Your message dated Sat, 19 Mar 2016 21:33:12 +0000
with message-id <e1ahoui-00006d...@franck.debian.org>
and subject line Bug#818318: fixed in git 1:1.7.10.4-1+wheezy3
has caused the Debian Bug report #818318,
regarding git: CVE-2016-2324 and CVE-2016-2315 (currently unpublished) server
and client RCE
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
818318: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=818318
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: git
Version: 1:2.7.0-1
Severity: grave
Tags: upstream security
Justification: user security hole
Dear Maintainer,
This was just posted:
http://seclists.org/oss-sec/2016/q1/645
Please upload 2.7.1 ASAP.
-- System Information:
Debian Release: stretch/sid
APT prefers testing
APT policy: (990, 'testing'), (500, 'stable'), (300, 'unstable'), (200,
'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 4.3.0-1-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_GB.utf8, LC_CTYPE=en_GB.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
Versions of packages git depends on:
ii git-man 1:2.7.0-1
ii libc6 2.21-9
ii libcurl3-gnutls 7.47.0-1
ii liberror-perl 0.17-1.2
ii libexpat1 2.1.0-7
ii libpcre3 2:8.38-3
ii perl-modules-5.22 [perl-modules] 5.22.1-8
ii zlib1g 1:1.2.8.dfsg-2+b1
Versions of packages git recommends:
ii less 481-2.1
ii openssh-client [ssh-client] 1:7.1p2-2
ii patch 2.7.5-1
ii rsync 3.1.1-3
Versions of packages git suggests:
ii gettext-base 0.19.7-2
ii git-arch 1:2.7.0-1
ii git-cvs 1:2.7.0-1
ii git-daemon-sysvinit 1:2.7.0-1
ii git-doc 1:2.7.0-1
ii git-el 1:2.7.0-1
ii git-email 1:2.7.0-1
ii git-gui 1:2.7.0-1
ii git-mediawiki 1:2.7.0-1
ii git-svn 1:2.7.0-1
ii gitk 1:2.7.0-1
ii gitweb 1:2.7.0-1
-- no debconf information
--- End Message ---
--- Begin Message ---
Source: git
Source-Version: 1:1.7.10.4-1+wheezy3
We believe that the bug you reported is fixed in the latest version of
git, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 818...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Salvatore Bonaccorso <car...@debian.org> (supplier of updated git package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Thu, 17 Mar 2016 21:48:34 +0100
Source: git
Binary: git git-man git-core git-doc git-arch git-cvs git-svn git-email
git-daemon-run git-daemon-sysvinit git-gui gitk git-el gitweb git-all
Architecture: source amd64 all
Version: 1:1.7.10.4-1+wheezy3
Distribution: wheezy-security
Urgency: high
Maintainer: Gerrit Pape <p...@smarden.org>
Changed-By: Salvatore Bonaccorso <car...@debian.org>
Description:
git - fast, scalable, distributed revision control system
git-all - fast, scalable, distributed revision control system (all subpacka
git-arch - fast, scalable, distributed revision control system (arch interop
git-core - fast, scalable, distributed revision control system (obsolete)
git-cvs - fast, scalable, distributed revision control system (cvs interope
git-daemon-run - fast, scalable, distributed revision control system
(git-daemon s
git-daemon-sysvinit - fast, scalable, distributed revision control system
(git-daemon s
git-doc - fast, scalable, distributed revision control system (documentatio
git-el - fast, scalable, distributed revision control system (emacs suppor
git-email - fast, scalable, distributed revision control system (email add-on
git-gui - fast, scalable, distributed revision control system (GUI)
git-man - fast, scalable, distributed revision control system (manual pages
git-svn - fast, scalable, distributed revision control system (svn interope
gitk - fast, scalable, distributed revision control system (revision tre
gitweb - fast, scalable, distributed revision control system (web interfac
Closes: 818318
Changes:
git (1:1.7.10.4-1+wheezy3) wheezy-security; urgency=high
.
* Non-maintainer upload by the Security Team.
* Fix remote code execution via buffer overflows (CVE-2016-2315,
CVE-2016-2324) (Closes: #818318)
Checksums-Sha1:
33788d8aa5cdb3580320548039ca2d916ca6e9b7 2633 git_1.7.10.4-1+wheezy3.dsc
e7586bfcc0e59136607fa6c5180305b4f0d67a48 517892 git_1.7.10.4-1+wheezy3.diff.gz
e3a02b37e4ce951002c6b62cdcb7184591e623e8 6688270
git_1.7.10.4-1+wheezy3_amd64.deb
4a9ec4ad79ea65387661a1e23c18519ce1d9c22c 2270342
git-doc_1.7.10.4-1+wheezy3_all.deb
ea777649577a586a1cb04f216e19bef554474354 464662
git-arch_1.7.10.4-1+wheezy3_all.deb
c8606caba8c128ea63c0116c203214ca9a375358 533274
git-cvs_1.7.10.4-1+wheezy3_all.deb
43a5f881ceb315d676071a3bc1389a4edc9a7cc3 520548
git-svn_1.7.10.4-1+wheezy3_all.deb
b61d5271eb018dc381efa386320c54272a1343ef 451460
git-daemon-run_1.7.10.4-1+wheezy3_all.deb
f8ea660afbdd8dab495a94ccb6ae118b3b95cada 452702
git-daemon-sysvinit_1.7.10.4-1+wheezy3_all.deb
d2a45af0a2b90c3a2c30b19f94ec7a6c32046fe0 470014
git-email_1.7.10.4-1+wheezy3_all.deb
45a45d5f2bdf6a22ca813f56da126161fef7bd45 728944
git-gui_1.7.10.4-1+wheezy3_all.deb
9de328311e1c13c07ef65bfbaa9ec1bea8290c2e 578638 gitk_1.7.10.4-1+wheezy3_all.deb
caa65c0766ae19d509fbfd2e94b556a3a694354c 453990
gitweb_1.7.10.4-1+wheezy3_all.deb
cf18b2cc0b6b46cee2ddc9f9971dce3ca2799662 449602
git-all_1.7.10.4-1+wheezy3_all.deb
5c6b71bfd6948fe5fe54163e9a5d4f2f2921985d 1342
git-core_1.7.10.4-1+wheezy3_all.deb
68ddde77d41fa2641ba285441d63b91b1872edfe 472650
git-el_1.7.10.4-1+wheezy3_all.deb
f3c1e75e2ce16ec5fb39c698636c2ce228ed56e9 1074930
git-man_1.7.10.4-1+wheezy3_all.deb
Checksums-Sha256:
98acd10098b85387ec4dbe8c680f220023d627cbf17950133ddb5d15820508ee 2633
git_1.7.10.4-1+wheezy3.dsc
7e116fd683aa6780e03f269c3ffbb33c0feeceeac467b07826481b73a2cd7096 517892
git_1.7.10.4-1+wheezy3.diff.gz
0fcb6ba7fe301375ab7c5e3d4d177e3e13c10311b227ffecbda84bd72ef725e3 6688270
git_1.7.10.4-1+wheezy3_amd64.deb
f838e4fe3c132401943652e441e3702cc0eca7be245b78184ff65e12be4770af 2270342
git-doc_1.7.10.4-1+wheezy3_all.deb
27b5e0b1675e362551db86a44a379d70db612372d9f92392e620c067c2ac82dc 464662
git-arch_1.7.10.4-1+wheezy3_all.deb
143ac0a2863779e198ea47855360fc368533b68ed257e7513821b38e8382e8b9 533274
git-cvs_1.7.10.4-1+wheezy3_all.deb
be725c83e6e868153e0d1ded558f41d1d5eb3329c903b3de83e30bf986cb6f87 520548
git-svn_1.7.10.4-1+wheezy3_all.deb
2c6e8d27505700a905f3752728f3d03643f8c3d29a0e8481199f6efc61b2e033 451460
git-daemon-run_1.7.10.4-1+wheezy3_all.deb
b8dd24c012dd886d67ccf1b38a00289784a8a91b8dee3e35d32b41cf6fe98471 452702
git-daemon-sysvinit_1.7.10.4-1+wheezy3_all.deb
cc6582de22968aa5a24ac5abf3255e2f63547e7dc66da5eb281c9edcf54fc608 470014
git-email_1.7.10.4-1+wheezy3_all.deb
3030d78bad2694c9111ea25a83994fc7edc0b0f06926c772d4b29ea2d48b1a74 728944
git-gui_1.7.10.4-1+wheezy3_all.deb
230c21e389f86226e4e3fd80a22ee903bbaa83b4121568b583b44f5f447016aa 578638
gitk_1.7.10.4-1+wheezy3_all.deb
4c0f15ad8068a91c3b1b5a5489c3a9ca8d28bdee3908575adebfeba678b7b417 453990
gitweb_1.7.10.4-1+wheezy3_all.deb
3b468c789b5e67ec856e5bda089a03241d2b54612143acd918c8c6e4c8b7f1bf 449602
git-all_1.7.10.4-1+wheezy3_all.deb
902cce33a97abee4b4fcf7be2b170a25f64d83a94dde48d0299cade74681fe3b 1342
git-core_1.7.10.4-1+wheezy3_all.deb
750f773046164bea7a040beb58ed220a537273f456a6f9676e47407a23a512c6 472650
git-el_1.7.10.4-1+wheezy3_all.deb
f77339c426a60223f3b28afcded3cdf1827cf1bf46b22a3bb3d370bee2a96bec 1074930
git-man_1.7.10.4-1+wheezy3_all.deb
Files:
6e8ac2a8775bfc09dbd9eea521123347 2633 vcs optional git_1.7.10.4-1+wheezy3.dsc
62a78d51b9b4b85978b1e5a3f3410bf6 517892 vcs optional
git_1.7.10.4-1+wheezy3.diff.gz
4644fefc807d02fd131ac6efc4eced68 6688270 vcs optional
git_1.7.10.4-1+wheezy3_amd64.deb
08d777dd55a57fa59b2647bfb43ca5d1 2270342 doc optional
git-doc_1.7.10.4-1+wheezy3_all.deb
1d2b195dcbf7a22026f7e0406bd6a55d 464662 vcs optional
git-arch_1.7.10.4-1+wheezy3_all.deb
56f3c74b652f08a34f275d3b653af80f 533274 vcs optional
git-cvs_1.7.10.4-1+wheezy3_all.deb
052158651e12d4f5a982291a743fb703 520548 vcs optional
git-svn_1.7.10.4-1+wheezy3_all.deb
d16d12bcdc45f61e7b989ef35486fb01 451460 vcs optional
git-daemon-run_1.7.10.4-1+wheezy3_all.deb
d95c9b0f444c8df132752156d604dc0a 452702 vcs extra
git-daemon-sysvinit_1.7.10.4-1+wheezy3_all.deb
d57e10355ea0aede5ca1eba3e5738dfa 470014 vcs optional
git-email_1.7.10.4-1+wheezy3_all.deb
711036100523ac537db2d6569f8277c9 728944 vcs optional
git-gui_1.7.10.4-1+wheezy3_all.deb
31594cb385fa040d29ef1ba88bbd0cfb 578638 vcs optional
gitk_1.7.10.4-1+wheezy3_all.deb
469f110f6de2557816bfbf12e16a0362 453990 vcs optional
gitweb_1.7.10.4-1+wheezy3_all.deb
017e44320940d350ee87488cd7b4af09 449602 vcs optional
git-all_1.7.10.4-1+wheezy3_all.deb
4c6ce41b988e09b787dc325e1997913b 1342 vcs optional
git-core_1.7.10.4-1+wheezy3_all.deb
605f84fc7787af97362f231ca7eaeb41 472650 vcs optional
git-el_1.7.10.4-1+wheezy3_all.deb
95cd8fe21e469685c854005059d1f35e 1074930 doc optional
git-man_1.7.10.4-1+wheezy3_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAEBCgAGBQJW7U1YAAoJEAVMuPMTQ89E/vMP+gMO59lmBrNCKLIX/9jxgNYh
1IfvINGsulIQ7XLXsJwH1+9FgIF4ATiDtmnfIV/OoTEG3ZSuPA4vmx8tg0AUwRY9
rgR+GhFcT6opL0WixQOo8sy4jMvMZMGaCflFA7gQjL0KnsXDkwHI2pv8TqpVdS1S
APhGGIK12KU5v1MdfLoysqWj5wt0lDa6zFjQfn+qP6Dv0Ka5bTNf5/sJn9STxBQE
R4dO+r2tgaEQhlikHZeATH35IckedREf37+5tayHHXz3M5utRHugvjEFmABfG10Y
+3T/Hy2Cy27ab7XUn35LYp3MbfKthHCd50PIjlDOHcgIY6iiXB2GOg57YqX2HlPr
AIn66WidfbyxOE2xPKZeTodXoshi72TkGLjHvvp/RuF9esJmfNabd7t23f1MiQgs
ex3e+wX0byUtNz5gmAzeyz6TbU2tSB9BGs5gPxAp/LRE1nGTWzKJ7DIndZ/lhbjZ
OEJgYweLWBn5AQfG2T8sZdT30PDQDwv+rBoJjUo8bI/R/l3e3oqAUQ8gk6Ad5E/O
P9bf8gbpvK+KqVe3aI7+8iUddMpPSPPYw0wVoaRQobwvjdlRQYUi4+sRsFjlmFPg
ZBmXet1cly69CxfZTKIuXNzkawUBxZ8q5QJwlCzMooXgWTjmsYERlhLjJDEwmyhu
QtF73l4MfR68XaSmeaay
=PBGP
-----END PGP SIGNATURE-----
--- End Message ---