[El-errata] ELSA-2017-2004 Moderate: Oracle Linux 7 git security and bug fix update
Errata Announcements for Oracle Linux
el-errata at oss.oracle.com
Tue Aug 8 13:50:04 PDT 2017
Oracle Linux Security Advisory ELSA-2017-2004
http://linux.oracle.com/errata/ELSA-2017-2004.html
The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:
x86_64:
emacs-git-1.8.3.1-11.el7.noarch.rpm
emacs-git-el-1.8.3.1-11.el7.noarch.rpm
git-1.8.3.1-11.el7.x86_64.rpm
git-all-1.8.3.1-11.el7.noarch.rpm
git-bzr-1.8.3.1-11.el7.noarch.rpm
git-cvs-1.8.3.1-11.el7.noarch.rpm
git-daemon-1.8.3.1-11.el7.x86_64.rpm
git-email-1.8.3.1-11.el7.noarch.rpm
git-gui-1.8.3.1-11.el7.noarch.rpm
git-hg-1.8.3.1-11.el7.noarch.rpm
git-p4-1.8.3.1-11.el7.noarch.rpm
git-svn-1.8.3.1-11.el7.x86_64.rpm
gitk-1.8.3.1-11.el7.noarch.rpm
gitweb-1.8.3.1-11.el7.noarch.rpm
perl-Git-1.8.3.1-11.el7.noarch.rpm
perl-Git-SVN-1.8.3.1-11.el7.noarch.rpm
SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/git-1.8.3.1-11.el7.src.rpm
Description of changes:
[1.8.3.1-11]
- dissalow repo names beginning with dash
Resolves: CVE-2017-8386
[-1.8.3.1-10]
- do not put unsanitized branch names in $PS1
Resolves: CVE-2014-9938
[-1.8.3.1-9]
- add control of GSSAPI credential delegation to enable HTTP(S)-SSO
authentication
Resolves: #1369173
[1.8.3.1-8]
- remove needles check of xmalloc from previous patch
Resolves: #1318255
[1.8.3.1-7]
- fix heap overflow CVE-2016-2315 CVE-2016-2324
Resolves: #1318255
More information about the El-errata
mailing list