Please Install the Updated Packages.

Git is a fast, scalable, distributed revision control system. It was discovered that Git's git-imap-send command, a tool to send a collection of patches from standard input (stdin) to an IMAP folder, did not properly perform SSL X.509 v3 certificate validation on the IMAP server`s certificate, as it did not ensure that the server`s hostname matched the one provided in the CN field of the server's certificate. A rogue server could use this flaw to conduct man-in-the-middle attacks, possibly leading to the disclosure of sensitive information. (CVE-2013-0308) All git users should upgrade to these updated packages, which contain a backported patch to correct this issue.

git on Red Hat Enterprise Linux Server (v. 6), Red Hat Enterprise Linux Workstation (v. 6)

• https://www.redhat.com/archives/rhsa-announce/2013-March/msg00003.html

---

Updated on 2015-03-25