This bug was fixed in the package git - 1:1.7.9.5-1ubuntu0.3 --------------- git (1:1.7.9.5-1ubuntu0.3) precise-security; urgency=medium
* SECURITY UPDATE: Fix denial of service or possible arbitrary remote code execution (LP: #1557787) - debian/diff/0023-CVE-2016-2315.patch: Be explicit about the amount of memory being copied - CVE-2016-2315 * SECURITY UPDATE: Fix denial of service or possible arbitrary remote code execution - debian/diff/0024-CVE-2016-2324.patch: Use the correct type and maximum size checks when calculating string lengths to prevent integer overflow - CVE-2016-2324 -- Tyler Hicks <tyhi...@canonical.com> Mon, 21 Mar 2016 09:44:42 -0500 ** Changed in: git (Ubuntu Precise) Status: Confirmed => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1557787 Title: client/server RCEs in path_name() To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/git/+bug/1557787/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs