[El-errata] ELSA-2017-2004 Moderate: Oracle Linux 7 git security and bug fix update

Errata Announcements for Oracle Linux el-errata at oss.oracle.com
Tue Aug 8 13:50:04 PDT 2017


Oracle Linux Security Advisory ELSA-2017-2004

http://linux.oracle.com/errata/ELSA-2017-2004.html

The following updated rpms for Oracle Linux 7 have been uploaded to the 
Unbreakable Linux Network:

x86_64:
emacs-git-1.8.3.1-11.el7.noarch.rpm
emacs-git-el-1.8.3.1-11.el7.noarch.rpm
git-1.8.3.1-11.el7.x86_64.rpm
git-all-1.8.3.1-11.el7.noarch.rpm
git-bzr-1.8.3.1-11.el7.noarch.rpm
git-cvs-1.8.3.1-11.el7.noarch.rpm
git-daemon-1.8.3.1-11.el7.x86_64.rpm
git-email-1.8.3.1-11.el7.noarch.rpm
git-gui-1.8.3.1-11.el7.noarch.rpm
git-hg-1.8.3.1-11.el7.noarch.rpm
git-p4-1.8.3.1-11.el7.noarch.rpm
git-svn-1.8.3.1-11.el7.x86_64.rpm
gitk-1.8.3.1-11.el7.noarch.rpm
gitweb-1.8.3.1-11.el7.noarch.rpm
perl-Git-1.8.3.1-11.el7.noarch.rpm
perl-Git-SVN-1.8.3.1-11.el7.noarch.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/git-1.8.3.1-11.el7.src.rpm



Description of changes:

[1.8.3.1-11]
- dissalow repo names beginning with dash
   Resolves: CVE-2017-8386

[-1.8.3.1-10]
- do not put unsanitized branch names in $PS1
   Resolves: CVE-2014-9938

[-1.8.3.1-9]
- add control of GSSAPI credential delegation to enable HTTP(S)-SSO
   authentication
   Resolves: #1369173

[1.8.3.1-8]
- remove needles check of xmalloc from previous patch
   Resolves: #1318255

[1.8.3.1-7]
- fix heap overflow CVE-2016-2315 CVE-2016-2324
   Resolves: #1318255





More information about the El-errata mailing list