SUSE-SU-2019:0024-1

Details

Description of the patch:

This update for libgit2 fixes the following issues:

Security issues fixed:

CVE-2018-19456: Fixed a code execution by malicious .gitmodules file (bsc#1110949)
various string-to-integer and buffer handling fixes (bsc#1114729).

Affected Packages

libgit2-24

SUSE Linux Enterprise Software Development Kit 12 SP3SUSE Linux Enterprise Software Development Kit 12 SP4SUSE Manager Server 3.1SUSE Manager Server 3.2

Fixed in:

0.24.1-7.9.1

References

ADVISORY

https://bugzilla.suse.com/1110949

ADVISORY

https://bugzilla.suse.com/1114729

ADVISORY

https://lists.suse.com/pipermail/sle-security-updates/2019-January/005019.html

ADVISORY

https://www.suse.com/security/cve/CVE-2018-19456/

WEB

https://www.suse.com/support/security/rating/

ADVISORY

https://www.suse.com/support/update/announcement/2019/suse-su-20190024-1/