First Last Prev Next    This bug is not in your last search results.
Bug 54569 - libgit2: Multiple issues (4.4)
libgit2: Multiple issues (4.4)
Status: CLOSED FIXED
Product: UCS
Classification: Unclassified
Component: Security updates
UCS 4.4
All Linux
: P3 normal (vote)
: UCS 4.4-8-errata
Assigned To: Quality Assurance
Erik Damrose
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2022-03-21 09:51 CET by Quality Assurance
Modified: 2022-03-23 12:10 CET (History)
0 users

See Also:
What kind of report is it?: Security Issue
What type of bug is this?: ---
Who will be affected by this bug?: ---
How will those affected feel about the bug?: ---
User Pain:
Enterprise Customer affected?:
School Customer affected?:
ISV affected?:
Waiting Support:
Flags outvoted (downgraded) after PO Review:
Ticket number:
Bug group (optional):
Max CVSS v3 score: 8.1 (CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H) NVD RedHat

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Quality Assurance univentionstaff 2022-03-21 09:51:19 CET 
New Debian libgit2 0.25.1+really0.24.6-1+deb9u1 fixes:
This update addresses the following issues:
* denial of service (DoS) via crafted repository index files (CVE-2018-8098)
* denial of service (DoS) via crafted repository index files (CVE-2018-8099)
* A flaw was found in libgit2 before version 0.27.3. It has been discovered  that an unexpected sign extension in git_delta_apply function in delta.c  file may lead to an integer overflow which in turn leads to an out of bound  read, allowing to read before the base object. An attacker may use this  flaw to leak memory addresses or cause a Denial of Service.  (CVE-2018-10887)
* A flaw was found in libgit2 before version 0.27.3. A missing check in  git_delta_apply function in delta.c file, may lead to an out-of-bound read  while reading a binary delta file. An attacker may use this flaw to cause a  Denial of Service. (CVE-2018-10888)
* out-of-bounds reads when processing smart-protocol ng packets  (CVE-2018-15501)
* files inside the .git directory may be overwritten during cloning via NTFS  Alternate Data Streams (CVE-2020-12278)
* NTFS protections inactive when running Git in the Windows Subsystem for  Linux (CVE-2020-12279)
Comment 1 Quality Assurance univentionstaff 2022-03-21 10:02:35 CET 
--- mirror/ftp/4.3/unmaintained/4.3-0/source/libgit2_0.25.1+really0.24.6-1.dsc
+++ apt/ucs_4.4-0-errata4.4-8/source/libgit2_0.25.1+really0.24.6-1+deb9u1.dsc
@@ -1,3 +1,19 @@
+0.25.1+really0.24.6-1+deb9u1 [Mon, 07 Mar 2022 04:46:14 +0530] Utkarsh Gupta <utkarsh@debian.org>:
+
+  * Non-maintainer upload by the LTS team.
+  * Add patch to fix potential OOB-read when processing
+    ng packet. (Fixes: CVE-2018-15501)
+  * Add patch to fix out-of-bounds read of delta.
+    (Fixes: CVE-2018-10888)
+  * Add patch to fix sign-extension of big left-shift.
+    (Fixes: CVE-2018-10887)
+  * Add patch to convert read_entry to return entry size
+    via an out-param. (Fixes: CVE-2018-8099)
+  * Add patch to disallow NTFS Alternate Data Stream attacks,
+    even on Linux/macOS. (Fixes: CVE-2020-12278)
+  * Add patch to protect against 8.3 "short name" attacks
+    also on Linux/macOS. (Fixes: CVE-2020-12279)
+
 0.25.1+really0.24.6-1 [Sun, 21 May 2017 18:18:47 +0200] Russell Sim <russell.sim@gmail.com>:
 
   * Revert 0.25.1 in unstable, 0.24.5 was already in unstable 0.25.1 was

<http://piuparts.knut.univention.de/4.4-8/#5394548835315654144>
Comment 2 Erik Damrose univentionstaff 2022-03-22 16:49:23 CET 
OK: yaml
OK: announce_errata
OK: patch
OK: piuparts
First Last Prev Next    This bug is not in your last search results.