890, jsc#SLE-11608) :
    
    'git rebase' now uses a different backend that is based on the 'merge'
    machinery by default. The 'rebase.backend' configuration variable
    reverts to old behaviour when set to 'apply'
    
    Improved handling of sparse checkouts
    
    Improvements to many commands and internal features
    
    git 2.25.2 :
    
    bug fixes to various subcommands in specific operations
    
    git 2.25.1 :
    
    'git commit' now honors advise.statusHints
    
    various updates, bug fixes and documentation updates
    
    git 2.25.0
    
    The branch description ('git branch --edit-description') has been used
    to fill the body of the cover letters by the format-patch command;
    this has been enhanced so that the subject can also be filled.
    
    A few commands learned to take the pathspec from the standard input or
    a named file, instead of taking it as the command line arguments, with
    the '--pathspec-from-file' option.
    
    Test updates to prepare for SHA-2 transition continues.
    
    Redo 'git name-rev' to avoid recursive calls.
    
    When all files from some subdirectory were renamed to the root
    directory, the directory rename heuristics would fail to detect that
    as a rename/merge of the subdirectory to the root directory, which has
    been corrected.
    
    HTTP transport had possible allocator/deallocator mismatch, which has
    been corrected.
    
    git 2.24.1 :
    
    CVE-2019-1348: The --export-marks option of fast-import is exposed
    also via the in-stream command feature export-marks=... and it allows
    overwriting arbitrary paths (bsc#1158785)
    
    CVE-2019-1349: on Windows, when submodules are cloned recursively,
    under certain circumstances Git could be fooled into using the same
    Git directory twice (bsc#1158787)
    
    CVE-2019-1350: Incorrect quoting of command-line arguments allowed
    remote code execution during a recursive clone in conjunction with SSH
    URLs (bsc#1158788)
    
    CVE-2019-1351: on Windows mistakes drive letters outside of the
    US-English alphabet as relative paths (bsc#1158789)
    
    CVE-2019-1352: on Windows was unaware of NTFS Alternate Data Streams
    (bsc#1158790)
    
    CVE-2019-1353: when run in the Windows Subsystem for Linux while
    accessing a working directory on a regular Windows drive, none of the
    NTFS protections were active (bsc#1158791)
    
    CVE-2019-1354: on Windows refuses to write tracked files with
    filenames that contain backslashes (bsc#1158792)
    
    CVE-2019-1387: Recursive clones vulnerability that is caused by
    too-lax validation of submodule names, allowing very targeted attacks
    via remote code execution in recursive clones (bsc#1158793)
    
    CVE-2019-19604: a recursive clone followed by a submodule update could
    execute code contained within the repository without the user
    explicitly having asked for that (bsc#1158795)
    
    git 2.24.0
    
    The command line parser learned '--end-of-options' notation.
    
    A mechanism to affect the default setting for a (related) group of
    configuration variables is introduced.
    
    'git fetch' learned '--set-upstream' option to help those who first
    clone from their private fork they intend to push to, add the true
    upstream via 'git remote add' and then 'git fetch' from it.
    
    fixes and improvements to UI, workflow and features, bash completion
    fixes
    
    git 2.23.0 :
    
    The '--base' option of 'format-patch' computed the patch-ids for
    prerequisite patches in an unstable way, which has been updated to
    compute in a way that is compatible with 'git patch-id
    
    --stable'.
    
    The 'git log' command by default behaves as if the --mailmap option
    was given.
    
    fixes and improvements to UI, workflow and features
    
    git 2.22.1
    
    A relative pathname given to 'git init --template=<path> <repo>' ought
    to be relative to the directory 'git init' gets invoked in, but it
    instead was made relative to the repository, which has been corrected.
    </repo></path>
    
    'git worktree add' used to fail when another worktree connected to the
    same repository was corrupt, which has been corrected.
    
    'git am -i --resolved' segfaulted after trying to see a commit as if
    it were a tree, which has been corrected.
    
    'git merge --squash' is designed to update the working tree and the
    index without creating the commit, and this cannot be countermanded by
    adding the '--commit' option; the command now refuses to work when
    both options are given.
    
    Update to Unicode 12.1 width table.
    
    'git request-pull' learned to warn when the ref we ask them to pull
    from in the local repository and in the published repository are
    different.
    
    'git fetch' into a lazy clone forgot to fetch base objects that are
    necessary to complete delta in a thin packfile, which has been
    corrected.
    
    The URL decoding code has been updated to avoid going past the end of
    the string while parsing %-<hex>-<hex> sequence. </hex></hex>
    
    'git clean' silently skipped a path when it cannot lstat() it; now it
    gives a warning.
    
    'git rm' to resolve a conflicted path leaked an internal message
    'needs merge' before actually removing the path, which was confusing.
    This has been corrected.
    
    Many more bugfixes and code cleanups.
    
    removal of SuSEfirewall2 service, since SuSEfirewall2 has been
    replaced by firewalld.
    
    partial fix for git instaweb giving 500 error (bsc#1112230)
    
    git 2.22.0
    
    The filter specification '--filter=sparse:path=<path>' used to create
    a lazy/partial clone has been removed. Using a blob that is part of
    the project as sparse specification is still supported with the
    '--filter=sparse:oid=<blob>' option </blob></path>
    
    'git checkout --no-overlay' can be used to trigger a new mode of
    checking out paths out of the tree-ish, that allows paths that match
    the pathspec that are in the current index and working tree and are
    not in the tree-ish.
    
    Four new configuration variables {author,committer}.{name,email} have
    been introduced to override user.{name,email} in more specific cases.
    
    'git branch' learned a new subcommand '--show-current'.
    
    The command line completion (in contrib/) has been taught to complete
    more subcommand parameters.
    
    The completion helper code now pays attention to repository-local
    configuration (when available), which allows --list-cmds to honour a
    repository specific setting of completion.commands, for example.
    
    The list of conflicted paths shown in the editor while concluding a
    conflicted merge was shown above the scissors line when the clean-up
    mode is set to 'scissors', even though it was commented out just like
    the list of updated paths and other information to help the user
    explain the merge better.
    
    'git rebase' that was reimplemented in C did not set ORIG_HEAD
    correctly, which has been corrected.
    
    'git worktree add' used to do a 'find an available name with stat and
    then mkdir', which is race-prone. This has been fixed by using mkdir
    and reacting to EEXIST in a loop.
    
    Move to DocBook 5.x. Asciidoctor 2.x no longer supports the legacy
    DocBook 4.5 format.
    
    update git-web AppArmor profile for bash and tar usrMerge
    (bsc#1132350)
    
    git 2.21.0
    
    Historically, the '-m' (mainline) option can only be used for 'git
    cherry-pick' and 'git revert' when working with a merge commit. This
    version of Git no longer warns or errors out when working with a
    single-parent commit, as long as the argument to the '-m' option is 1
    (i.e. it has only one parent, and the request is to pick or revert
    relative to that first parent). Scripts that relied on the behaviour
    may get broken with this change.
    
    Small fixes and features for fast-export and fast-import.
    
    The 'http.version' configuration variable can be used with recent
    enough versions of cURL library to force the version of HTTP used to
    talk when fetching and pushing.
    
    'git push $there $src:$dst' rejects when $dst is not a fully qualified
    refname and it is not clear what the end user meant.
    
    Update 'git multimail' from the upstream.
    
    A new date format '--date=human' that morphs its output depending on
    how far the time is from the current time has been introduced.
    '--date=auto:human' can be used to use this new format (or any
    existing format) when the output is going to the pager or to the
    terminal, and otherwise the default format.
    
    Fix worktree creation race (bsc#1114225).
    
    add shadow build dependency to the -daemon subpackage.
    
    git 2.20.1 :
    
    portability fixes
    
    'git help -a' did not work well when an overly long alias was defined
    
    no longer squelched an error message when the run_command API failed
    to run a missing command
    
    git 2.20.0
    
    'git help -a' now gives verbose output (same as 'git help -av'). Those
    who want the old output may say 'git help --no-verbose -a'..
    
    'git send-email' learned to grab address-looking string on any trailer
    whose name ends with '-by'.
    
    'git format-patch' learned new '--interdiff' and '--range-diff'
    options to explain the difference between this version and the
    previous attempt in the cover letter (or after the three-dashes as a
    comment).
    
    Developer builds now use -Wunused-function compilation option.
    
    Fix a bug in which the same path could be registered under multiple
    worktree entries if the path was missing (for instance, was removed
    manually). Also, as a convenience, expand the number of cases in which
    
    --force is applicable.
    
    The overly large Documentation/config.txt file have been split into
    million little pieces. This potentially allows each individual piece
    to be included into the manual page of the command it affects more
    easily.
    
    Malformed or crafted data in packstream can make our code attempt to
    read or write past the allocated buffer and abort, instead of
    reporting an error, which has been fixed.
    
    Fix for a long-standing bug that leaves the index file corrupt when it
    shrinks during a partial commit.
    
    'git merge' and 'git pull' that merges into an unborn branch used to
    completely ignore '--verify-signatures', which has been corrected.
    
    ...and much more features and fixes
    
    git 2.19.2 :
    
    various bug fixes for multiple subcommands and operations
    
    git 2.19.1 :
    
    CVE-2018-17456: Specially crafted .gitmodules files may have allowed
    arbitrary code execution when the repository is cloned with
    
    --recurse-submodules (bsc#1110949)
    
    git 2.19.0 :
    
    'git diff' compares the index and the working tree. For paths added
    with intent-to-add bit, the command shows the full contents of them as
    added, but the paths themselves were not marked as new files. They are
    now shown as new by default.
    
    'git apply' learned the '--intent-to-add' option so that an otherwise
    working-tree-only application of a patch will add new paths to the
    index marked with the 'intent-to-add' bit.
    
    'git grep' learned the '--column' option that gives not just the line
    number but the column number of the hit.
    
    The '-l' option in 'git branch -l' is an unfortunate short-hand for
    '--create-reflog', but many users, both old and new, somehow expect it
    to be something else, perhaps '--list'. This step warns when '-l' is
    used as a short-hand for '--create-reflog' and warns about the future
    repurposing of the it when it is used.
    
    The userdiff pattern for .php has been updated.
    
    The content-transfer-encoding of the message 'git send-email' sends
    out by default was 8bit, which can cause trouble when there is an
    overlong line to bust RFC 5322/2822 limit. A new option 'auto' to
    automatically switch to quoted-printable when there is such a line in
    the payload has been introduced and is made the default.
    
    'git checkout' and 'git worktree add' learned to honor
    checkout.defaultRemote when auto-vivifying a local branch out of a
    remote tracking branch in a repository with multiple remotes that have
    tracking branches that share the same names. (merge 8d7b558bae
    ab/checkout-default-remote later to maint).
    
    'git grep' learned the '--only-matching' option.
    
    'git rebase --rebase-merges' mode now handles octopus merges as well.
    
    Add a server-side knob to skip commits in exponential/fibbonacci
    stride in an attempt to cover wider swath of history with a smaller
    number of iterations, potentially accepting a larger packfile
    transfer, instead of going back one commit a time during common
    ancestor discovery during the 'git fetch' transaction. (merge
    42cc7485a2 jt/fetch-negotiator-skipping later to maint).
    
    A new configuration variable core.usereplacerefs has been added,
    primarily to help server installations that want to ignore the replace
    mechanism altogether.
    
    Teach 'git tag -s' etc. a few configuration variables (gpg.format that
    can be set to 'openpgp' or 'x509', and gpg.<format>.program that is
    used to specify what program to use to deal with the format) to allow
    x.509 certs with CMS via 'gpgsm' to be used instead of openpgp via
    'gnupg'. </format>
    
    Many more strings are prepared for l10n.
    
    'git p4 submit' learns to ask its own pre-submit hook if it should
    continue with submitting.
    
    The test performed at the receiving end of 'git push' to prevent bad
    objects from entering repository can be customized via receive.fsck.*
    configuration variables; we now have gained a counterpart to do the
    same on the 'git fetch' side, with fetch.fsck.* configuration
    variables.
    
    'git pull --rebase=interactive' learned 'i' as a short-hand for
    'interactive'.
    
    'git instaweb' has been adjusted to run better with newer Apache on
    RedHat based distros.
    
    'git range-diff' is a reimplementation of 'git tbdiff' that lets us
    compare individual patches in two iterations of a topic.
    
    The sideband code learned to optionally paint selected keywords at the
    beginning of incoming lines on the receiving end.
    
    'git branch --list' learned to take the default sort order from the
    'branch.sort' configuration variable, just like 'git tag --list' pays
    attention to 'tag.sort'.
    
    'git worktree' command learned '--quiet' option to make it less
    verbose.
    
    git 2.18.0 :
    
    improvements to rename detection logic
    
    When built with more recent cURL, GIT_SSL_VERSION can now specify
    'tlsv1.3' as its value.
    
    'git mergetools' learned talking to guiffy.
    
    various other workflow improvements and fixes
    
    performance improvements and other developer visible fixes
    
    git 2.17.1
    
    Submodule 'names' come from the untrusted .gitmodules file, but we
    blindly append them to $GIT_DIR/modules to create our on-disk repo
    paths. This means you can do bad things by putting '../' into the
    name. We now enforce some rules for submodule names which will cause
    Git to ignore these malicious names (CVE-2018-11235, bsc#1095219)
    
    It was possible to trick the code that sanity-checks paths on NTFS
    into reading random piece of memory (CVE-2018-11233, bsc#1095218)
    
    Support on the server side to reject pushes to repositories that
    attempt to create such problematic .gitmodules file etc. as tracked
    contents, to help hosting sites protect their customers by preventing
    malicious contents from spreading.
    
    git 2.17.0 :
    
    'diff' family of commands learned '--find-object=<object-id>' option
    to limit the findings to changes that involve the named object.
    </object-id>
    
    'git format-patch' learned to give 72-cols to diffstat, which is
    consistent with other line length limits the subcommand uses for its
    output meant for e-mails.
    
    The log from 'git daemon' can be redirected with a new option; one
    relevant use case is to send the log to standard error (instead of
    syslog) when running it from inetd.
    
    'git rebase' learned to take '--allow-empty-message' option.
    
    'git am' has learned the '--quit' option, in addition to the existing
    '--abort' option; having the pair mirrors a few other commands like
    'rebase' and 'cherry-pick'.
    
    'git worktree add' learned to run the post-checkout hook, just like
    'git clone' runs it upon the initial checkout.
    
    'git tag' learned an explicit '--edit' option that allows the message
    given via '-m' and '-F' to be further edited.
    
    'git fetch --prune-tags' may be used as a handy short-hand for getting
    rid of stale tags that are locally held.
    
    The new '--show-current-patch' option gives an end-user facing way to
    get the diff being applied when 'git rebase' (and 'git am') stops with
    a conflict.
    
    'git add -p' used to offer '/' (look for a matching hunk) as a choice,
    even there was only one hunk, which has been corrected. Also the
    single-key help is now given only for keys that are enabled (e.g. help
    for '/' won't be shown when there is only one hunk).
    
    Since Git 1.7.9, 'git merge' defaulted to --no-ff (i.e. even when the
    side branch being merged is a descendant of the current commit, create
    a merge commit instead of fast-forwarding) when merging a tag object.
    This was appropriate default for integrators who pull signed tags from
    their downstream contributors, but caused an unnecessary merges when
    used by downstream contributors who habitually 'catch up' their topic
    branches with tagged releases from the upstream. Update 'git merge' to
    default to --no-ff only when merging a tag object that does *not* sit
    at its usual place in refs/tags/ hierarchy, and allow fast-forwarding
    otherwise, to mitigate the problem.
    
    'git status' can spend a lot of cycles to compute the relation between
    the current branch and its upstream, which can now be disabled with
    '--no-ahead-behind' option.
    
    'git diff' and friends learned funcname patterns for Go language
    source files.
    
    'git send-email' learned '--reply-to=<address>' option. </address>
    
    Funcname pattern used for C# now recognizes 'async' keyword.
    
    In a way similar to how 'git tag' learned to honor the pager setting
    only in the list mode, 'git config' learned to ignore the pager
    setting when it is used for setting values (i.e. when the purpose of
    the operation is not to 'show').
    
    Note that Tenable Network Security has extracted the preceding
    description block directly from the SUSE security advisory. Tenable
    has attempted to automatically clean and format it as much as possible
    without introducing additional issues."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1063412"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1095218"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1095219"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1110949"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1112230"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1114225"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1132350"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1149792"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1156651"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1158785"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1158787"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1158788"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1158789"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1158790"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1158791"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1158792"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1158793"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1158795"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1167890"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1168930"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1169605"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1169786"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1169936"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2017-15298/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2018-11233/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2018-11235/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2018-17456/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2019-1348/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2019-1349/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2019-1350/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2019-1351/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2019-1352/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2019-1353/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2019-1354/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2019-1387/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2019-19604/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2020-11008/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2020-5260/"
      );
      # https://www.suse.com/support/update/announcement/2020/suse-su-20201121-1/
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?47879213"
      );
      script_set_attribute(
        attribute:"solution", 
        value:
    "To install this SUSE Security Update use the SUSE recommended
    installation methods like YaST online_update or 'zypper patch'.
    
    Alternatively you can run the command listed for your product :
    
    SUSE Linux Enterprise Module for Open Buildservice Development Tools
    15-SP1 :
    
    zypper in -t patch
    SUSE-SLE-Module-Development-Tools-OBS-15-SP1-2020-1121=1
    
    SUSE Linux Enterprise Module for Development Tools 15-SP1 :
    
    zypper in -t patch
    SUSE-SLE-Module-Development-Tools-15-SP1-2020-1121=1
    
    SUSE Linux Enterprise Module for Basesystem 15-SP1 :
    
    zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP1-2020-1121=1"
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
      script_set_cvss_temporal_vector("CVSS2#E:F/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:F/RL:O/RC:C");
      script_set_attribute(attribute:"cvss_score_source", value:"CVE-2019-19604");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
      script_set_attribute(attribute:"metasploit_name", value:'Malicious Git HTTP Server For CVE-2018-17456');
      script_set_attribute(attribute:"exploit_framework_metasploit", value:"true");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:git");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:git-arch");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:git-core");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:git-core-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:git-credential-gnome-keyring");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:git-credential-gnome-keyring-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:git-credential-libsecret");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:git-credential-libsecret-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:git-cvs");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:git-daemon");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:git-daemon-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:git-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:git-debugsource");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:git-email");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:git-gui");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:git-p4");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:git-svn");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:git-svn-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:git-web");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:gitk");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:15");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2017/10/14");
      script_set_attribute(attribute:"patch_publication_date", value:"2020/04/27");
      script_set_attribute(attribute:"plugin_publication_date", value:"2020/04/29");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"SuSE Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/SuSE/release");
    if (isnull(release) || release !~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "SUSE");
    os_ver = pregmatch(pattern: "^(SLE(S|D)\d+)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "SUSE");
    os_ver = os_ver[1];
    if (! preg(pattern:"^(SLED15|SLES15)$", string:os_ver)) audit(AUDIT_OS_NOT, "SUSE SLED15 / SLES15", "SUSE " + os_ver);
    
    if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SUSE " + os_ver, cpu);
    
    sp = get_kb_item("Host/SuSE/patchlevel");
    if (isnull(sp)) sp = "0";
    if (os_ver == "SLES15" && (! preg(pattern:"^(1)$", string:sp))) audit(AUDIT_OS_NOT, "SLES15 SP1", os_ver + " SP" + sp);
    if (os_ver == "SLED15" && (! preg(pattern:"^(1)$", string:sp))) audit(AUDIT_OS_NOT, "SLED15 SP1", os_ver + " SP" + sp);
    
    
    flag = 0;
    if (rpm_check(release:"SLES15", sp:"1", reference:"git-credential-gnome-keyring-2.26.1-3.25.2")) flag++;
    if (rpm_check(release:"SLES15", sp:"1", reference:"git-credential-gnome-keyring-debuginfo-2.26.1-3.25.2")) flag++;
    if (rpm_check(release:"SLES15", sp:"1", reference:"git-credential-libsecret-2.26.1-3.25.2")) flag++;
    if (rpm_check(release:"SLES15", sp:"1", reference:"git-credential-libsecret-debuginfo-2.26.1-3.25.2")) flag++;
    if (rpm_check(release:"SLES15", sp:"1", reference:"git-debuginfo-2.26.1-3.25.2")) flag++;
    if (rpm_check(release:"SLES15", sp:"1", reference:"git-debugsource-2.26.1-3.25.2")) flag++;
    if (rpm_check(release:"SLES15", sp:"1", reference:"git-p4-2.26.1-3.25.2")) flag++;
    if (rpm_check(release:"SLES15", sp:"1", reference:"git-2.26.1-3.25.2")) flag++;
    if (rpm_check(release:"SLES15", sp:"1", reference:"git-arch-2.26.1-3.25.2")) flag++;
    if (rpm_check(release:"SLES15", sp:"1", reference:"git-cvs-2.26.1-3.25.2")) flag++;
    if (rpm_check(release:"SLES15", sp:"1", reference:"git-daemon-2.26.1-3.25.2")) flag++;
    if (rpm_check(release:"SLES15", sp:"1", reference:"git-daemon-debuginfo-2.26.1-3.25.2")) flag++;
    if (rpm_check(release:"SLES15", sp:"1", reference:"git-debuginfo-2.26.1-3.25.2")) flag++;
    if (rpm_check(release:"SLES15", sp:"1", reference:"git-debugsource-2.26.1-3.25.2")) flag++;
    if (rpm_check(release:"SLES15", sp:"1", reference:"git-email-2.26.1-3.25.2")) flag++;
    if (rpm_check(release:"SLES15", sp:"1", reference:"git-gui-2.26.1-3.25.2")) flag++;
    if (rpm_check(release:"SLES15", sp:"1", reference:"git-svn-2.26.1-3.25.2")) flag++;
    if (rpm_check(release:"SLES15", sp:"1", reference:"git-svn-debuginfo-2.26.1-3.25.2")) flag++;
    if (rpm_check(release:"SLES15", sp:"1", reference:"git-web-2.26.1-3.25.2")) flag++;
    if (rpm_check(release:"SLES15", sp:"1", reference:"gitk-2.26.1-3.25.2")) flag++;
    if (rpm_check(release:"SLES15", sp:"1", reference:"git-core-2.26.1-3.25.2")) flag++;
    if (rpm_check(release:"SLES15", sp:"1", reference:"git-core-debuginfo-2.26.1-3.25.2")) flag++;
    if (rpm_check(release:"SLES15", sp:"1", reference:"git-debuginfo-2.26.1-3.25.2")) flag++;
    if (rpm_check(release:"SLES15", sp:"1", reference:"git-debugsource-2.26.1-3.25.2")) flag++;
    if (rpm_check(release:"SLED15", sp:"1", reference:"git-credential-gnome-keyring-2.26.1-3.25.2")) flag++;
    if (rpm_check(release:"SLED15", sp:"1", reference:"git-credential-gnome-keyring-debuginfo-2.26.1-3.25.2")) flag++;
    if (rpm_check(release:"SLED15", sp:"1", reference:"git-credential-libsecret-2.26.1-3.25.2")) flag++;
    if (rpm_check(release:"SLED15", sp:"1", reference:"git-credential-libsecret-debuginfo-2.26.1-3.25.2")) flag++;
    if (rpm_check(release:"SLED15", sp:"1", reference:"git-debuginfo-2.26.1-3.25.2")) flag++;
    if (rpm_check(release:"SLED15", sp:"1", reference:"git-debugsource-2.26.1-3.25.2")) flag++;
    if (rpm_check(release:"SLED15", sp:"1", reference:"git-p4-2.26.1-3.25.2")) flag++;
    if (rpm_check(release:"SLED15", sp:"1", reference:"git-2.26.1-3.25.2")) flag++;
    if (rpm_check(release:"SLED15", sp:"1", reference:"git-arch-2.26.1-3.25.2")) flag++;
    if (rpm_check(release:"SLED15", sp:"1", reference:"git-cvs-2.26.1-3.25.2")) flag++;
    if (rpm_check(release:"SLED15", sp:"1", reference:"git-daemon-2.26.1-3.25.2")) flag++;
    if (rpm_check(release:"SLED15", sp:"1", reference:"git-daemon-debuginfo-2.26.1-3.25.2")) flag++;
    if (rpm_check(release:"SLED15", sp:"1", reference:"git-debuginfo-2.26.1-3.25.2")) flag++;
    if (rpm_check(release:"SLED15", sp:"1", reference:"git-debugsource-2.26.1-3.25.2")) flag++;
    if (rpm_check(release:"SLED15", sp:"1", reference:"git-email-2.26.1-3.25.2")) flag++;
    if (rpm_check(release:"SLED15", sp:"1", reference:"git-gui-2.26.1-3.25.2")) flag++;
    if (rpm_check(release:"SLED15", sp:"1", reference:"git-svn-2.26.1-3.25.2")) flag++;
    if (rpm_check(release:"SLED15", sp:"1", reference:"git-svn-debuginfo-2.26.1-3.25.2")) flag++;
    if (rpm_check(release:"SLED15", sp:"1", reference:"git-web-2.26.1-3.25.2")) flag++;
    if (rpm_check(release:"SLED15", sp:"1", reference:"gitk-2.26.1-3.25.2")) flag++;
    if (rpm_check(release:"SLED15", sp:"1", reference:"git-core-2.26.1-3.25.2")) flag++;
    if (rpm_check(release:"SLED15", sp:"1", reference:"git-core-debuginfo-2.26.1-3.25.2")) flag++;
    if (rpm_check(release:"SLED15", sp:"1", reference:"git-debuginfo-2.26.1-3.25.2")) flag++;
    if (rpm_check(release:"SLED15", sp:"1", reference:"git-debugsource-2.26.1-3.25.2")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
      else security_hole(0);
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "git");
    }
    
  • NASL familyGentoo Local Security Checks
    NASL idGENTOO_GLSA-202003-42.NASL
    descriptionThe remote host is affected by the vulnerability described in GLSA-202003-42 (libgit2: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in libgit2. Please review the CVE identifiers referenced below for details. Impact : An attacker could possibly overwrite arbitrary paths, execute arbitrary code, and overwrite files in the .git directory. Workaround : There is no known workaround at this time.
    last seen2020-03-26
    modified2020-03-20
    plugin id134728
    published2020-03-20
    reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/134728
    titleGLSA-202003-42 : libgit2: Multiple vulnerabilities
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from Gentoo Linux Security Advisory GLSA 202003-42.
    #
    # The advisory text is Copyright (C) 2001-2020 Gentoo Foundation, Inc.
    # and licensed under the Creative Commons - Attribution / Share Alike 
    # license. See http://creativecommons.org/licenses/by-sa/3.0/
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(134728);
      script_version("1.2");
      script_set_attribute(attribute:"plugin_modification_date", value:"2020/03/24");
    
      script_cve_id("CVE-2019-1348", "CVE-2019-1350", "CVE-2019-1387");
      script_xref(name:"GLSA", value:"202003-42");
    
      script_name(english:"GLSA-202003-42 : libgit2: Multiple vulnerabilities");
      script_summary(english:"Checks for updated package(s) in /var/db/pkg");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:
    "The remote Gentoo host is missing one or more security-related
    patches."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "The remote host is affected by the vulnerability described in GLSA-202003-42
    (libgit2: Multiple vulnerabilities)
    
        Multiple vulnerabilities have been discovered in libgit2. Please review
          the CVE identifiers referenced below for details.
      
    Impact :
    
        An attacker could possibly overwrite arbitrary paths, execute arbitrary
          code, and overwrite files in the .git directory.
      
    Workaround :
    
        There is no known workaround at this time."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://security.gentoo.org/glsa/202003-42"
      );
      script_set_attribute(
        attribute:"solution", 
        value:
    "All libgit2 users should upgrade to the latest version:
          # emerge --sync
          # emerge --ask --oneshot --verbose '>=dev-libs/libgit2-0.28.4'"
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:libgit2");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:gentoo:linux");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2019/12/18");
      script_set_attribute(attribute:"patch_publication_date", value:"2020/03/19");
      script_set_attribute(attribute:"plugin_publication_date", value:"2020/03/20");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Gentoo Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/Gentoo/release", "Host/Gentoo/qpkg-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("qpkg.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    if (!get_kb_item("Host/Gentoo/release")) audit(AUDIT_OS_NOT, "Gentoo");
    if (!get_kb_item("Host/Gentoo/qpkg-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    
    flag = 0;
    
    if (qpkg_check(package:"dev-libs/libgit2", unaffected:make_list("ge 0.28.4"), vulnerable:make_list("lt 0.28.4"))) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());
      else security_hole(0);
      exit(0);
    }
    else
    {
      tested = qpkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "libgit2");
    }
    
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DSA-4581.NASL
    descriptionSeveral vulnerabilities have been discovered in git, a fast, scalable, distributed revision control system. - CVE-2019-1348 It was reported that the --export-marks option of git fast-import is exposed also via the in-stream command feature export-marks=..., allowing to overwrite arbitrary paths. - CVE-2019-1387 It was discovered that submodule names are not validated strictly enough, allowing very targeted attacks via remote code execution when performing recursive clones. - CVE-2019-19604 Joern Schneeweisz reported a vulnerability, where a recursive clone followed by a submodule update could execute code contained within the repository without the user explicitly having asked for that. It is now disallowed for `.gitmodules` to have entries that set `submodule.<name>.update=!command`. In addition this update addresses a number of security issues which are only an issue if git is operating on an NTFS filesystem (CVE-2019-1349, CVE-2019-1352 and CVE-2019-1353 ).
    last seen2020-06-01
    modified2020-06-02
    plugin id131966
    published2019-12-12
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/131966
    titleDebian DSA-4581-1 : git - security update
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Debian Security Advisory DSA-4581. The text 
    # itself is copyright (C) Software in the Public Interest, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(131966);
      script_version("1.4");
      script_cvs_date("Date: 2019/12/31");
    
      script_cve_id("CVE-2019-1348", "CVE-2019-1349", "CVE-2019-1352", "CVE-2019-1353", "CVE-2019-1387", "CVE-2019-19604");
      script_xref(name:"DSA", value:"4581");
    
      script_name(english:"Debian DSA-4581-1 : git - security update");
      script_summary(english:"Checks dpkg output for the updated package");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Debian host is missing a security-related update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Several vulnerabilities have been discovered in git, a fast, scalable,
    distributed revision control system.
    
      - CVE-2019-1348
        It was reported that the --export-marks option of git
        fast-import is exposed also via the in-stream command
        feature export-marks=..., allowing to overwrite
        arbitrary paths.
    
      - CVE-2019-1387
        It was discovered that submodule names are not validated
        strictly enough, allowing very targeted attacks via
        remote code execution when performing recursive clones.
    
      - CVE-2019-19604
        Joern Schneeweisz reported a vulnerability, where a
        recursive clone followed by a submodule update could
        execute code contained within the repository without the
        user explicitly having asked for that. It is now
        disallowed for `.gitmodules` to have entries that set
        `submodule.<name>.update=!command`.
    
    In addition this update addresses a number of security issues which
    are only an issue if git is operating on an NTFS filesystem
    (CVE-2019-1349, CVE-2019-1352 and CVE-2019-1353 )."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://security-tracker.debian.org/tracker/CVE-2019-1348"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://security-tracker.debian.org/tracker/CVE-2019-1387"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://security-tracker.debian.org/tracker/CVE-2019-19604"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://security-tracker.debian.org/tracker/CVE-2019-1349"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://security-tracker.debian.org/tracker/CVE-2019-1352"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://security-tracker.debian.org/tracker/CVE-2019-1353"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://security-tracker.debian.org/tracker/source-package/git"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://packages.debian.org/source/stretch/git"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://packages.debian.org/source/buster/git"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.debian.org/security/2019/dsa-4581"
      );
      script_set_attribute(
        attribute:"solution", 
        value:
    "Upgrade the git packages.
    
    For the oldstable distribution (stretch), these problems have been
    fixed in version 1:2.11.0-3+deb9u5.
    
    For the stable distribution (buster), these problems have been fixed
    in version 1:2.20.1-2+deb10u1."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
      script_set_attribute(attribute:"cvss_score_source", value:"CVE-2019-19604");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:git");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:10.0");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:9.0");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2019/12/11");
      script_set_attribute(attribute:"patch_publication_date", value:"2019/12/10");
      script_set_attribute(attribute:"plugin_publication_date", value:"2019/12/12");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Debian Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("debian_package.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    if (!get_kb_item("Host/Debian/release")) audit(AUDIT_OS_NOT, "Debian");
    if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    
    flag = 0;
    if (deb_check(release:"10.0", prefix:"git", reference:"1:2.20.1-2+deb10u1")) flag++;
    if (deb_check(release:"10.0", prefix:"git-all", reference:"1:2.20.1-2+deb10u1")) flag++;
    if (deb_check(release:"10.0", prefix:"git-cvs", reference:"1:2.20.1-2+deb10u1")) flag++;
    if (deb_check(release:"10.0", prefix:"git-daemon-run", reference:"1:2.20.1-2+deb10u1")) flag++;
    if (deb_check(release:"10.0", prefix:"git-daemon-sysvinit", reference:"1:2.20.1-2+deb10u1")) flag++;
    if (deb_check(release:"10.0", prefix:"git-doc", reference:"1:2.20.1-2+deb10u1")) flag++;
    if (deb_check(release:"10.0", prefix:"git-el", reference:"1:2.20.1-2+deb10u1")) flag++;
    if (deb_check(release:"10.0", prefix:"git-email", reference:"1:2.20.1-2+deb10u1")) flag++;
    if (deb_check(release:"10.0", prefix:"git-gui", reference:"1:2.20.1-2+deb10u1")) flag++;
    if (deb_check(release:"10.0", prefix:"git-man", reference:"1:2.20.1-2+deb10u1")) flag++;
    if (deb_check(release:"10.0", prefix:"git-mediawiki", reference:"1:2.20.1-2+deb10u1")) flag++;
    if (deb_check(release:"10.0", prefix:"git-svn", reference:"1:2.20.1-2+deb10u1")) flag++;
    if (deb_check(release:"10.0", prefix:"gitk", reference:"1:2.20.1-2+deb10u1")) flag++;
    if (deb_check(release:"10.0", prefix:"gitweb", reference:"1:2.20.1-2+deb10u1")) flag++;
    if (deb_check(release:"9.0", prefix:"git", reference:"1:2.11.0-3+deb9u5")) flag++;
    if (deb_check(release:"9.0", prefix:"git-all", reference:"1:2.11.0-3+deb9u5")) flag++;
    if (deb_check(release:"9.0", prefix:"git-arch", reference:"1:2.11.0-3+deb9u5")) flag++;
    if (deb_check(release:"9.0", prefix:"git-core", reference:"1:2.11.0-3+deb9u5")) flag++;
    if (deb_check(release:"9.0", prefix:"git-cvs", reference:"1:2.11.0-3+deb9u5")) flag++;
    if (deb_check(release:"9.0", prefix:"git-daemon-run", reference:"1:2.11.0-3+deb9u5")) flag++;
    if (deb_check(release:"9.0", prefix:"git-daemon-sysvinit", reference:"1:2.11.0-3+deb9u5")) flag++;
    if (deb_check(release:"9.0", prefix:"git-doc", reference:"1:2.11.0-3+deb9u5")) flag++;
    if (deb_check(release:"9.0", prefix:"git-el", reference:"1:2.11.0-3+deb9u5")) flag++;
    if (deb_check(release:"9.0", prefix:"git-email", reference:"1:2.11.0-3+deb9u5")) flag++;
    if (deb_check(release:"9.0", prefix:"git-gui", reference:"1:2.11.0-3+deb9u5")) flag++;
    if (deb_check(release:"9.0", prefix:"git-man", reference:"1:2.11.0-3+deb9u5")) flag++;
    if (deb_check(release:"9.0", prefix:"git-mediawiki", reference:"1:2.11.0-3+deb9u5")) flag++;
    if (deb_check(release:"9.0", prefix:"git-svn", reference:"1:2.11.0-3+deb9u5")) flag++;
    if (deb_check(release:"9.0", prefix:"gitk", reference:"1:2.11.0-3+deb9u5")) flag++;
    if (deb_check(release:"9.0", prefix:"gitweb", reference:"1:2.11.0-3+deb9u5")) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());
      else security_hole(0);
      exit(0);
    }
    else audit(AUDIT_HOST_NOT, "affected");
    
  • NASL familyHuawei Local Security Checks
    NASL idEULEROS_SA-2020-1386.NASL
    descriptionAccording to the version of the git packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - An issue was found in Git before v2.24.1, v2.23.1, v2.22.2, v2.21.1, v2.20.2, v2.19.3, v2.18.2, v2.17.3, v2.16.6, v2.15.4, and v2.14.6. Recursive clones are currently affected by a vulnerability that is caused by too-lax validation of submodule names, allowing very targeted attacks via remote code execution in recursive clones.(CVE-2019-1387) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-05-06
    modified2020-04-15
    plugin id135515
    published2020-04-15
    reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/135515
    titleEulerOS 2.0 SP3 : git (EulerOS-SA-2020-1386)
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2020-598.NASL
    descriptionThis update for git fixes the following issues : Security issues fixed : - CVE-2020-11008: Specially crafted URLs may have tricked the credentials helper to providing credential information that is not appropriate for the protocol in use and host being contacted (bsc#1169936) git was updated to 2.26.1 (bsc#1169786, jsc#ECO-1628, bsc#1149792) - Fix git-daemon not starting after conversion from sysvinit to systemd service (bsc#1169605). - CVE-2020-5260: Specially crafted URLs with newline characters could have been used to make the Git client to send credential information for a wrong host to the attacker
    last seen2020-05-08
    modified2020-05-04
    plugin id136311
    published2020-05-04
    reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/136311
    titleopenSUSE Security Update : git (openSUSE-2020-598)
  • NASL familyScientific Linux Local Security Checks
    NASL idSL_20200116_GIT_ON_SL7_X.NASL
    descriptionSecurity Fix(es) : - git: Remote code execution in recursive clones with nested submodules (CVE-2019-1387)
    last seen2020-05-15
    modified2020-01-17
    plugin id133029
    published2020-01-17
    reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/133029
    titleScientific Linux Security Update : git on SL7.x x86_64 (20200116)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2020-0228.NASL
    descriptionAn update for git is now available for Red Hat Enterprise Linux 8.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Git is a distributed revision control system with a decentralized architecture. As opposed to centralized version control systems with a client-server model, Git ensures that each working copy of a Git repository is an exact copy with complete revision history. This not only allows the user to work on and contribute to projects without the need to have permission to push the changes to their official repositories, but also makes it possible for the user to work with no network connection. The following packages have been upgraded to a later upstream version: git (2.18.2). (BZ#1784057) Security Fix(es) : * git: Remote code execution in recursive clones with nested submodules (CVE-2019-1387) * git: Arbitrary path overwriting via export-marks in-stream command feature (CVE-2019-1348) * git: Recursive submodule cloning allows using git directory twice with synonymous directory name written in .git/ (CVE-2019-1349) * git: Files inside the .git directory may be overwritten during cloning via NTFS Alternate Data Streams (CVE-2019-1352) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
    last seen2020-06-01
    modified2020-06-02
    plugin id133281
    published2020-01-28
    reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/133281
    titleRHEL 8 : git (RHSA-2020:0228)
  • NASL familyHuawei Local Security Checks
    NASL idEULEROS_SA-2020-1537.NASL
    descriptionAccording to the versions of the git packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - Arbitrary command execution is possible in Git before 2.20.2, 2.21.x before 2.21.1, 2.22.x before 2.22.2, 2.23.x before 2.23.1, and 2.24.x before 2.24.1 because a
    last seen2020-05-08
    modified2020-05-01
    plugin id136240
    published2020-05-01
    reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/136240
    titleEulerOS Virtualization for ARM 64 3.0.2.0 : git (EulerOS-SA-2020-1537)
  • NASL familyUbuntu Local Security Checks
    NASL idUBUNTU_USN-4220-1.NASL
    descriptionJoern Schneeweisz and Nicolas Joly discovered that Git contained various security flaws. An attacker could possibly use these issues to overwrite arbitrary paths, execute arbitrary code, and overwrite files in the .git directory. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id132015
    published2019-12-12
    reporterUbuntu Security Notice (C) 2019 Canonical, Inc. / NASL script (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/132015
    titleUbuntu 16.04 LTS / 18.04 LTS / 19.04 / 19.10 : git vulnerabilities (USN-4220-1)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2020-0124.NASL
    descriptionAn update for git is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Git is a distributed revision control system with a decentralized architecture. As opposed to centralized version control systems with a client-server model, Git ensures that each working copy of a Git repository is an exact copy with complete revision history. This not only allows the user to work on and contribute to projects without the need to have permission to push the changes to their official repositories, but also makes it possible for the user to work with no network connection. Security Fix(es) : * git: Remote code execution in recursive clones with nested submodules (CVE-2019-1387) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
    last seen2020-06-01
    modified2020-06-02
    plugin id133025
    published2020-01-17
    reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/133025
    titleRHEL 7 : git (RHSA-2020:0124)
  • NASL familyAmazon Linux Local Security Checks
    NASL idALA_ALAS-2019-1325.NASL
    descriptionThe --export-marks option of git fast-import is exposed also via the in-stream command feature export-marks=... and it allows overwriting arbitrary paths.(CVE-2019-1348) When submodules are cloned recursively, under certain circumstances Git could be fooled into using the same Git directory twice. We now require the directory to be empty.(CVE-2019-1349) Incorrect quoting of command-line arguments allowed remote code execution during a recursive clone in conjunction with SSH URLs. (CVE-2019-1350) While the only permitted drive letters for physical drives on Windows are letters of the US-English alphabet, this restriction does not apply to virtual drives . Git mistook such paths for relative paths, allowing writing outside of the worktree while cloning. (CVE-2019-13510) Git was unaware of NTFS Alternate Data Streams, allowing files inside the .git/ directory to be overwritten during a clone.(CVE-2019-1352) When running Git in the Windows Subsystem for Linux (also known as
    last seen2020-06-01
    modified2020-06-02
    plugin id132026
    published2019-12-13
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/132026
    titleAmazon Linux AMI : git (ALAS-2019-1325)
  • NASL familyOracle Linux Local Security Checks
    NASL idORACLELINUX_ELSA-2019-4356.NASL
    descriptionFrom Red Hat Security Advisory 2019:4356 : An update for git is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Git is a distributed revision control system with a decentralized architecture. As opposed to centralized version control systems with a client-server model, Git ensures that each working copy of a Git repository is an exact copy with complete revision history. This not only allows the user to work on and contribute to projects without the need to have permission to push the changes to their official repositories, but also makes it possible for the user to work with no network connection. The following packages have been upgraded to a later upstream version: git (2.18.2). (BZ#1784058) Security Fix(es) : * git: Remote code execution in recursive clones with nested submodules (CVE-2019-1387) * git: Arbitrary path overwriting via export-marks in-stream command feature (CVE-2019-1348) * git: Recursive submodule cloning allows using git directory twice with synonymous directory name written in .git/ (CVE-2019-1349) * git: Files inside the .git directory may be overwritten during cloning via NTFS Alternate Data Streams (CVE-2019-1352) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
    last seen2020-06-01
    modified2020-06-02
    plugin id132381
    published2019-12-23
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/132381
    titleOracle Linux 8 : git (ELSA-2019-4356)
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DLA-2059.NASL
    descriptionSeveral vulnerabilities have been discovered in git, a fast, scalable, distributed revision control system. CVE-2019-1348 It was reported that the --export-marks option of git fast-import is exposed also via the in-stream command feature export-marks=..., allowing to overwrite arbitrary paths. CVE-2019-1387 It was discovered that submodule names are not validated strictly enough, allowing very targeted attacks via remote code execution when performing recursive clones. In addition this update addresses a number of security issues which are only an issue if git is operating on an NTFS filesystem (CVE-2019-1349, CVE-2019-1352 and CVE-2019-1353). For Debian 8
    last seen2020-06-01
    modified2020-06-02
    plugin id133218
    published2020-01-24
    reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/133218
    titleDebian DLA-2059-1 : git security update
  • NASL familyOracle Linux Local Security Checks
    NASL idORACLELINUX_ELSA-2020-0124.NASL
    descriptionFrom Red Hat Security Advisory 2020:0124 : An update for git is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Git is a distributed revision control system with a decentralized architecture. As opposed to centralized version control systems with a client-server model, Git ensures that each working copy of a Git repository is an exact copy with complete revision history. This not only allows the user to work on and contribute to projects without the need to have permission to push the changes to their official repositories, but also makes it possible for the user to work with no network connection. Security Fix(es) : * git: Remote code execution in recursive clones with nested submodules (CVE-2019-1387) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
    last seen2020-06-01
    modified2020-06-02
    plugin id133021
    published2020-01-17
    reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/133021
    titleOracle Linux 7 : git (ELSA-2020-0124)
  • NASL familyAmazon Linux Local Security Checks
    NASL idAL2_ALAS-2019-1371.NASL
    descriptionGit mistakes some paths for relative paths allowing writing outside of the worktree while cloning (CVE-2019-1351) NTFS protections inactive when running Git in the Windows Subsystem for Linux (CVE-2019-1353) remote code execution in recursive clones with nested submodules (CVE-2019-1387) Arbitrary path overwriting via export-marks command option (CVE-2019-1348) Files inside the .git directory may be overwritten during cloning via NTFS Alternate Data Streams (CVE-2019-1352) recursive submodule cloning allows using git directory twice with synonymous directory name written in .git/ (CVE-2019-1349) Incorrect quoting of command-line arguments allowed remote code execution during a recursive clone (CVE-2019-1350) Git does not refuse to write out tracked files with backlashes in filenames (CVE-2019-1354) Recursive clone followed by a submodule update could execute code contained within repository without the user explicitly consent Arbitrary command execution is possible in Git before 2.20.2, 2.21.x before 2.21.1, 2.22.x before 2.22.2, 2.23.x before 2.23.1, and 2.24.x before 2.24.1 because a
    last seen2020-03-26
    modified2019-12-19
    plugin id132259
    published2019-12-19
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/132259
    titleAmazon Linux 2 : git (ALAS-2019-1371)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2019-9C3D054F39.NASL
    descriptionThis is a security release fixing the following issues : - CVE-2019-1348: the fast-import stream command
    last seen2020-06-01
    modified2020-06-02
    plugin id132084
    published2019-12-17
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/132084
    titleFedora 31 : libgit2 (2019-9c3d054f39)
  • NASL familyHuawei Local Security Checks
    NASL idEULEROS_SA-2020-1361.NASL
    descriptionAccording to the versions of the git packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - Arbitrary command execution is possible in Git before 2.20.2, 2.21.x before 2.21.1, 2.22.x before 2.22.2, 2.23.x before 2.23.1, and 2.24.x before 2.24.1 because a
    last seen2020-04-07
    modified2020-04-02
    plugin id135148
    published2020-04-02
    reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/135148
    titleEulerOS Virtualization for ARM 64 3.0.6.0 : git (EulerOS-SA-2020-1361)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2020-0045-1.NASL
    descriptionThis update for git fixes the following issues : Security issues fixed : CVE-2019-1349: Fixed issue on Windows, when submodules are cloned recursively, under certain circumstances Git could be fooled into using the same Git directory twice (bsc#1158787). CVE-2019-19604: Fixed a recursive clone followed by a submodule update could execute code contained within the repository without the user explicitly having asked for that (bsc#1158795). CVE-2019-1387: Fixed recursive clones that are currently affected by a vulnerability that is caused by too-lax validation of submodule names, allowing very targeted attacks via remote code execution in recursive clones (bsc#1158793). CVE-2019-1354: Fixed issue on Windows that refuses to write tracked files with filenames that contain backslashes (bsc#1158792). CVE-2019-1353: Fixed issue when run in the Windows Subsystem for Linux while accessing a working directory on a regular Windows drive, none of the NTFS protections were active (bsc#1158791). CVE-2019-1352: Fixed issue on Windows was unaware of NTFS Alternate Data Streams (bsc#1158790). CVE-2019-1351: Fixed issue on Windows mistakes drive letters outside of the US-English alphabet as relative paths (bsc#1158789). CVE-2019-1350: Fixed incorrect quoting of command-line arguments allowed remote code execution during a recursive clone in conjunction with SSH URLs (bsc#1158788). CVE-2019-1348: Fixed the --export-marks option of fast-import is exposed also via the in-stream command feature export-marks=... and it allows overwriting arbitrary paths (bsc#1158785). Fixes an issue where git send-email failed to authenticate with SMTP server (bsc#1082023) Bug fixes: Add zlib dependency, which used to be provided by openssl-devel, so that package can compile successfully after openssl upgrade to 1.1.1. (bsc#1149792). Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id132745
    published2020-01-09
    reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/132745
    titleSUSE SLED15 / SLES15 Security Update : git (SUSE-SU-2020:0045-1)
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2020-123.NASL
    descriptionThis update for git fixes the following issues : Security issues fixed : - CVE-2019-1349: Fixed issue on Windows, when submodules are cloned recursively, under certain circumstances Git could be fooled into using the same Git directory twice (bsc#1158787). - CVE-2019-19604: Fixed a recursive clone followed by a submodule update could execute code contained within the repository without the user explicitly having asked for that (bsc#1158795). - CVE-2019-1387: Fixed recursive clones that are currently affected by a vulnerability that is caused by too-lax validation of submodule names, allowing very targeted attacks via remote code execution in recursive clones (bsc#1158793). - CVE-2019-1354: Fixed issue on Windows that refuses to write tracked files with filenames that contain backslashes (bsc#1158792). - CVE-2019-1353: Fixed issue when run in the Windows Subsystem for Linux while accessing a working directory on a regular Windows drive, none of the NTFS protections were active (bsc#1158791). - CVE-2019-1352: Fixed issue on Windows was unaware of NTFS Alternate Data Streams (bsc#1158790). - CVE-2019-1351: Fixed issue on Windows mistakes drive letters outside of the US-English alphabet as relative paths (bsc#1158789). - CVE-2019-1350: Fixed incorrect quoting of command-line arguments allowed remote code execution during a recursive clone in conjunction with SSH URLs (bsc#1158788). - CVE-2019-1348: Fixed the --export-marks option of fast-import is exposed also via the in-stream command feature export-marks=... and it allows overwriting arbitrary paths (bsc#1158785). - Fixes an issue where git send-email failed to authenticate with SMTP server (bsc#1082023) Bug fixes : - Add zlib dependency, which used to be provided by openssl-devel, so that package can compile successfully after openssl upgrade to 1.1.1. (bsc#1149792). This update was imported from the SUSE:SLE-15:Update update project.
    last seen2020-06-01
    modified2020-06-02
    plugin id133344
    published2020-01-30
    reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/133344
    titleopenSUSE Security Update : git (openSUSE-2020-123)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2019-C841BCC3B9.NASL
    descriptionPer the upstream release announcement&sup1;, this release fixes
    last seen2020-06-01
    modified2020-06-02
    plugin id132119
    published2019-12-18
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/132119
    titleFedora 31 : git (2019-c841bcc3b9)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2019-4356.NASL
    descriptionAn update for git is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Git is a distributed revision control system with a decentralized architecture. As opposed to centralized version control systems with a client-server model, Git ensures that each working copy of a Git repository is an exact copy with complete revision history. This not only allows the user to work on and contribute to projects without the need to have permission to push the changes to their official repositories, but also makes it possible for the user to work with no network connection. The following packages have been upgraded to a later upstream version: git (2.18.2). (BZ#1784058) Security Fix(es) : * git: Remote code execution in recursive clones with nested submodules (CVE-2019-1387) * git: Arbitrary path overwriting via export-marks in-stream command feature (CVE-2019-1348) * git: Recursive submodule cloning allows using git directory twice with synonymous directory name written in .git/ (CVE-2019-1349) * git: Files inside the .git directory may be overwritten during cloning via NTFS Alternate Data Streams (CVE-2019-1352) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
    last seen2020-06-01
    modified2020-06-02
    plugin id132331
    published2019-12-20
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/132331
    titleRHEL 8 : git (RHSA-2019:4356)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2019-3311-1.NASL
    descriptionThis update for git fixes the following issues : Security issues fixed : CVE-2019-1349: Fixed issue on Windows, when submodules are cloned recursively, under certain circumstances Git could be fooled into using the same Git directory twice (bsc#1158787). CVE-2019-19604: Fixed a recursive clone followed by a submodule update could execute code contained within the repository without the user explicitly having asked for that (bsc#1158795). CVE-2019-1387: Fixed recursive clones that are currently affected by a vulnerability that is caused by too-lax validation of submodule names, allowing very targeted attacks via remote code execution in recursive clones (bsc#1158793). CVE-2019-1354: Fixed issue on Windows that refuses to write tracked files with filenames that contain backslashes (bsc#1158792). CVE-2019-1353: Fixed issue when run in the Windows Subsystem for Linux while accessing a working directory on a regular Windows drive, none of the NTFS protections were active (bsc#1158791). CVE-2019-1352: Fixed issue on Windows was unaware of NTFS Alternate Data Streams (bsc#1158790). CVE-2019-1351: Fixed issue on Windows mistakes drive letters outside of the US-English alphabet as relative paths (bsc#1158789). CVE-2019-1350: Fixed incorrect quoting of command-line arguments allowed remote code execution during a recursive clone in conjunction with SSH URLs (bsc#1158788). CVE-2019-1348: Fixed the --export-marks option of fast-import is exposed also via the in-stream command feature export-marks=... and it allows overwriting arbitrary paths (bsc#1158785). Fixed an issue where git send-email fails to authenticate with SMTP server (bsc#1082023) Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id132093
    published2019-12-17
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/132093
    titleSUSE SLES12 Security Update : git (SUSE-SU-2019:3311-1)
  • NASL familyHuawei Local Security Checks
    NASL idEULEROS_SA-2020-1151.NASL
    descriptionAccording to the versions of the git packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An issue was found in Git before v2.24.1, v2.23.1, v2.22.2, v2.21.1, v2.20.2, v2.19.3, v2.18.2, v2.17.3, v2.16.6, v2.15.4, and v2.14.6. The --export-marks option of git fast-import is exposed also via the in-stream command feature export-marks=... and it allows overwriting arbitrary paths.(CVE-2019-1348) - A remote code execution vulnerability exists when Git for Visual Studio improperly sanitizes input, aka
    last seen2020-05-03
    modified2020-02-25
    plugin id133985
    published2020-02-25
    reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/133985
    titleEulerOS 2.0 SP8 : git (EulerOS-SA-2020-1151)
  • NASL familyWindows : Microsoft Bulletins
    NASL idSMB_NT_MS19_DEC_VISUAL_STUDIO.NASL
    descriptionThe Microsoft Visual Studio Products are missing security updates. It is, therefore, affected by multiple vulnerabilities : - A tampering vulnerability exists when Git for Visual Studio improperly handles virtual drive paths. An attacker who successfully exploited this vulnerability could write arbitrary files and directories to certain locations on a vulnerable system. However, an attacker would have limited control over the destination of the files and directories. (CVE-2019-1351) - A remote code execution vulnerability exists when Git for Visual Studio improperly sanitizes input. An attacker who successfully exploited this vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. (CVE-2019-1349, CVE-2019-1350, CVE-2019-1352, CVE-2019-1354, CVE-2019-1387) - A spoofing vulnerability exists in Visual Studio Live Share when a guest connected to a Live Share session is redirected to an arbitrary URL specified by the session host. An attacker who successfully exploited this vulnerability could cause a connected guest
    last seen2020-03-18
    modified2019-12-10
    plugin id131939
    published2019-12-10
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/131939
    titleSecurity Updates for Microsoft Visual Studio Products (December 2019)
  • NASL familyHuawei Local Security Checks
    NASL idEULEROS_SA-2020-1101.NASL
    descriptionAccording to the versions of the git packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A remote code execution vulnerability exists when Git for Visual Studio improperly sanitizes input, aka
    last seen2020-05-06
    modified2020-02-24
    plugin id133902
    published2020-02-24
    reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/133902
    titleEulerOS 2.0 SP5 : git (EulerOS-SA-2020-1101)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2020-0992-1.NASL
    descriptionThis update for git fixes the following issues : Security issue fixed : CVE-2020-5260: With a crafted URL that contains a newline in it, the credential helper machinery can be fooled to give credential information for a wrong host (bsc#1168930). Non-security issue fixed : git was updated to 2.26.0 for SHA256 support (bsc#1167890, jsc#SLE-11608): the xinetd snippet was removed the System V init script for the git-daemon was replaced by a systemd service file of the same name. git 2.26.0:
    last seen2020-04-30
    modified2020-04-15
    plugin id135580
    published2020-04-15
    reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/135580
    titleSUSE SLES12 Security Update : git (SUSE-SU-2020:0992-1)

Redhat

advisories
  • bugzilla
    id1781963
    titleCVE-2019-1352 git: Files inside the .git directory may be overwritten during cloning via NTFS Alternate Data Streams
    oval
    OR
    • commentRed Hat Enterprise Linux must be installed
      ovaloval:com.redhat.rhba:tst:20070304026
    • AND
      • commentRed Hat Enterprise Linux 8 is installed
        ovaloval:com.redhat.rhba:tst:20193384074
      • OR
        • AND
          • commentperl-Git-SVN is earlier than 0:2.18.2-1.el8_1
            ovaloval:com.redhat.rhsa:tst:20194356001
          • commentperl-Git-SVN is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20152561012
        • AND
          • commentperl-Git is earlier than 0:2.18.2-1.el8_1
            ovaloval:com.redhat.rhsa:tst:20194356003
          • commentperl-Git is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20101003012
        • AND
          • commentgitweb is earlier than 0:2.18.2-1.el8_1
            ovaloval:com.redhat.rhsa:tst:20194356005
          • commentgitweb is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20101003014
        • AND
          • commentgitk is earlier than 0:2.18.2-1.el8_1
            ovaloval:com.redhat.rhsa:tst:20194356007
          • commentgitk is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20101003020
        • AND
          • commentgit-gui is earlier than 0:2.18.2-1.el8_1
            ovaloval:com.redhat.rhsa:tst:20194356009
          • commentgit-gui is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20101003006
        • AND
          • commentgit-email is earlier than 0:2.18.2-1.el8_1
            ovaloval:com.redhat.rhsa:tst:20194356011
          • commentgit-email is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20101003024
        • AND
          • commentgit-core-doc is earlier than 0:2.18.2-1.el8_1
            ovaloval:com.redhat.rhsa:tst:20194356013
          • commentgit-core-doc is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20194356014
        • AND
          • commentgit-all is earlier than 0:2.18.2-1.el8_1
            ovaloval:com.redhat.rhsa:tst:20194356015
          • commentgit-all is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20101003010
        • AND
          • commentgit-debugsource is earlier than 0:2.18.2-1.el8_1
            ovaloval:com.redhat.rhsa:tst:20194356017
          • commentgit-debugsource is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20194356018
        • AND
          • commentgit-svn is earlier than 0:2.18.2-1.el8_1
            ovaloval:com.redhat.rhsa:tst:20194356019
          • commentgit-svn is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20101003018
        • AND
          • commentgit-subtree is earlier than 0:2.18.2-1.el8_1
            ovaloval:com.redhat.rhsa:tst:20194356021
          • commentgit-subtree is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20194356022
        • AND
          • commentgit-instaweb is earlier than 0:2.18.2-1.el8_1
            ovaloval:com.redhat.rhsa:tst:20194356023
          • commentgit-instaweb is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20183408014
        • AND
          • commentgit-daemon is earlier than 0:2.18.2-1.el8_1
            ovaloval:com.redhat.rhsa:tst:20194356025
          • commentgit-daemon is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20101003004
        • AND
          • commentgit-core is earlier than 0:2.18.2-1.el8_1
            ovaloval:com.redhat.rhsa:tst:20194356027
          • commentgit-core is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20194356028
        • AND
          • commentgit is earlier than 0:2.18.2-1.el8_1
            ovaloval:com.redhat.rhsa:tst:20194356029
          • commentgit is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20101003002
    rhsa
    idRHSA-2019:4356
    released2019-12-19
    severityImportant
    titleRHSA-2019:4356: git security update (Important)
  • bugzilla
    id1781127
    titleCVE-2019-1387 git: Remote code execution in recursive clones with nested submodules
    oval
    OR
    • commentRed Hat Enterprise Linux must be installed
      ovaloval:com.redhat.rhba:tst:20070304026
    • AND
      • commentRed Hat Enterprise Linux 7 is installed
        ovaloval:com.redhat.rhba:tst:20150364027
      • OR
        • AND
          • commentgit-svn is earlier than 0:1.8.3.1-21.el7_7
            ovaloval:com.redhat.rhsa:tst:20200124001
          • commentgit-svn is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20101003018
        • AND
          • commentgit-gnome-keyring is earlier than 0:1.8.3.1-21.el7_7
            ovaloval:com.redhat.rhsa:tst:20200124003
          • commentgit-gnome-keyring is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20183408002
        • AND
          • commentgit-daemon is earlier than 0:1.8.3.1-21.el7_7
            ovaloval:com.redhat.rhsa:tst:20200124005
          • commentgit-daemon is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20101003004
        • AND
          • commentperl-Git-SVN is earlier than 0:1.8.3.1-21.el7_7
            ovaloval:com.redhat.rhsa:tst:20200124007
          • commentperl-Git-SVN is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20152561012
        • AND
          • commentgitweb is earlier than 0:1.8.3.1-21.el7_7
            ovaloval:com.redhat.rhsa:tst:20200124009
          • commentgitweb is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20101003014
        • AND
          • commentgitk is earlier than 0:1.8.3.1-21.el7_7
            ovaloval:com.redhat.rhsa:tst:20200124011
          • commentgitk is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20101003020
        • AND
          • commentgit-p4 is earlier than 0:1.8.3.1-21.el7_7
            ovaloval:com.redhat.rhsa:tst:20200124013
          • commentgit-p4 is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20152561014
        • AND
          • commentgit-instaweb is earlier than 0:1.8.3.1-21.el7_7
            ovaloval:com.redhat.rhsa:tst:20200124015
          • commentgit-instaweb is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20183408014
        • AND
          • commentgit-hg is earlier than 0:1.8.3.1-21.el7_7
            ovaloval:com.redhat.rhsa:tst:20200124017
          • commentgit-hg is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20152561022
        • AND
          • commentgit-gui is earlier than 0:1.8.3.1-21.el7_7
            ovaloval:com.redhat.rhsa:tst:20200124019
          • commentgit-gui is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20101003006
        • AND
          • commentgit-email is earlier than 0:1.8.3.1-21.el7_7
            ovaloval:com.redhat.rhsa:tst:20200124021
          • commentgit-email is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20101003024
        • AND
          • commentgit-cvs is earlier than 0:1.8.3.1-21.el7_7
            ovaloval:com.redhat.rhsa:tst:20200124023
          • commentgit-cvs is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20101003016
        • AND
          • commentgit-bzr is earlier than 0:1.8.3.1-21.el7_7
            ovaloval:com.redhat.rhsa:tst:20200124025
          • commentgit-bzr is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20152561008
        • AND
          • commentgit-all is earlier than 0:1.8.3.1-21.el7_7
            ovaloval:com.redhat.rhsa:tst:20200124027
          • commentgit-all is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20101003010
        • AND
          • commentemacs-git-el is earlier than 0:1.8.3.1-21.el7_7
            ovaloval:com.redhat.rhsa:tst:20200124029
          • commentemacs-git-el is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20101003008
        • AND
          • commentemacs-git is earlier than 0:1.8.3.1-21.el7_7
            ovaloval:com.redhat.rhsa:tst:20200124031
          • commentemacs-git is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20101003022
        • AND
          • commentperl-Git is earlier than 0:1.8.3.1-21.el7_7
            ovaloval:com.redhat.rhsa:tst:20200124033
          • commentperl-Git is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20101003012
        • AND
          • commentgit is earlier than 0:1.8.3.1-21.el7_7
            ovaloval:com.redhat.rhsa:tst:20200124035
          • commentgit is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20101003002
    rhsa
    idRHSA-2020:0124
    released2020-01-16
    severityImportant
    titleRHSA-2020:0124: git security update (Important)
  • rhsa
    idRHSA-2020:0002
  • rhsa
    idRHSA-2020:0228
rpms
  • git-0:2.18.2-1.el8_1
  • git-all-0:2.18.2-1.el8_1
  • git-core-0:2.18.2-1.el8_1
  • git-core-debuginfo-0:2.18.2-1.el8_1
  • git-core-doc-0:2.18.2-1.el8_1
  • git-daemon-0:2.18.2-1.el8_1
  • git-daemon-debuginfo-0:2.18.2-1.el8_1
  • git-debuginfo-0:2.18.2-1.el8_1
  • git-debugsource-0:2.18.2-1.el8_1
  • git-email-0:2.18.2-1.el8_1
  • git-gui-0:2.18.2-1.el8_1
  • git-instaweb-0:2.18.2-1.el8_1
  • git-subtree-0:2.18.2-1.el8_1
  • git-svn-0:2.18.2-1.el8_1
  • git-svn-debuginfo-0:2.18.2-1.el8_1
  • gitk-0:2.18.2-1.el8_1
  • gitweb-0:2.18.2-1.el8_1
  • perl-Git-0:2.18.2-1.el8_1
  • perl-Git-SVN-0:2.18.2-1.el8_1
  • rh-git218-git-0:2.18.2-1.el7
  • rh-git218-git-all-0:2.18.2-1.el7
  • rh-git218-git-core-0:2.18.2-1.el7
  • rh-git218-git-core-doc-0:2.18.2-1.el7
  • rh-git218-git-cvs-0:2.18.2-1.el7
  • rh-git218-git-daemon-0:2.18.2-1.el7
  • rh-git218-git-debuginfo-0:2.18.2-1.el7
  • rh-git218-git-email-0:2.18.2-1.el7
  • rh-git218-git-gui-0:2.18.2-1.el7
  • rh-git218-git-instaweb-0:2.18.2-1.el7
  • rh-git218-git-p4-0:2.18.2-1.el7
  • rh-git218-git-subtree-0:2.18.2-1.el7
  • rh-git218-git-svn-0:2.18.2-1.el7
  • rh-git218-gitk-0:2.18.2-1.el7
  • rh-git218-gitweb-0:2.18.2-1.el7
  • rh-git218-perl-Git-0:2.18.2-1.el7
  • rh-git218-perl-Git-SVN-0:2.18.2-1.el7
  • emacs-git-0:1.8.3.1-21.el7_7
  • emacs-git-el-0:1.8.3.1-21.el7_7
  • git-0:1.8.3.1-21.el7_7
  • git-all-0:1.8.3.1-21.el7_7
  • git-bzr-0:1.8.3.1-21.el7_7
  • git-cvs-0:1.8.3.1-21.el7_7
  • git-daemon-0:1.8.3.1-21.el7_7
  • git-debuginfo-0:1.8.3.1-21.el7_7
  • git-email-0:1.8.3.1-21.el7_7
  • git-gnome-keyring-0:1.8.3.1-21.el7_7
  • git-gui-0:1.8.3.1-21.el7_7
  • git-hg-0:1.8.3.1-21.el7_7
  • git-instaweb-0:1.8.3.1-21.el7_7
  • git-p4-0:1.8.3.1-21.el7_7
  • git-svn-0:1.8.3.1-21.el7_7
  • gitk-0:1.8.3.1-21.el7_7
  • gitweb-0:1.8.3.1-21.el7_7
  • perl-Git-0:1.8.3.1-21.el7_7
  • perl-Git-SVN-0:1.8.3.1-21.el7_7
  • git-0:2.18.2-1.el8_0
  • git-all-0:2.18.2-1.el8_0
  • git-core-0:2.18.2-1.el8_0
  • git-core-debuginfo-0:2.18.2-1.el8_0
  • git-core-doc-0:2.18.2-1.el8_0
  • git-daemon-0:2.18.2-1.el8_0
  • git-daemon-debuginfo-0:2.18.2-1.el8_0
  • git-debuginfo-0:2.18.2-1.el8_0
  • git-debugsource-0:2.18.2-1.el8_0
  • git-email-0:2.18.2-1.el8_0
  • git-gui-0:2.18.2-1.el8_0
  • git-instaweb-0:2.18.2-1.el8_0
  • git-subtree-0:2.18.2-1.el8_0
  • git-svn-0:2.18.2-1.el8_0
  • git-svn-debuginfo-0:2.18.2-1.el8_0
  • gitk-0:2.18.2-1.el8_0
  • gitweb-0:2.18.2-1.el8_0
  • perl-Git-0:2.18.2-1.el8_0
  • perl-Git-SVN-0:2.18.2-1.el8_0

References