Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Thu, 7 Aug 2008 16:40:56 -0400 (EDT)
From: "Steven M. Christey" <>
Subject: Re: CVE id request: git

Name: CVE-2008-3546
Status: Candidate
Reference: MLIST:[git] 20080716 [PATCH] Fix buffer overflow in git diff
Reference: URL:
Reference: CONFIRM:
Reference: BID:30549
Reference: URL:
Reference: FRSIRT:ADV-2008-2306
Reference: URL:
Reference: SECTRACK:1020627
Reference: URL:
Reference: SECUNIA:31347
Reference: URL:

Stack-based buffer overflow in the (1) diff_addremove and (2)
diff_change functions in GIT before might allow local users to
execute arbitrary code via a PATH whose length is larger than the
system's PATH_MAX when running GIT utilities such as git-diff or

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.