[Secure-testing-commits] r33028 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Sat Mar 21 09:06:40 UTC 2015
Author: carnil
Date: 2015-03-21 09:06:35 +0000 (Sat, 21 Mar 2015)
New Revision: 33028
Modified:
data/CVE/list
Log:
Add patch reference
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-03-21 08:27:58 UTC (rev 33027)
+++ data/CVE/list 2015-03-21 09:06:35 UTC (rev 33028)
@@ -10,6 +10,7 @@
TODO: check affected versions
CVE-2014-XXXX [dulwich: does not reject commits with invalid paths]
- dulwich <unfixed>
+ NOTE: Patch: https://git.samba.org/?p=jelmer/dulwich.git;a=commitdiff;h=091638be3c89f46f42c3b1d57dc1504af5729176
NOTE: From https://lists.launchpad.net/dulwich-users/msg00827.html, dulwich clone
NOTE: happily clones such a repo with a commit containing .git/hooks/pre-commit
TODO: clarify if same CVE scope as of CVE-2014-9390
More information about the Secure-testing-commits
mailing list