Home
Reading
Searching
Subscribe
Sponsors
Statistics
Posting
Contact
Spam
Lists
Links
About
Hosting
Filtering
Features Download
Marketing
Archives
FAQ
Blog
 
Gmane
From: Pat Riehecky <riehecky-13hema8v3vg <at> public.gmane.org>
Subject: Security ERRATA Moderate: git on SL6.x i386/x86_64
Newsgroups: gmane.linux.scientific.errata
Date: Monday 4th March 2013 22:58:34 UTC (over 3 years ago)
Synopsis:          Moderate: git security update
Issue Date:        2013-03-04
CVE Numbers:       CVE-2013-0308
--

It was discovered that Git's git-imap-send command, a tool to send a
collection of patches from standard input (stdin) to an IMAP folder, did
not properly perform SSL X.509 v3 certificate validation on the IMAP
server's certificate, as it did not ensure that the server's hostname
matched the one provided in the CN field of the server's certificate. A
rogue server could use this flaw to conduct man-in-the-middle attacks,
possibly leading to the disclosure of sensitive information.
(CVE-2013-0308)
--

SL6
   x86_64
     git-1.7.1-3.el6_4.1.x86_64.rpm
     git-daemon-1.7.1-3.el6_4.1.x86_64.rpm
     git-debuginfo-1.7.1-3.el6_4.1.x86_64.rpm
   i386
     git-1.7.1-3.el6_4.1.i686.rpm
     git-daemon-1.7.1-3.el6_4.1.i686.rpm
     git-debuginfo-1.7.1-3.el6_4.1.i686.rpm
   noarch
     emacs-git-1.7.1-3.el6_4.1.noarch.rpm
     emacs-git-el-1.7.1-3.el6_4.1.noarch.rpm
     git-all-1.7.1-3.el6_4.1.noarch.rpm
     git-cvs-1.7.1-3.el6_4.1.noarch.rpm
     git-email-1.7.1-3.el6_4.1.noarch.rpm
     git-gui-1.7.1-3.el6_4.1.noarch.rpm
     git-svn-1.7.1-3.el6_4.1.noarch.rpm
     gitk-1.7.1-3.el6_4.1.noarch.rpm
     gitweb-1.7.1-3.el6_4.1.noarch.rpm
     perl-Git-1.7.1-3.el6_4.1.noarch.rpm

The following packages were added for dependency resolution
SL6
   x86_64
     minizip-1.2.3-29.el6.i686.rpm
     minizip-1.2.3-29.el6.x86_64.rpm
     minizip-devel-1.2.3-29.el6.i686.rpm
     minizip-devel-1.2.3-29.el6.x86_64.rpm
   i386
     minizip-1.2.3-29.el6.i686.rpm
     minizip-devel-1.2.3-29.el6.i686.rpm

- Scientific Linux Development Team
 
CD: 3ms