MGASA-2019-0199

See a problem?
Please try reporting it to the source first.

Source

https://advisories.mageia.org/MGASA-2019-0199.html

Import Source

https://advisories.mageia.org/MGASA-2019-0199.json

JSON Data

https://api.test.osv.dev/v1/vulns/MGASA-2019-0199

Related

CVE-2018-19486

Published

2019-06-21T01:07:01Z

Modified

2019-06-21T00:32:44Z

Summary

Updated git packages fix security vulnerability

Details

Git before 2.19.2 on Linux and UNIX executes commands from the current working directory (as if '.' were at the end of $PATH) in certain cases involving the run_command() API and run-command.c, because there was a dangerous change from execvp to execv during 2017 (CVE-2018-19486).

References

https://advisories.mageia.org/MGASA-2019-0199.html
https://bugs.mageia.org/show_bug.cgi?id=24058

Credits

- Mageia - COORDINATOR
- - https://wiki.mageia.org/en/Packages_Security_Team

MGASA-2019-0199

Affected packages