ID CVE-2019-1387
Summary An issue was found in Git before v2.24.1, v2.23.1, v2.22.2, v2.21.1, v2.20.2, v2.19.3, v2.18.2, v2.17.3, v2.16.6, v2.15.4, and v2.14.6. Recursive clones are currently affected by a vulnerability that is caused by too-lax validation of submodule names, allowing very targeted attacks via remote code execution in recursive clones.
References
Vulnerable Configurations
  • cpe:2.3:a:git-scm:git:2.14.0:*:*:*:*:*:*:*
    cpe:2.3:a:git-scm:git:2.14.0:*:*:*:*:*:*:*
  • cpe:2.3:a:git-scm:git:2.14.0:rc0:*:*:*:*:*:*
    cpe:2.3:a:git-scm:git:2.14.0:rc0:*:*:*:*:*:*
  • cpe:2.3:a:git-scm:git:2.14.0:rc1:*:*:*:*:*:*
    cpe:2.3:a:git-scm:git:2.14.0:rc1:*:*:*:*:*:*
  • cpe:2.3:a:git-scm:git:2.14.1:*:*:*:*:*:*:*
    cpe:2.3:a:git-scm:git:2.14.1:*:*:*:*:*:*:*
  • cpe:2.3:a:git-scm:git:2.14.2:*:*:*:*:*:*:*
    cpe:2.3:a:git-scm:git:2.14.2:*:*:*:*:*:*:*
  • cpe:2.3:a:git-scm:git:2.14.3:*:*:*:*:*:*:*
    cpe:2.3:a:git-scm:git:2.14.3:*:*:*:*:*:*:*
  • cpe:2.3:a:git-scm:git:2.14.4:*:*:*:*:*:*:*
    cpe:2.3:a:git-scm:git:2.14.4:*:*:*:*:*:*:*
  • cpe:2.3:a:git-scm:git:2.14.5:*:*:*:*:*:*:*
    cpe:2.3:a:git-scm:git:2.14.5:*:*:*:*:*:*:*
  • cpe:2.3:a:git-scm:git:2.15.0:*:*:*:*:*:*:*
    cpe:2.3:a:git-scm:git:2.15.0:*:*:*:*:*:*:*
  • cpe:2.3:a:git-scm:git:2.15.0:-:*:*:*:*:*:*
    cpe:2.3:a:git-scm:git:2.15.0:-:*:*:*:*:*:*
  • cpe:2.3:a:git-scm:git:2.15.0:rc0:*:*:*:*:*:*
    cpe:2.3:a:git-scm:git:2.15.0:rc0:*:*:*:*:*:*
  • cpe:2.3:a:git-scm:git:2.15.0:rc1:*:*:*:*:*:*
    cpe:2.3:a:git-scm:git:2.15.0:rc1:*:*:*:*:*:*
  • cpe:2.3:a:git-scm:git:2.15.0:rc2:*:*:*:*:*:*
    cpe:2.3:a:git-scm:git:2.15.0:rc2:*:*:*:*:*:*
  • cpe:2.3:a:git-scm:git:2.15.1:*:*:*:*:*:*:*
    cpe:2.3:a:git-scm:git:2.15.1:*:*:*:*:*:*:*
  • cpe:2.3:a:git-scm:git:2.15.2:*:*:*:*:*:*:*
    cpe:2.3:a:git-scm:git:2.15.2:*:*:*:*:*:*:*
  • cpe:2.3:a:git-scm:git:2.15.3:*:*:*:*:*:*:*
    cpe:2.3:a:git-scm:git:2.15.3:*:*:*:*:*:*:*
  • cpe:2.3:a:git-scm:git:2.16.0:*:*:*:*:*:*:*
    cpe:2.3:a:git-scm:git:2.16.0:*:*:*:*:*:*:*
  • cpe:2.3:a:git-scm:git:2.16.0:rc0:*:*:*:*:*:*
    cpe:2.3:a:git-scm:git:2.16.0:rc0:*:*:*:*:*:*
  • cpe:2.3:a:git-scm:git:2.16.0:rc1:*:*:*:*:*:*
    cpe:2.3:a:git-scm:git:2.16.0:rc1:*:*:*:*:*:*
  • cpe:2.3:a:git-scm:git:2.16.0:rc2:*:*:*:*:*:*
    cpe:2.3:a:git-scm:git:2.16.0:rc2:*:*:*:*:*:*
  • cpe:2.3:a:git-scm:git:2.16.1:*:*:*:*:*:*:*
    cpe:2.3:a:git-scm:git:2.16.1:*:*:*:*:*:*:*
  • cpe:2.3:a:git-scm:git:2.16.2:*:*:*:*:*:*:*
    cpe:2.3:a:git-scm:git:2.16.2:*:*:*:*:*:*:*
  • cpe:2.3:a:git-scm:git:2.16.3:*:*:*:*:*:*:*
    cpe:2.3:a:git-scm:git:2.16.3:*:*:*:*:*:*:*
  • cpe:2.3:a:git-scm:git:2.16.4:*:*:*:*:*:*:*
    cpe:2.3:a:git-scm:git:2.16.4:*:*:*:*:*:*:*
  • cpe:2.3:a:git-scm:git:2.16.5:*:*:*:*:*:*:*
    cpe:2.3:a:git-scm:git:2.16.5:*:*:*:*:*:*:*
  • cpe:2.3:a:git-scm:git:2.17.0:*:*:*:*:*:*:*
    cpe:2.3:a:git-scm:git:2.17.0:*:*:*:*:*:*:*
  • cpe:2.3:a:git-scm:git:2.17.0:rc0:*:*:*:*:*:*
    cpe:2.3:a:git-scm:git:2.17.0:rc0:*:*:*:*:*:*
  • cpe:2.3:a:git-scm:git:2.17.0:rc1:*:*:*:*:*:*
    cpe:2.3:a:git-scm:git:2.17.0:rc1:*:*:*:*:*:*
  • cpe:2.3:a:git-scm:git:2.17.0:rc2:*:*:*:*:*:*
    cpe:2.3:a:git-scm:git:2.17.0:rc2:*:*:*:*:*:*
  • cpe:2.3:a:git-scm:git:2.17.1:*:*:*:*:*:*:*
    cpe:2.3:a:git-scm:git:2.17.1:*:*:*:*:*:*:*
  • cpe:2.3:a:git-scm:git:2.17.2:*:*:*:*:*:*:*
    cpe:2.3:a:git-scm:git:2.17.2:*:*:*:*:*:*:*
  • cpe:2.3:a:git-scm:git:2.18.0:*:*:*:*:*:*:*
    cpe:2.3:a:git-scm:git:2.18.0:*:*:*:*:*:*:*
  • cpe:2.3:a:git-scm:git:2.18.0:-:*:*:*:*:*:*
    cpe:2.3:a:git-scm:git:2.18.0:-:*:*:*:*:*:*
  • cpe:2.3:a:git-scm:git:2.18.0:rc0:*:*:*:*:*:*
    cpe:2.3:a:git-scm:git:2.18.0:rc0:*:*:*:*:*:*
  • cpe:2.3:a:git-scm:git:2.18.0:rc1:*:*:*:*:*:*
    cpe:2.3:a:git-scm:git:2.18.0:rc1:*:*:*:*:*:*
  • cpe:2.3:a:git-scm:git:2.18.0:rc2:*:*:*:*:*:*
    cpe:2.3:a:git-scm:git:2.18.0:rc2:*:*:*:*:*:*
  • cpe:2.3:a:git-scm:git:2.18.1:*:*:*:*:*:*:*
    cpe:2.3:a:git-scm:git:2.18.1:*:*:*:*:*:*:*
  • cpe:2.3:a:git-scm:git:2.19.0:*:*:*:*:*:*:*
    cpe:2.3:a:git-scm:git:2.19.0:*:*:*:*:*:*:*
  • cpe:2.3:a:git-scm:git:2.19.0:-:*:*:*:*:*:*
    cpe:2.3:a:git-scm:git:2.19.0:-:*:*:*:*:*:*
  • cpe:2.3:a:git-scm:git:2.19.0:rc0:*:*:*:*:*:*
    cpe:2.3:a:git-scm:git:2.19.0:rc0:*:*:*:*:*:*
  • cpe:2.3:a:git-scm:git:2.19.0:rc1:*:*:*:*:*:*
    cpe:2.3:a:git-scm:git:2.19.0:rc1:*:*:*:*:*:*
  • cpe:2.3:a:git-scm:git:2.19.0:rc2:*:*:*:*:*:*
    cpe:2.3:a:git-scm:git:2.19.0:rc2:*:*:*:*:*:*
  • cpe:2.3:a:git-scm:git:2.19.1:*:*:*:*:*:*:*
    cpe:2.3:a:git-scm:git:2.19.1:*:*:*:*:*:*:*
  • cpe:2.3:a:git-scm:git:2.19.2:*:*:*:*:*:*:*
    cpe:2.3:a:git-scm:git:2.19.2:*:*:*:*:*:*:*
  • cpe:2.3:a:git-scm:git:2.20.0:*:*:*:*:*:*:*
    cpe:2.3:a:git-scm:git:2.20.0:*:*:*:*:*:*:*
  • cpe:2.3:a:git-scm:git:2.20.0:rc0:*:*:*:*:*:*
    cpe:2.3:a:git-scm:git:2.20.0:rc0:*:*:*:*:*:*
  • cpe:2.3:a:git-scm:git:2.20.0:rc1:*:*:*:*:*:*
    cpe:2.3:a:git-scm:git:2.20.0:rc1:*:*:*:*:*:*
  • cpe:2.3:a:git-scm:git:2.20.0:rc2:*:*:*:*:*:*
    cpe:2.3:a:git-scm:git:2.20.0:rc2:*:*:*:*:*:*
  • cpe:2.3:a:git-scm:git:2.20.1:*:*:*:*:*:*:*
    cpe:2.3:a:git-scm:git:2.20.1:*:*:*:*:*:*:*
  • cpe:2.3:a:git-scm:git:2.22.0:*:*:*:*:*:*:*
    cpe:2.3:a:git-scm:git:2.22.0:*:*:*:*:*:*:*
  • cpe:2.3:a:git-scm:git:2.22.1:*:*:*:*:*:*:*
    cpe:2.3:a:git-scm:git:2.22.1:*:*:*:*:*:*:*
  • cpe:2.3:a:git-scm:git:2.21.0:*:*:*:*:*:*:*
    cpe:2.3:a:git-scm:git:2.21.0:*:*:*:*:*:*:*
  • cpe:2.3:a:git-scm:git:2.23.0:*:*:*:*:*:*:*
    cpe:2.3:a:git-scm:git:2.23.0:*:*:*:*:*:*:*
  • cpe:2.3:a:git-scm:git:2.24.0:*:*:*:*:*:*:*
    cpe:2.3:a:git-scm:git:2.24.0:*:*:*:*:*:*:*
CVSS
Base: 6.8 (as of 26-06-2024 - 10:15)
Impact:
Exploitability:
CWE NVD-CWE-noinfo
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:N/AC:M/Au:N/C:P/I:P/A:P
redhat via4
advisories
  • bugzilla
    id 1781963
    title CVE-2019-1352 git: Files inside the .git directory may be overwritten during cloning via NTFS Alternate Data Streams
    oval
    OR
    • comment Red Hat Enterprise Linux must be installed
      oval oval:com.redhat.rhba:tst:20070304026
    • AND
      • comment Red Hat Enterprise Linux 8 is installed
        oval oval:com.redhat.rhba:tst:20193384074
      • OR
        • AND
          • comment git is earlier than 0:2.18.2-1.el8_1
            oval oval:com.redhat.rhsa:tst:20194356001
          • comment git is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20101003006
        • AND
          • comment git-all is earlier than 0:2.18.2-1.el8_1
            oval oval:com.redhat.rhsa:tst:20194356003
          • comment git-all is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20101003008
        • AND
          • comment git-core is earlier than 0:2.18.2-1.el8_1
            oval oval:com.redhat.rhsa:tst:20194356005
          • comment git-core is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20194356006
        • AND
          • comment git-core-doc is earlier than 0:2.18.2-1.el8_1
            oval oval:com.redhat.rhsa:tst:20194356007
          • comment git-core-doc is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20194356008
        • AND
          • comment git-daemon is earlier than 0:2.18.2-1.el8_1
            oval oval:com.redhat.rhsa:tst:20194356009
          • comment git-daemon is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20101003012
        • AND
          • comment git-debugsource is earlier than 0:2.18.2-1.el8_1
            oval oval:com.redhat.rhsa:tst:20194356011
          • comment git-debugsource is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20194356012
        • AND
          • comment git-email is earlier than 0:2.18.2-1.el8_1
            oval oval:com.redhat.rhsa:tst:20194356013
          • comment git-email is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20101003014
        • AND
          • comment git-gui is earlier than 0:2.18.2-1.el8_1
            oval oval:com.redhat.rhsa:tst:20194356015
          • comment git-gui is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20101003016
        • AND
          • comment git-instaweb is earlier than 0:2.18.2-1.el8_1
            oval oval:com.redhat.rhsa:tst:20194356017
          • comment git-instaweb is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20183408024
        • AND
          • comment git-subtree is earlier than 0:2.18.2-1.el8_1
            oval oval:com.redhat.rhsa:tst:20194356019
          • comment git-subtree is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20194356020
        • AND
          • comment git-svn is earlier than 0:2.18.2-1.el8_1
            oval oval:com.redhat.rhsa:tst:20194356021
          • comment git-svn is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20101003018
        • AND
          • comment gitk is earlier than 0:2.18.2-1.el8_1
            oval oval:com.redhat.rhsa:tst:20194356023
          • comment gitk is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20101003020
        • AND
          • comment gitweb is earlier than 0:2.18.2-1.el8_1
            oval oval:com.redhat.rhsa:tst:20194356025
          • comment gitweb is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20101003022
        • AND
          • comment perl-Git is earlier than 0:2.18.2-1.el8_1
            oval oval:com.redhat.rhsa:tst:20194356027
          • comment perl-Git is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20101003024
        • AND
          • comment perl-Git-SVN is earlier than 0:2.18.2-1.el8_1
            oval oval:com.redhat.rhsa:tst:20194356029
          • comment perl-Git-SVN is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20152561032
    rhsa
    id RHSA-2019:4356
    released 2019-12-19
    severity Important
    title RHSA-2019:4356: git security update (Important)
  • bugzilla
    id 1781127
    title CVE-2019-1387 git: Remote code execution in recursive clones with nested submodules
    oval
    OR
    • comment Red Hat Enterprise Linux must be installed
      oval oval:com.redhat.rhba:tst:20070304026
    • AND
      • comment Red Hat Enterprise Linux 7 is installed
        oval oval:com.redhat.rhba:tst:20150364027
      • OR
        • AND
          • comment emacs-git is earlier than 0:1.8.3.1-21.el7_7
            oval oval:com.redhat.rhsa:tst:20200124001
          • comment emacs-git is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20101003002
        • AND
          • comment emacs-git-el is earlier than 0:1.8.3.1-21.el7_7
            oval oval:com.redhat.rhsa:tst:20200124003
          • comment emacs-git-el is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20101003004
        • AND
          • comment git is earlier than 0:1.8.3.1-21.el7_7
            oval oval:com.redhat.rhsa:tst:20200124005
          • comment git is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20101003006
        • AND
          • comment git-all is earlier than 0:1.8.3.1-21.el7_7
            oval oval:com.redhat.rhsa:tst:20200124007
          • comment git-all is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20101003008
        • AND
          • comment git-bzr is earlier than 0:1.8.3.1-21.el7_7
            oval oval:com.redhat.rhsa:tst:20200124009
          • comment git-bzr is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20152561010
        • AND
          • comment git-cvs is earlier than 0:1.8.3.1-21.el7_7
            oval oval:com.redhat.rhsa:tst:20200124011
          • comment git-cvs is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20101003010
        • AND
          • comment git-daemon is earlier than 0:1.8.3.1-21.el7_7
            oval oval:com.redhat.rhsa:tst:20200124013
          • comment git-daemon is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20101003012
        • AND
          • comment git-email is earlier than 0:1.8.3.1-21.el7_7
            oval oval:com.redhat.rhsa:tst:20200124015
          • comment git-email is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20101003014
        • AND
          • comment git-gnome-keyring is earlier than 0:1.8.3.1-21.el7_7
            oval oval:com.redhat.rhsa:tst:20200124017
          • comment git-gnome-keyring is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20183408018
        • AND
          • comment git-gui is earlier than 0:1.8.3.1-21.el7_7
            oval oval:com.redhat.rhsa:tst:20200124019
          • comment git-gui is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20101003016
        • AND
          • comment git-hg is earlier than 0:1.8.3.1-21.el7_7
            oval oval:com.redhat.rhsa:tst:20200124021
          • comment git-hg is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20152561020
        • AND
          • comment git-instaweb is earlier than 0:1.8.3.1-21.el7_7
            oval oval:com.redhat.rhsa:tst:20200124023
          • comment git-instaweb is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20183408024
        • AND
          • comment git-p4 is earlier than 0:1.8.3.1-21.el7_7
            oval oval:com.redhat.rhsa:tst:20200124025
          • comment git-p4 is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20152561022
        • AND
          • comment git-svn is earlier than 0:1.8.3.1-21.el7_7
            oval oval:com.redhat.rhsa:tst:20200124027
          • comment git-svn is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20101003018
        • AND
          • comment gitk is earlier than 0:1.8.3.1-21.el7_7
            oval oval:com.redhat.rhsa:tst:20200124029
          • comment gitk is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20101003020
        • AND
          • comment gitweb is earlier than 0:1.8.3.1-21.el7_7
            oval oval:com.redhat.rhsa:tst:20200124031
          • comment gitweb is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20101003022
        • AND
          • comment perl-Git is earlier than 0:1.8.3.1-21.el7_7
            oval oval:com.redhat.rhsa:tst:20200124033
          • comment perl-Git is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20101003024
        • AND
          • comment perl-Git-SVN is earlier than 0:1.8.3.1-21.el7_7
            oval oval:com.redhat.rhsa:tst:20200124035
          • comment perl-Git-SVN is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20152561032
    rhsa
    id RHSA-2020:0124
    released 2020-01-16
    severity Important
    title RHSA-2020:0124: git security update (Important)
  • rhsa
    id RHSA-2020:0002
  • rhsa
    id RHSA-2020:0228
rpms
  • git-0:2.18.2-1.el8_1
  • git-all-0:2.18.2-1.el8_1
  • git-core-0:2.18.2-1.el8_1
  • git-core-debuginfo-0:2.18.2-1.el8_1
  • git-core-doc-0:2.18.2-1.el8_1
  • git-daemon-0:2.18.2-1.el8_1
  • git-daemon-debuginfo-0:2.18.2-1.el8_1
  • git-debuginfo-0:2.18.2-1.el8_1
  • git-debugsource-0:2.18.2-1.el8_1
  • git-email-0:2.18.2-1.el8_1
  • git-gui-0:2.18.2-1.el8_1
  • git-instaweb-0:2.18.2-1.el8_1
  • git-subtree-0:2.18.2-1.el8_1
  • git-svn-0:2.18.2-1.el8_1
  • git-svn-debuginfo-0:2.18.2-1.el8_1
  • gitk-0:2.18.2-1.el8_1
  • gitweb-0:2.18.2-1.el8_1
  • perl-Git-0:2.18.2-1.el8_1
  • perl-Git-SVN-0:2.18.2-1.el8_1
  • rh-git218-git-0:2.18.2-1.el7
  • rh-git218-git-all-0:2.18.2-1.el7
  • rh-git218-git-core-0:2.18.2-1.el7
  • rh-git218-git-core-doc-0:2.18.2-1.el7
  • rh-git218-git-cvs-0:2.18.2-1.el7
  • rh-git218-git-daemon-0:2.18.2-1.el7
  • rh-git218-git-debuginfo-0:2.18.2-1.el7
  • rh-git218-git-email-0:2.18.2-1.el7
  • rh-git218-git-gui-0:2.18.2-1.el7
  • rh-git218-git-instaweb-0:2.18.2-1.el7
  • rh-git218-git-p4-0:2.18.2-1.el7
  • rh-git218-git-subtree-0:2.18.2-1.el7
  • rh-git218-git-svn-0:2.18.2-1.el7
  • rh-git218-gitk-0:2.18.2-1.el7
  • rh-git218-gitweb-0:2.18.2-1.el7
  • rh-git218-perl-Git-0:2.18.2-1.el7
  • rh-git218-perl-Git-SVN-0:2.18.2-1.el7
  • emacs-git-0:1.8.3.1-21.el7_7
  • emacs-git-el-0:1.8.3.1-21.el7_7
  • git-0:1.8.3.1-21.el7_7
  • git-all-0:1.8.3.1-21.el7_7
  • git-bzr-0:1.8.3.1-21.el7_7
  • git-cvs-0:1.8.3.1-21.el7_7
  • git-daemon-0:1.8.3.1-21.el7_7
  • git-debuginfo-0:1.8.3.1-21.el7_7
  • git-email-0:1.8.3.1-21.el7_7
  • git-gnome-keyring-0:1.8.3.1-21.el7_7
  • git-gui-0:1.8.3.1-21.el7_7
  • git-hg-0:1.8.3.1-21.el7_7
  • git-instaweb-0:1.8.3.1-21.el7_7
  • git-p4-0:1.8.3.1-21.el7_7
  • git-svn-0:1.8.3.1-21.el7_7
  • gitk-0:1.8.3.1-21.el7_7
  • gitweb-0:1.8.3.1-21.el7_7
  • perl-Git-0:1.8.3.1-21.el7_7
  • perl-Git-SVN-0:1.8.3.1-21.el7_7
  • git-0:2.18.2-1.el8_0
  • git-all-0:2.18.2-1.el8_0
  • git-core-0:2.18.2-1.el8_0
  • git-core-debuginfo-0:2.18.2-1.el8_0
  • git-core-doc-0:2.18.2-1.el8_0
  • git-daemon-0:2.18.2-1.el8_0
  • git-daemon-debuginfo-0:2.18.2-1.el8_0
  • git-debuginfo-0:2.18.2-1.el8_0
  • git-debugsource-0:2.18.2-1.el8_0
  • git-email-0:2.18.2-1.el8_0
  • git-gui-0:2.18.2-1.el8_0
  • git-instaweb-0:2.18.2-1.el8_0
  • git-subtree-0:2.18.2-1.el8_0
  • git-svn-0:2.18.2-1.el8_0
  • git-svn-debuginfo-0:2.18.2-1.el8_0
  • gitk-0:2.18.2-1.el8_0
  • gitweb-0:2.18.2-1.el8_0
  • perl-Git-0:2.18.2-1.el8_0
  • perl-Git-SVN-0:2.18.2-1.el8_0
refmap via4
confirm https://lore.kernel.org/git/xmqqr21cqcn9.fsf@gitster-ct.c.googlers.com/T/#u
fedora FEDORA-2019-1cec196e20
gentoo
  • GLSA-202003-30
  • GLSA-202003-42
misc https://public-inbox.org/git/xmqqr21cqcn9.fsf@gitster-ct.c.googlers.com/
mlist [debian-lts-announce] 20200123 [SECURITY] [DLA 2059-1] git security update
suse
  • openSUSE-SU-2020:0123
  • openSUSE-SU-2020:0598
Last major update 26-06-2024 - 10:15
Published 18-12-2019 - 21:15
Last modified 26-06-2024 - 10:15
Back to Top