Date: Mon, 19 Jan 2009 21:57:03 +0100 From: Florian Weimer <fw@...eb.enyo.de> To: oss-security@...ts.openwall.com Cc: coley@...us.mitre.org Subject: Re: CVE request -- git * Florian Weimer: > could you please assign a CVE for this bug: > > | Current gitweb has a possible local privilege escalation bug that allows a > | malicious repository owner to run a command of his choice by specifying > | diff.external configuration variable in his repository and running a > | crafted gitweb query. > | > | [...] Maintenance release v184.108.40.206, v220.127.116.11, v18.104.22.168 and v22.214.171.124 > | are already available at k.org (see the announcement for v126.96.36.199 I > | sent out a few minutes ago), and the master branch and others pushed > | out tonight have the same fix. [...] > > <http://marc.info/?l=git&m=122975564100860&w=2> Nerver mind, Novell used CVE-2008-5517 for this. Here's our bug summary (the CVE description is somewhat misleading, I think): | Local users with write access to the configuration of a Git repository | served by gitweb could cause gitweb to execute arbitrary shell commands | with the permission of the web server (CVE-2008-5517). In DSA-1708-1, we use CVE-2008-5516 for these issues: http://repo.or.cz/w/git.git?a=commitdiff;h=516381d5 http://repo.or.cz/w/git.git?a=commitdiff;h=c582abae These have been fixed silently quite some time ago (in 1.5.6 and 1.5.5, respectively). (For editorial reasons, the changelog in our DSA contains the previous CVE assignment.)
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.