Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Tue, 8 Dec 2015 07:47:21 -0700
From: Kurt Seifried <>
To: oss-security <>, CVE ID Requests <>
Subject: CVE for git issue - please use CVE-2015-7545

With apologies, I can't find the original in my mailbox (3+ months old) but
we've now shipped advisories, had several people ask and not gotten a CVE
yet so here it is:

CVE-2015-7545 Git: Some protocols (like git-remote-ext) can execute
arbitrary code found in the URL

The other HTTP redirect/protocol issues don't seem to be security issues
per se (unexpected/annoying yes, but I can't think of any real security


Kurt Seifried -- Red Hat -- Product Security -- Cloud
PGP A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993
Red Hat Product Security contact:

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ