Laël Cellier discovered that Git incorrectly handled path strings in crafted Git repositories. A remote attacker could use this issue to cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking Git. (CVE-2016-2315, CVE-2016-2324)
{ "availability": "No subscription required", "binaries": [ { "git-core": "1:1.9.1-1ubuntu0.3", "git-daemon-run": "1:1.9.1-1ubuntu0.3", "git-email": "1:1.9.1-1ubuntu0.3", "git-mediawiki": "1:1.9.1-1ubuntu0.3", "git": "1:1.9.1-1ubuntu0.3", "git-el": "1:1.9.1-1ubuntu0.3", "git-cvs": "1:1.9.1-1ubuntu0.3", "git-bzr": "1:1.9.1-1ubuntu0.3", "gitk": "1:1.9.1-1ubuntu0.3", "git-doc": "1:1.9.1-1ubuntu0.3", "git-arch": "1:1.9.1-1ubuntu0.3", "git-daemon-sysvinit": "1:1.9.1-1ubuntu0.3", "git-svn": "1:1.9.1-1ubuntu0.3", "git-gui": "1:1.9.1-1ubuntu0.3", "git-man": "1:1.9.1-1ubuntu0.3", "gitweb": "1:1.9.1-1ubuntu0.3", "git-all": "1:1.9.1-1ubuntu0.3" } ] }