[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Full-disclosure] [USN-723-1] Git vulnerabilities



===========================================================
Ubuntu Security Notice USN-723-1          February 18, 2009
git-core vulnerabilities
CVE-2008-3546, CVE-2008-5516, CVE-2008-5517, CVE-2008-5916
===========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 6.06 LTS
Ubuntu 7.10
Ubuntu 8.04 LTS
Ubuntu 8.10

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 6.06 LTS:
  git-core                        1.1.3-1ubuntu1.1

Ubuntu 7.10:
  git-core                        1:1.5.2.5-2ubuntu0.1
  gitweb                          1:1.5.2.5-2ubuntu0.1

Ubuntu 8.04 LTS:
  git-core                        1:1.5.4.3-1ubuntu2.1
  gitweb                          1:1.5.4.3-1ubuntu2.1

Ubuntu 8.10:
  git-core                        1:1.5.6.3-1.1ubuntu2.1
  gitweb                          1:1.5.6.3-1.1ubuntu2.1

In general, a standard system upgrade is sufficient to effect the
necessary changes.

Details follow:

It was discovered that Git did not properly handle long file paths. If a user
were tricked into performing commands on a specially crafted Git repository, an
attacker could possibly execute arbitrary code with the privileges of the user
invoking the program. (CVE-2008-3546)

It was discovered that the Git web interface (gitweb) did not correctly handle
shell metacharacters when processing certain commands. A remote attacker could
send specially crafted commands to the Git server and execute arbitrary code
with the privileges of the Git web server. This issue only applied to Ubuntu
7.10 and 8.04 LTS. (CVE-2008-5516, CVE-2008-5517)

It was discovered that the Git web interface (gitweb) did not properly restrict
the diff.external configuration parameter. A local attacker could exploit this
issue and execute arbitrary code with the privileges of the Git web server.
This issue only applied to Ubuntu 8.04 LTS and 8.10. (CVE-2008-5916)


Updated packages for Ubuntu 6.06 LTS:

  Source archives:

    
http://security.ubuntu.com/ubuntu/pool/main/g/git-core/git-core_1.1.3-1ubuntu1.1.diff.gz
      Size/MD5:     8481 84fe19c380b31b7964b6c07a2500afee
    
http://security.ubuntu.com/ubuntu/pool/main/g/git-core/git-core_1.1.3-1ubuntu1.1.dsc
      Size/MD5:      726 b23292f80d33ee016fcf97a4255dac6d
    
http://security.ubuntu.com/ubuntu/pool/main/g/git-core/git-core_1.1.3.orig.tar.gz
      Size/MD5:   572735 4527e2a1afe3e30c0dc49455d9445dab

  Architecture independent packages:

    
http://security.ubuntu.com/ubuntu/pool/main/g/git-core/git-doc_1.1.3-1ubuntu1.1_all.deb
      Size/MD5:   274678 e523f354649e74138b2aec0842bda73e
    
http://security.ubuntu.com/ubuntu/pool/main/g/git-core/git-email_1.1.3-1ubuntu1.1_all.deb
      Size/MD5:    10040 099cc4c8d98d641cb8832e1b7d767db2
    
http://security.ubuntu.com/ubuntu/pool/main/g/git-core/gitk_1.1.3-1ubuntu1.1_all.deb
      Size/MD5:    34830 9467ee72ac93ef0f3417e76b9f7955e1
    
http://security.ubuntu.com/ubuntu/pool/universe/g/git-core/git-arch_1.1.3-1ubuntu1.1_all.deb
      Size/MD5:    18572 eacf41e5062a143d9d959c0e2a2d4846
    
http://security.ubuntu.com/ubuntu/pool/universe/g/git-core/git-cvs_1.1.3-1ubuntu1.1_all.deb
      Size/MD5:    17804 8bcbc71667cd93ee00b9b3034c419c43
    
http://security.ubuntu.com/ubuntu/pool/universe/g/git-core/git-svn_1.1.3-1ubuntu1.1_all.deb
      Size/MD5:    14464 c90c396cdebda9315ec6c567c29da498

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):

    
http://security.ubuntu.com/ubuntu/pool/main/g/git-core/git-core_1.1.3-1ubuntu1.1_amd64.deb
      Size/MD5:  2175496 6d631f1b04de3816e1a2a2c2401dc527

  i386 architecture (x86 compatible Intel/AMD):

    
http://security.ubuntu.com/ubuntu/pool/main/g/git-core/git-core_1.1.3-1ubuntu1.1_i386.deb
      Size/MD5:  1783188 3dab34c13e1ccbc7e3168e55043bc185

  powerpc architecture (Apple Macintosh G3/G4/G5):

    
http://security.ubuntu.com/ubuntu/pool/main/g/git-core/git-core_1.1.3-1ubuntu1.1_powerpc.deb
      Size/MD5:  2160072 5d23dfdca43d79e68d3c85ca75c87e78

  sparc architecture (Sun SPARC/UltraSPARC):

    
http://security.ubuntu.com/ubuntu/pool/main/g/git-core/git-core_1.1.3-1ubuntu1.1_sparc.deb
      Size/MD5:  1819706 78da61a35bb9ad71a29c84e30bcc311f

Updated packages for Ubuntu 7.10:

  Source archives:

    
http://security.ubuntu.com/ubuntu/pool/main/g/git-core/git-core_1.5.2.5-2ubuntu0.1.diff.gz
      Size/MD5:   144952 d83b395b7bbd2cd749d9aa5d97a83bcd
    
http://security.ubuntu.com/ubuntu/pool/main/g/git-core/git-core_1.5.2.5-2ubuntu0.1.dsc
      Size/MD5:      913 6da97e15925a75ff803168fea6b9b925
    
http://security.ubuntu.com/ubuntu/pool/main/g/git-core/git-core_1.5.2.5.orig.tar.gz
      Size/MD5:  1413507 4e8de9e56882f3214a92f6d7dc3c49ec

  Architecture independent packages:

    
http://security.ubuntu.com/ubuntu/pool/main/g/git-core/git-doc_1.5.2.5-2ubuntu0.1_all.deb
      Size/MD5:   784322 965127d18e2f2685946421342cae7ea9
    
http://security.ubuntu.com/ubuntu/pool/main/g/git-core/gitk_1.5.2.5-2ubuntu0.1_all.deb
      Size/MD5:   177188 cf70b1ef991268ff20fdb35d523195ee
    
http://security.ubuntu.com/ubuntu/pool/universe/g/git-core/git-arch_1.5.2.5-2ubuntu0.1_all.deb
      Size/MD5:   146538 b9cc1bd6aed014a5fe2ef2ef8b056604
    
http://security.ubuntu.com/ubuntu/pool/universe/g/git-core/git-cvs_1.5.2.5-2ubuntu0.1_all.deb
      Size/MD5:   175020 fac05c19d5edfd3dc6c81e2c520fbccf
    
http://security.ubuntu.com/ubuntu/pool/universe/g/git-core/git-daemon-run_1.5.2.5-2ubuntu0.1_all.deb
      Size/MD5:   133082 7f6c05fa7b1d1fd561130efa51435003
    
http://security.ubuntu.com/ubuntu/pool/universe/g/git-core/git-email_1.5.2.5-2ubuntu0.1_all.deb
      Size/MD5:   140880 e4bf3d8f89f2da703802eb36ef99056e
    
http://security.ubuntu.com/ubuntu/pool/universe/g/git-core/git-gui_1.5.2.5-2ubuntu0.1_all.deb
      Size/MD5:   187602 d4f2f5db1617926ab91c4fc31d64f461
    
http://security.ubuntu.com/ubuntu/pool/universe/g/git-core/git-p4_1.5.2.5-2ubuntu0.1_all.deb
      Size/MD5:   137942 8897ec08a8634306f0c6d6fdc3a8d107
    
http://security.ubuntu.com/ubuntu/pool/universe/g/git-core/git-svn_1.5.2.5-2ubuntu0.1_all.deb
      Size/MD5:   184264 45c79c1291145eba9300f0f9056aa718
    
http://security.ubuntu.com/ubuntu/pool/universe/g/git-core/gitweb_1.5.2.5-2ubuntu0.1_all.deb
      Size/MD5:   173158 25faab173e4ee0b81558ac7dfe0d96f0

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):

    
http://security.ubuntu.com/ubuntu/pool/main/g/git-core/git-core_1.5.2.5-2ubuntu0.1_amd64.deb
      Size/MD5:  3973872 de072e080943ef677305b88811e53276

  i386 architecture (x86 compatible Intel/AMD):

    
http://security.ubuntu.com/ubuntu/pool/main/g/git-core/git-core_1.5.2.5-2ubuntu0.1_i386.deb
      Size/MD5:  3629654 29acb5504bd85ebb88e87262166604b2

  lpia architecture (Low Power Intel Architecture):

    
http://ports.ubuntu.com/pool/main/g/git-core/git-core_1.5.2.5-2ubuntu0.1_lpia.deb
      Size/MD5:  3645624 d14c3238f9dc2a384d962eac1b0b9449

  powerpc architecture (Apple Macintosh G3/G4/G5):

    
http://security.ubuntu.com/ubuntu/pool/main/g/git-core/git-core_1.5.2.5-2ubuntu0.1_powerpc.deb
      Size/MD5:  4045000 068573efc26e0837b66022fc66bc0bf9

  sparc architecture (Sun SPARC/UltraSPARC):

    
http://security.ubuntu.com/ubuntu/pool/main/g/git-core/git-core_1.5.2.5-2ubuntu0.1_sparc.deb
      Size/MD5:  3579554 d1d7afe1b703db3e4cb2b488ae880580

Updated packages for Ubuntu 8.04 LTS:

  Source archives:

    
http://security.ubuntu.com/ubuntu/pool/main/g/git-core/git-core_1.5.4.3-1ubuntu2.1.diff.gz
      Size/MD5:   200842 b96d1522b48149c79d6a62a3de9d81d0
    
http://security.ubuntu.com/ubuntu/pool/main/g/git-core/git-core_1.5.4.3-1ubuntu2.1.dsc
      Size/MD5:      981 9a433d45bfaff2ec9ae2a927d04e7261
    
http://security.ubuntu.com/ubuntu/pool/main/g/git-core/git-core_1.5.4.3.orig.tar.gz
      Size/MD5:  1899555 6311a711eb780b1fbae29e0fd28836bd

  Architecture independent packages:

    
http://security.ubuntu.com/ubuntu/pool/main/g/git-core/git-doc_1.5.4.3-1ubuntu2.1_all.deb
      Size/MD5:   946188 d88de1a9678fc97e884f2284537ed742
    
http://security.ubuntu.com/ubuntu/pool/main/g/git-core/gitk_1.5.4.3-1ubuntu2.1_all.deb
      Size/MD5:   249246 8725979f197f27104eef0d33ff0b06c4
    
http://security.ubuntu.com/ubuntu/pool/universe/g/git-core/git-arch_1.5.4.3-1ubuntu2.1_all.deb
      Size/MD5:   200286 003e106780d0884ac753c8471fbed214
    
http://security.ubuntu.com/ubuntu/pool/universe/g/git-core/git-cvs_1.5.4.3-1ubuntu2.1_all.deb
      Size/MD5:   231348 d1c81166abd3ed04b2ce1bdcee4a75dd
    
http://security.ubuntu.com/ubuntu/pool/universe/g/git-core/git-daemon-run_1.5.4.3-1ubuntu2.1_all.deb
      Size/MD5:   186912 b9061c6f28b4ca197d3d00ea4fd338e2
    
http://security.ubuntu.com/ubuntu/pool/universe/g/git-core/git-email_1.5.4.3-1ubuntu2.1_all.deb
      Size/MD5:   197176 c7c118ff8d0702d773c9c4e8d7fa8680
    
http://security.ubuntu.com/ubuntu/pool/universe/g/git-core/git-gui_1.5.4.3-1ubuntu2.1_all.deb
      Size/MD5:   353336 c4e57d50553dd1e904f38b29526e2727
    
http://security.ubuntu.com/ubuntu/pool/universe/g/git-core/git-svn_1.5.4.3-1ubuntu2.1_all.deb
      Size/MD5:   235598 8ab114213531386642eb6829a137ae36
    
http://security.ubuntu.com/ubuntu/pool/universe/g/git-core/gitweb_1.5.4.3-1ubuntu2.1_all.deb
      Size/MD5:   236232 21d1c7191263f03e378e9169e6472fc9

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):

    
http://security.ubuntu.com/ubuntu/pool/main/g/git-core/git-core_1.5.4.3-1ubuntu2.1_amd64.deb
      Size/MD5:  3354474 305781ff01c0c1f367f1a633702a77e7

  i386 architecture (x86 compatible Intel/AMD):

    
http://security.ubuntu.com/ubuntu/pool/main/g/git-core/git-core_1.5.4.3-1ubuntu2.1_i386.deb
      Size/MD5:  3080146 27f36ed5dec0e0f02021e3321f8263b0

  lpia architecture (Low Power Intel Architecture):

    
http://ports.ubuntu.com/pool/main/g/git-core/git-core_1.5.4.3-1ubuntu2.1_lpia.deb
      Size/MD5:  3088974 5fd7ebb55e8e332e3e8c68d3b1f4e7e0

  powerpc architecture (Apple Macintosh G3/G4/G5):

    
http://ports.ubuntu.com/pool/main/g/git-core/git-core_1.5.4.3-1ubuntu2.1_powerpc.deb
      Size/MD5:  3451558 22bf0faf3f9dc0c1c0750f4daa86b19e

  sparc architecture (Sun SPARC/UltraSPARC):

    
http://ports.ubuntu.com/pool/main/g/git-core/git-core_1.5.4.3-1ubuntu2.1_sparc.deb
      Size/MD5:  3049674 46582ea0b9edc250d6466670d76c8e35

Updated packages for Ubuntu 8.10:

  Source archives:

    
http://security.ubuntu.com/ubuntu/pool/main/g/git-core/git-core_1.5.6.3-1.1ubuntu2.1.diff.gz
      Size/MD5:   229915 29811f5d42c322f4bde6c774994606c2
    
http://security.ubuntu.com/ubuntu/pool/main/g/git-core/git-core_1.5.6.3-1.1ubuntu2.1.dsc
      Size/MD5:     1424 dc616d099eb6d2529d6753568e21f6e0
    
http://security.ubuntu.com/ubuntu/pool/main/g/git-core/git-core_1.5.6.3.orig.tar.gz
      Size/MD5:  2098346 26989b6880744ab16f105edaca130777

  Architecture independent packages:

    
http://security.ubuntu.com/ubuntu/pool/main/g/git-core/git-doc_1.5.6.3-1.1ubuntu2.1_all.deb
      Size/MD5:  1065962 bab74f5f2cebc8193ff9911d3e6ee6b8
    
http://security.ubuntu.com/ubuntu/pool/main/g/git-core/gitk_1.5.6.3-1.1ubuntu2.1_all.deb
      Size/MD5:   297524 7be3c3dfdeaca0227ed5aa48590c628c
    
http://security.ubuntu.com/ubuntu/pool/universe/g/git-core/git-arch_1.5.6.3-1.1ubuntu2.1_all.deb
      Size/MD5:   229906 dac7569c86a2f05c08cb12f91b4a71a3
    
http://security.ubuntu.com/ubuntu/pool/universe/g/git-core/git-cvs_1.5.6.3-1.1ubuntu2.1_all.deb
      Size/MD5:   265926 5e58bab889279df8a320b175baede8ac
    
http://security.ubuntu.com/ubuntu/pool/universe/g/git-core/git-daemon-run_1.5.6.3-1.1ubuntu2.1_all.deb
      Size/MD5:   216678 c2b0eb87e49c5bad4d759cdc32df6f9a
    
http://security.ubuntu.com/ubuntu/pool/universe/g/git-core/git-email_1.5.6.3-1.1ubuntu2.1_all.deb
      Size/MD5:   228222 fc4310479b4f014aac3aeae9e1568839
    
http://security.ubuntu.com/ubuntu/pool/universe/g/git-core/git-gui_1.5.6.3-1.1ubuntu2.1_all.deb
      Size/MD5:   400460 e26bcff5817aa18d762f47c903db4d3f
    
http://security.ubuntu.com/ubuntu/pool/universe/g/git-core/git-svn_1.5.6.3-1.1ubuntu2.1_all.deb
      Size/MD5:   267084 14eddade7dbd3a5ad459ba8de8a41929
    
http://security.ubuntu.com/ubuntu/pool/universe/g/git-core/gitweb_1.5.6.3-1.1ubuntu2.1_all.deb
      Size/MD5:   266960 78a3c82420919e6af86533dddaf9e2ee

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):

    
http://security.ubuntu.com/ubuntu/pool/main/g/git-core/git-core_1.5.6.3-1.1ubuntu2.1_amd64.deb
      Size/MD5:  3439688 5dc535f599b63db0b0e36fa9d08e3a3c

  i386 architecture (x86 compatible Intel/AMD):

    
http://security.ubuntu.com/ubuntu/pool/main/g/git-core/git-core_1.5.6.3-1.1ubuntu2.1_i386.deb
      Size/MD5:  3162042 b5e9615f4cd16835e9fa59bcc6516faf

  lpia architecture (Low Power Intel Architecture):

    
http://ports.ubuntu.com/pool/main/g/git-core/git-core_1.5.6.3-1.1ubuntu2.1_lpia.deb
      Size/MD5:  3145876 08219da3bab247ac30a2265af7e5a227

  powerpc architecture (Apple Macintosh G3/G4/G5):

    
http://ports.ubuntu.com/pool/main/g/git-core/git-core_1.5.6.3-1.1ubuntu2.1_powerpc.deb
      Size/MD5:  3477660 5c4c917a1e88655ea95e73aa2067b53b

  sparc architecture (Sun SPARC/UltraSPARC):

    
http://ports.ubuntu.com/pool/main/g/git-core/git-core_1.5.6.3-1.1ubuntu2.1_sparc.deb
      Size/MD5:  3101712 97f7607c999059acf15a931da1d675cf


Attachment: signature.asc
Description: This is a digitally signed message part

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/