Debian: New git-core packages fix buffer overflow

09-15-2008

Registered User

26,240, 27

Join Date: Sep 2000

Last Activity: 1 August 2008, 3:09 PM EDT

Posts: 26,240

Thanks Given: 0

Thanked 27 Times in 26 Posts

Debian: New git-core packages fix buffer overflow

LinuxSecurity.com: Multiple vulnerabilities have been identified in git-core, the core of the git distributed revision control system. Improper path length limitations in git's diff and grep functions, in combination with maliciously crafted repositories or changes, could enable a stack buffer overflow and potentially the execution of arbitrary code.

More...

Linux Bot

View Public Profile for Linux Bot

Find all posts by Linux Bot

GIT-PATCH-ID(1) Git Manual GIT-PATCH-ID(1) NAME
git-patch-id - Compute unique ID for a patch SYNOPSIS
git patch-id < <patch> DESCRIPTION
A "patch ID" is nothing but a SHA1 of the diff associated with a patch, with whitespace and line numbers ignored. As such, it's "reasonably stable", but at the same time also reasonably unique, i.e., two patches that have the same "patch ID" are almost guaranteed to be the same thing. IOW, you can use this thing to look for likely duplicate commits. When dealing with git diff-tree output, it takes advantage of the fact that the patch is prefixed with the object name of the commit, and outputs two 40-byte hexadecimal strings. The first string is the patch ID, and the second string is the commit ID. This can be used to make a mapping from patch ID to commit ID. OPTIONS
<patch> The diff to create the ID of. AUTHOR
Written by Linus Torvalds <torvalds@osdl.org[1]> DOCUMENTATION
Documentation by Junio C Hamano and the git-list <git@vger.kernel.org[2]>. GIT
Part of the git(1) suite NOTES
1. torvalds@osdl.org mailto:torvalds@osdl.org 2. git@vger.kernel.org mailto:git@vger.kernel.org Git 1.7.1 07/05/2010 GIT-PATCH-ID(1)

Security Advisories (RSS)

Debian: New git-core packages fix buffer overflow

LEARN ABOUT SUSE

git-patch-id