[Secure-testing-commits] r33030 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Sat Mar 21 09:29:15 UTC 2015
Author: carnil
Date: 2015-03-21 09:29:14 +0000 (Sat, 21 Mar 2015)
New Revision: 33030
Modified:
data/CVE/list
Log:
Update information for dulwich issue
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-03-21 09:10:36 UTC (rev 33029)
+++ data/CVE/list 2015-03-21 09:29:14 UTC (rev 33030)
@@ -11,9 +11,7 @@
CVE-2014-XXXX [dulwich: does not reject commits with invalid paths]
- dulwich <unfixed>
NOTE: Patch: https://git.samba.org/?p=jelmer/dulwich.git;a=commitdiff;h=091638be3c89f46f42c3b1d57dc1504af5729176
- NOTE: From https://lists.launchpad.net/dulwich-users/msg00827.html, dulwich clone
- NOTE: happily clones such a repo with a commit containing .git/hooks/pre-commit
- TODO: clarify if same CVE scope as of CVE-2014-9390
+ NOTE: CVE Requests: http://www.openwall.com/lists/oss-security/2015/03/21/1
CVE-2015-2348
RESERVED
CVE-2015-2347
More information about the Secure-testing-commits
mailing list