what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New

Secunia Security Advisory 33613

Secunia Security Advisory 33613
Posted Jan 20, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Debian has issued an update for git. This fixes a security issue and some vulnerabilities, which can be exploited by malicious, local users to gain escalated privileges, and by malicious people to compromise a vulnerable system.

tags | advisory, local, vulnerability
systems | linux, debian
SHA-256 | 341981a7c86ddc44a928088b43bdbac2f85393e0c85eaa08c6e4f16b38aa9e49
Download | Favorite | View

Secunia Security Advisory 33613

Change Mirror Download
----------------------------------------------------------------------

Did you know that a change in our assessment rating, exploit code
availability, or if an updated patch is released by the vendor, is
not part of this mailing-list?

Click here to learn more:
https://secunia.com/advisories/business_solutions/

----------------------------------------------------------------------

TITLE:
Debian update for git

SECUNIA ADVISORY ID:
SA33613

VERIFY ADVISORY:
https://secunia.com/advisories/33613/

CRITICAL:
Highly critical

IMPACT:
Privilege escalation

WHERE:
>From remote

OPERATING SYSTEM:
Debian GNU/Linux 4.0
https://secunia.com/advisories/product/13844/
Debian GNU/Linux unstable alias sid
https://secunia.com/advisories/product/530/

DESCRIPTION:
Debian has issued an update for git. This fixes a security issue and
some vulnerabilities, which can be exploited by malicious, local
users to gain escalated privileges, and by malicious people to
compromise a vulnerable system.

For more information:
SA33270
SA33607

SOLUTION:
Apply updated packages.

-- Debian GNU/Linux 4.0 alias etch --

Source archives:

https://security.debian.org/pool/updates/main/g/git-core/git-core_1.4.4.4.orig.tar.gz
Size/MD5 checksum: 1054130 99bc7ea441226f792b6f796a838e7ef0
https://security.debian.org/pool/updates/main/g/git-core/git-core_1.4.4.4-4+etch1.diff.gz
Size/MD5 checksum: 88583 47033ef17360b441eb508094a3ab6b2b
https://security.debian.org/pool/updates/main/g/git-core/git-core_1.4.4.4-4+etch1.dsc
Size/MD5 checksum: 1097 b907083d358ff2dc892790569fe3a164

Architecture independent packages:

https://security.debian.org/pool/updates/main/g/git-core/gitweb_1.4.4.4-4+etch1_all.deb
Size/MD5 checksum: 89094 1dc1b790f989600d62ba2d347d890a43
https://security.debian.org/pool/updates/main/g/git-core/git-daemon-run_1.4.4.4-4+etch1_all.deb
Size/MD5 checksum: 55504 7d1a4bf7bf17f179f94f513fc56f1ffc
https://security.debian.org/pool/updates/main/g/git-core/git-svn_1.4.4.4-4+etch1_all.deb
Size/MD5 checksum: 100426 149f0e2dda76e4d7613200d530db9e67
https://security.debian.org/pool/updates/main/g/git-core/gitk_1.4.4.4-4+etch1_all.deb
Size/MD5 checksum: 99598 800ea1d003baf1e348fda3b661fc16ed
https://security.debian.org/pool/updates/main/g/git-core/git-doc_1.4.4.4-4+etch1_all.deb
Size/MD5 checksum: 453076 4d102f5051116516cf4cc45b10637871
https://security.debian.org/pool/updates/main/g/git-core/git-email_1.4.4.4-4+etch1_all.deb
Size/MD5 checksum: 62792 201df12660ca0b6180e5fa3c5e0a3543
https://security.debian.org/pool/updates/main/g/git-core/git-arch_1.4.4.4-4+etch1_all.deb
Size/MD5 checksum: 68508 1489a2af3d016ff8b1a4c612365870b8
https://security.debian.org/pool/updates/main/g/git-core/git-cvs_1.4.4.4-4+etch1_all.deb
Size/MD5 checksum: 94516 afef0aca9b13d1d50af28cbb0d9cc1aa

alpha architecture (DEC Alpha)

https://security.debian.org/pool/updates/main/g/git-core/git-core_1.4.4.4-4+etch1_alpha.deb
Size/MD5 checksum: 3101926 6422c5ad17a7248820c3c27195051b0c

amd64 architecture (AMD x86_64 (AMD64))

https://security.debian.org/pool/updates/main/g/git-core/git-core_1.4.4.4-4+etch1_amd64.deb
Size/MD5 checksum: 2642144 b81b341dce9b234eb193d40decd1283b

arm architecture (ARM)

https://security.debian.org/pool/updates/main/g/git-core/git-core_1.4.4.4-4+etch1_arm.deb
Size/MD5 checksum: 2322772 d5c371c8f6f3923edaf880df795870e4

hppa architecture (HP PA RISC)

https://security.debian.org/pool/updates/main/g/git-core/git-core_1.4.4.4-4+etch1_hppa.deb
Size/MD5 checksum: 2693958 c519a9e4cfeda0f11fe92e23756c6759

i386 architecture (Intel ia32)

https://security.debian.org/pool/updates/main/g/git-core/git-core_1.4.4.4-4+etch1_i386.deb
Size/MD5 checksum: 2340718 94abafaa8e010240a6a2da50ca717217

ia64 architecture (Intel ia64)

https://security.debian.org/pool/updates/main/g/git-core/git-core_1.4.4.4-4+etch1_ia64.deb
Size/MD5 checksum: 3815660 9b0970058eecaf9abd12e5cc472d0434

mips architecture (MIPS (Big Endian))

https://security.debian.org/pool/updates/main/g/git-core/git-core_1.4.4.4-4+etch1_mips.deb
Size/MD5 checksum: 2784146 b345d0ffd96b307025924f99fed33e9e

mipsel architecture (MIPS (Little Endian))

https://security.debian.org/pool/updates/main/g/git-core/git-core_1.4.4.4-4+etch1_mipsel.deb
Size/MD5 checksum: 2801244 7067901dea12981db4f09e186888e5b3

powerpc architecture (PowerPC)

https://security.debian.org/pool/updates/main/g/git-core/git-core_1.4.4.4-4+etch1_powerpc.deb
Size/MD5 checksum: 2638996 23afd3d0fc61699d0850793c2dbd0047

s390 architecture (IBM S/390)

https://security.debian.org/pool/updates/main/g/git-core/git-core_1.4.4.4-4+etch1_s390.deb
Size/MD5 checksum: 2628016 8f29e9b8b465bf570e8ee7bf78e3437d

sparc architecture (Sun SPARC/UltraSPARC)

https://security.debian.org/pool/updates/main/g/git-core/git-core_1.4.4.4-4+etch1_sparc.deb
Size/MD5 checksum: 2301444 93f43ba8edfb78438a6d7d66b96e4816

-- Debian GNU/Linux unstable alias sid --

Fixed in version 1.5.6-1.

ORIGINAL ADVISORY:
DSA-1708-1:
https://lists.debian.org/debian-security-announce/2009/msg00015.html

OTHER REFERENCES:
SA33270:
https://secunia.com/advisories/33270/

SA33607:
https://secunia.com/advisories/33607/

----------------------------------------------------------------------

About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.

Subscribe:
https://secunia.com/advisories/secunia_security_advisories/

Definitions: (Criticality, Where etc.)
https://secunia.com/advisories/about_secunia_advisories/


Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.

----------------------------------------------------------------------

Login or Register to add favorites

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    0 Files
  • 12
    Nov 12th
    0 Files
  • 13
    Nov 13th
    0 Files
  • 14
    Nov 14th
    0 Files
  • 15
    Nov 15th
    0 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Site Links
News by Month
News Tags
Files by Month
File Tags
File Directory
About Us
History & Purpose
Contact Information
Terms of Service
Privacy Statement
Copyright Information
Services
Security Services
Hosting By
Rokasec
close