Slackware Advisory SSA:2009-051-02 Git Network Vulnerability

Summary

The remote host is missing an update as announced via advisory SSA:2009-051-02.

Solution

https://secure1.securityspace.com/smysecure/catid.html?in=SSA:2009-051-02

Insight

New git packages are available for Slackware 12.0, 12.1, 12.2, and -current to fix security issues. More details about this issue may be found in the Common Vulnerabilities and Exposures (CVE) database: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3546 There are other security issues related to gitweb, which Slackware does not ship, but could be added to a Slackware install. These problems are also fixed with this update. The CVE entries for the gitweb issues may be found here: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5516 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5517

Severity

Classification

CVE CVE-2008-3546, CVE-2008-5516, CVE-2008-5517

CVSS	Base Score: 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Slackware Advisory SSA:2004-124-02 sysklogd update
Slackware Advisory SSA:2003-273-01 OpenSSL security update
Slackware Advisory SSA:2004-223-01 Mozilla
Slackware Advisory SSA:2006-072-01 Slackware 10.1 kdegraphics
Slackware Advisory SSA:2005-189-01 zlib DoS

Slackware Advisory SSA:2009-051-02 git

Take action and discover your vulnerabilities