1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
|
Candidate: CVE-2010-2542
PublicDate: 2010-08-11
References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2542
Description:
Stack-based buffer overflow in the is_git_directory function in setup.c in
Git before 1.7.2.1 allows local users to gain privileges via a long gitdir:
field in a .git file in a working copy.
Ubuntu-Description:
Notes:
kees> git from hardy and earlier is not what was "git-core".
kees> This is a non-issue due to stack-protector.
Bugs:
Priority: medium
Discovered-by:
Assigned-to:
Patches_git-core:
upstream_git-core: not-affected
dapper_git-core: not-affected
hardy_git-core: not-affected
jaunty_git-core: ignored (DoS only)
karmic_git-core: ignored (DoS only)
lucid_git-core: ignored (DoS only)
devel_git-core: DNE
Tags_git: stack-protector
Patches_git:
upstream_git: released (1.7.2)
dapper_git: not-affected (not the same software)
hardy_git: not-affected (not the same software)
jaunty_git: DNE
karmic_git: DNE
lucid_git: DNE
devel_git: ignored (DoS only)
|