-
Committer:
Package Import Robot
-
Author(s):
Fabian Greffrath
-
Date:
2014-11-27 16:52:51 UTC
-
mfrom:
(16.1.1 sid)
-
Revision ID:
package-import@ubuntu.com-20141127165251-cx3ma2tzpqicz255
Tags: 1.3.0-3
* Fixes for CVE-2014-8962 and CVE-2014-9028:
+ Backport three patches from upstream GIT repository:
- CVE-2014-8962.patch: Fix a buffer read overflow.
- CVE-2014-9028.patch: Avoid a heap overflow.
- CVE-2014-9028-2.patch: Avoid a heap overflow. Closely related to
the former fix, but strictly speaking not the same vulnerability.
+ Closes: #770918.
+ Thanks Erik de Castro Lopo for the bug report and the upstream fixes!