--------------------------------------------------------------------------------
Fedora EPEL Update Notification
FEDORA-EPEL-2018-a9ac6a18d2
2018-10-27 15:55:33.335287
--------------------------------------------------------------------------------
Name : libgit2
Product : Fedora EPEL 7
Version : 0.26.7
Release : 1.el7
URL :
http://libgit2.github.com/
Summary : C implementation of the Git core methods as a library with a solid API
Description :
libgit2 is a portable, pure C implementation of the Git core methods
provided as a re-entrant linkable library with a solid API, allowing
you to write native speed custom Git applications in any language
with bindings.
--------------------------------------------------------------------------------
Update Information:
Update to 0.26.7 (CVE-2018-17456)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1636619 - CVE-2018-17456 git: arbitrary code execution via .gitmodules
https://bugzilla.redhat.com/show_bug.cgi?id=1636619
[ 2 ] Bug #1615585 - CVE-2018-15501 libgit2: out-of-bounds reads when processing
smart-protocol ng packets
https://bugzilla.redhat.com/show_bug.cgi?id=1615585
--------------------------------------------------------------------------------
This update can be installed with the "yum" update programs. Use
su -c 'yum update libgit2' at the command line.
For more information, refer to "YUM", available at
https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7\
/html/System_Administrators_Guide/ch-yum.html
All packages are signed with the Fedora EPEL GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------