Computer Security
[EN] securityvulns.ru no-pyccku


dulwich security vulnerabilities
Published:19.04.2015
Source:
SecurityVulns ID:14414
Type:local
Threat Level:
5/10
Description:Code execution, buffer overflow.
Affected:DULWICH : Dulwich 0.9
CVE:CVE-2015-0838 (Buffer overflow in the C implementation of the apply_delta function in _pack.c in Dulwich before 0.9.9 allows remote attackers to execute arbitrary code via a crafted pack file.)
 CVE-2014-9706 (The build_index_from_tree function in index.py in Dulwich before 0.9.9 allows remote attackers to execute arbitrary code via a commit with a directory path starting with .git/, which is not properly handled when checking out a working tree.)
Original documentdocumentDEBIAN, [SECURITY] [DSA 3206-1] dulwich security update (19.04.2015)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod