Security Advisories (4)
Buffer overflow in the git_pkt_parse_line function in transports/smart_pkt.c in the Git Smart Protocol support in libgit2 before 0.24.6 and 0.25.x before 0.25.1 allows remote attackers to have unspecified impact via a crafted non-flush packet.
- https://libgit2.github.com/security/
- https://github.com/libgit2/libgit2/commit/66e3774d279672ee51c3b54545a79d20d1ada834
- https://github.com/libgit2/libgit2/commit/4ac39c76c0153d1ee6889a0984c39e97731684b2
- http://www.openwall.com/lists/oss-security/2017/01/11/6
- http://www.openwall.com/lists/oss-security/2017/01/10/5
- http://lists.opensuse.org/opensuse-updates/2017-02/msg00072.html
- http://lists.opensuse.org/opensuse-updates/2017-02/msg00036.html
- http://lists.opensuse.org/opensuse-updates/2017-02/msg00030.html
- http://www.securityfocus.com/bid/95338
The Git Smart Protocol support in libgit2 before 0.24.6 and 0.25.x before 0.25.1 allows remote attackers to cause a denial of service (NULL pointer dereference) via an empty packet line.
- https://libgit2.github.com/security/
- https://github.com/libgit2/libgit2/commit/84d30d569ada986f3eef527cbdb932643c2dd037
- https://github.com/libgit2/libgit2/commit/2fdef641fd0dd2828bd948234ae86de75221a11a
- http://www.openwall.com/lists/oss-security/2017/01/11/6
- http://www.openwall.com/lists/oss-security/2017/01/10/5
- http://lists.opensuse.org/opensuse-updates/2017-02/msg00072.html
- http://lists.opensuse.org/opensuse-updates/2017-02/msg00036.html
- http://lists.opensuse.org/opensuse-updates/2017-02/msg00030.html
- http://www.securityfocus.com/bid/95339
The http_connect function in transports/http.c in libgit2 before 0.24.6 and 0.25.x before 0.25.1 might allow man-in-the-middle attackers to spoof servers by leveraging clobbering of the error variable.
- https://libgit2.github.com/security/
- https://github.com/libgit2/libgit2/commit/b5c6a1b407b7f8b952bded2789593b68b1876211
- https://github.com/libgit2/libgit2/commit/9a64e62f0f20c9cf9b2e1609f037060eb2d8eb22
- http://www.openwall.com/lists/oss-security/2017/01/11/6
- http://www.openwall.com/lists/oss-security/2017/01/10/5
- http://lists.opensuse.org/opensuse-updates/2017-02/msg00072.html
- http://lists.opensuse.org/opensuse-updates/2017-02/msg00036.html
- http://lists.opensuse.org/opensuse-updates/2017-02/msg00030.html
- http://www.securityfocus.com/bid/95359
zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches.
- https://rt.cpan.org/Ticket/Display.html?id=143579
- https://www.openwall.com/lists/oss-security/2022/03/24/1
- https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531
- http://www.openwall.com/lists/oss-security/2022/03/25/2
- http://www.openwall.com/lists/oss-security/2022/03/26/1
- https://www.openwall.com/lists/oss-security/2022/03/28/1
- https://github.com/madler/zlib/compare/v1.2.11...v1.2.12
- https://www.openwall.com/lists/oss-security/2022/03/28/3
- https://github.com/madler/zlib/issues/605
- https://www.debian.org/security/2022/dsa-5111
- https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NS2D2GFPFGOJUL4WQ3DUAY7HF4VWQ77F/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XOKFMSNQ5D5WGMALBNBXU3GE442V74WU/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VOKNP2L734AEL47NRYGVZIKEFOUBQY5Y/
- https://lists.debian.org/debian-lts-announce/2022/05/msg00008.html
- https://support.apple.com/kb/HT213255
- https://support.apple.com/kb/HT213256
- https://support.apple.com/kb/HT213257
- http://seclists.org/fulldisclosure/2022/May/33
- http://seclists.org/fulldisclosure/2022/May/35
- http://seclists.org/fulldisclosure/2022/May/38
- https://security.netapp.com/advisory/ntap-20220526-0009/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DF62MVMH3QUGMBDCB3DY2ERQ6EBHTADB/
NAME
Git::Raw::Cert::X509 - Git X509 certificate class
VERSION
version 0.70
DESCRIPTION
A Git::Raw::Cert::X509 object represents a X509 certificate.
WARNING: The API of this module is unstable and may change without warning (any change will be appropriately documented in the changelog).
METHODS
data( )
Data for the certificate.
AUTHOR
Jacques Germishuys <jacquesg@striata.com>
LICENSE AND COPYRIGHT
Copyright 2014 Jacques Germishuys.
This program is free software; you can redistribute it and/or modify it under the terms of either: the GNU General Public License as published by the Free Software Foundation; or the Artistic License.
See http://dev.perl.org/licenses/ for more information.
Module Install Instructions
To install Git::Raw, copy and paste the appropriate command in to your terminal.
cpanm Git::Rawperl -MCPAN -e shell
install Git::RawFor more information on module installation, please visit the detailed CPAN module installation guide.