Security Advisories (4)
Buffer overflow in the git_pkt_parse_line function in transports/smart_pkt.c in the Git Smart Protocol support in libgit2 before 0.24.6 and 0.25.x before 0.25.1 allows remote attackers to have unspecified impact via a crafted non-flush packet.
- https://libgit2.github.com/security/
- https://github.com/libgit2/libgit2/commit/66e3774d279672ee51c3b54545a79d20d1ada834
- https://github.com/libgit2/libgit2/commit/4ac39c76c0153d1ee6889a0984c39e97731684b2
- http://www.openwall.com/lists/oss-security/2017/01/11/6
- http://www.openwall.com/lists/oss-security/2017/01/10/5
- http://lists.opensuse.org/opensuse-updates/2017-02/msg00072.html
- http://lists.opensuse.org/opensuse-updates/2017-02/msg00036.html
- http://lists.opensuse.org/opensuse-updates/2017-02/msg00030.html
- http://www.securityfocus.com/bid/95338
The Git Smart Protocol support in libgit2 before 0.24.6 and 0.25.x before 0.25.1 allows remote attackers to cause a denial of service (NULL pointer dereference) via an empty packet line.
- https://libgit2.github.com/security/
- https://github.com/libgit2/libgit2/commit/84d30d569ada986f3eef527cbdb932643c2dd037
- https://github.com/libgit2/libgit2/commit/2fdef641fd0dd2828bd948234ae86de75221a11a
- http://www.openwall.com/lists/oss-security/2017/01/11/6
- http://www.openwall.com/lists/oss-security/2017/01/10/5
- http://lists.opensuse.org/opensuse-updates/2017-02/msg00072.html
- http://lists.opensuse.org/opensuse-updates/2017-02/msg00036.html
- http://lists.opensuse.org/opensuse-updates/2017-02/msg00030.html
- http://www.securityfocus.com/bid/95339
The http_connect function in transports/http.c in libgit2 before 0.24.6 and 0.25.x before 0.25.1 might allow man-in-the-middle attackers to spoof servers by leveraging clobbering of the error variable.
- https://libgit2.github.com/security/
- https://github.com/libgit2/libgit2/commit/b5c6a1b407b7f8b952bded2789593b68b1876211
- https://github.com/libgit2/libgit2/commit/9a64e62f0f20c9cf9b2e1609f037060eb2d8eb22
- http://www.openwall.com/lists/oss-security/2017/01/11/6
- http://www.openwall.com/lists/oss-security/2017/01/10/5
- http://lists.opensuse.org/opensuse-updates/2017-02/msg00072.html
- http://lists.opensuse.org/opensuse-updates/2017-02/msg00036.html
- http://lists.opensuse.org/opensuse-updates/2017-02/msg00030.html
- http://www.securityfocus.com/bid/95359
zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches.
- https://rt.cpan.org/Ticket/Display.html?id=143579
- https://www.openwall.com/lists/oss-security/2022/03/24/1
- https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531
- http://www.openwall.com/lists/oss-security/2022/03/25/2
- http://www.openwall.com/lists/oss-security/2022/03/26/1
- https://www.openwall.com/lists/oss-security/2022/03/28/1
- https://github.com/madler/zlib/compare/v1.2.11...v1.2.12
- https://www.openwall.com/lists/oss-security/2022/03/28/3
- https://github.com/madler/zlib/issues/605
- https://www.debian.org/security/2022/dsa-5111
- https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NS2D2GFPFGOJUL4WQ3DUAY7HF4VWQ77F/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XOKFMSNQ5D5WGMALBNBXU3GE442V74WU/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VOKNP2L734AEL47NRYGVZIKEFOUBQY5Y/
- https://lists.debian.org/debian-lts-announce/2022/05/msg00008.html
- https://support.apple.com/kb/HT213255
- https://support.apple.com/kb/HT213256
- https://support.apple.com/kb/HT213257
- http://seclists.org/fulldisclosure/2022/May/33
- http://seclists.org/fulldisclosure/2022/May/35
- http://seclists.org/fulldisclosure/2022/May/38
- https://security.netapp.com/advisory/ntap-20220526-0009/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DF62MVMH3QUGMBDCB3DY2ERQ6EBHTADB/
NAME
Git::Raw::Object - Git object
VERSION
version 0.72
DESCRIPTION
Git::Raw::Object provides a namespace for object constants.
WARNING: The API of this module is unstable and may change without warning (any change will be appropriately documented in the changelog).
CONSTANTS
ANY
Any
BAD
Invalid
COMMIT
Commit
TREE
Tree (directory listing)
BLOB
File revision (blob)
TAG
Annotated tag
AUTHOR
Jacques Germishuys <jacquesg@striata.com>
LICENSE AND COPYRIGHT
Copyright 2016 Jacques Germishuys.
This program is free software; you can redistribute it and/or modify it under the terms of either: the GNU General Public License as published by the Free Software Foundation; or the Artistic License.
See http://dev.perl.org/licenses/ for more information.
Module Install Instructions
To install Git::Raw, copy and paste the appropriate command in to your terminal.
cpanm Git::Rawperl -MCPAN -e shell
install Git::RawFor more information on module installation, please visit the detailed CPAN module installation guide.