Wind River Support Network

HomeDefectsLIN8-2824
Fixed

LIN8-2824 : Security Advisory - git - CVE-2015-7545

Created: Feb 22, 2016    Updated: Dec 3, 2018
Resolved Date: Feb 29, 2016
Found In Version: 8.0
Fix Version: 8.0.0.3
Severity: Standard
Applicable for: Wind River Linux 8
Component/s: Userspace

Description

The following issue was fixed in Git version 2.6.1:

* Some protocols (like git-remote-ext) can execute arbitrary code found in the URL. The URLs that submodules use may come from arbitrary sources (e.g., .gitmodules files in a remote repository), and can hurt those who blindly enable recursive fetch. Restrict the allowed protocols to well known and safe ones.

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7545

Other Downloads


CVEs


Live chat
Online