SUSE-SU-2019:0024-1

Details

This update for libgit2 fixes the following issues:

Security issues fixed:

CVE-2018-19456: Fixed a code execution by malicious .gitmodules file (bsc#1110949)
various string-to-integer and buffer handling fixes (bsc#1114729).

Affected Packages

libgit2

SUSE Linux Enterprise Software Development Kit 12 SP3SUSE Linux Enterprise Software Development Kit 12 SP4SUSE Manager Server 3.1SUSE Manager Server 3.2

Fixed in:

0.24.1-7.9.1

libgit2-24

SUSE Linux Enterprise Software Development Kit 12 SP3SUSE Linux Enterprise Software Development Kit 12 SP4SUSE Manager Server 3.1SUSE Manager Server 3.2

Fixed in:

0.24.1-7.9.1

References

REPORT

https://bugzilla.suse.com/1110949

REPORT

https://bugzilla.suse.com/1114729

WEB

https://www.suse.com/security/cve/CVE-2018-19456

ADVISORY

https://www.suse.com/support/update/announcement/2019/suse-su-20190024-1/