Git through 2.14.2 mishandles layers of tree objects, which allows remote attackers to cause a denial of service (memory consumption) via a crafted repository, aka a Git bomb. This can also have an impact of disk consumption; however, an affected process typically would not survive its attempt to build the data structure in memory before writing to disk.
{ "availability": "No subscription required", "ubuntu_priority": "low", "binaries": [ { "git-core": "1:1.9.1-1ubuntu0.10", "git-daemon-run": "1:1.9.1-1ubuntu0.10", "git-email": "1:1.9.1-1ubuntu0.10", "git-mediawiki": "1:1.9.1-1ubuntu0.10", "git": "1:1.9.1-1ubuntu0.10", "git-el": "1:1.9.1-1ubuntu0.10", "git-cvs": "1:1.9.1-1ubuntu0.10", "git-bzr": "1:1.9.1-1ubuntu0.10", "gitk": "1:1.9.1-1ubuntu0.10", "git-doc": "1:1.9.1-1ubuntu0.10", "git-arch": "1:1.9.1-1ubuntu0.10", "git-daemon-sysvinit": "1:1.9.1-1ubuntu0.10", "git-svn": "1:1.9.1-1ubuntu0.10", "git-gui": "1:1.9.1-1ubuntu0.10", "git-man": "1:1.9.1-1ubuntu0.10", "gitweb": "1:1.9.1-1ubuntu0.10", "git-all": "1:1.9.1-1ubuntu0.10" } ] }
{ "availability": "No subscription required", "ubuntu_priority": "low", "binaries": [ { "git-core": "1:2.7.4-0ubuntu1.6", "git-daemon-run": "1:2.7.4-0ubuntu1.6", "git-email": "1:2.7.4-0ubuntu1.6", "git-mediawiki": "1:2.7.4-0ubuntu1.6", "git": "1:2.7.4-0ubuntu1.6", "git-el": "1:2.7.4-0ubuntu1.6", "git-cvs": "1:2.7.4-0ubuntu1.6", "git-doc": "1:2.7.4-0ubuntu1.6", "gitk": "1:2.7.4-0ubuntu1.6", "git-arch": "1:2.7.4-0ubuntu1.6", "git-daemon-sysvinit": "1:2.7.4-0ubuntu1.6", "git-svn": "1:2.7.4-0ubuntu1.6", "git-gui": "1:2.7.4-0ubuntu1.6", "git-man": "1:2.7.4-0ubuntu1.6", "gitweb": "1:2.7.4-0ubuntu1.6", "git-all": "1:2.7.4-0ubuntu1.6" } ] }
{ "availability": "No subscription required", "ubuntu_priority": "low", "binaries": [ { "git-daemon-run": "1:2.17.0-1ubuntu1", "git-email": "1:2.17.0-1ubuntu1", "git-mediawiki": "1:2.17.0-1ubuntu1", "git": "1:2.17.0-1ubuntu1", "git-el": "1:2.17.0-1ubuntu1", "git-cvs": "1:2.17.0-1ubuntu1", "git-doc": "1:2.17.0-1ubuntu1", "gitk": "1:2.17.0-1ubuntu1", "git-dbgsym": "1:2.17.0-1ubuntu1", "git-daemon-sysvinit": "1:2.17.0-1ubuntu1", "git-svn": "1:2.17.0-1ubuntu1", "git-gui": "1:2.17.0-1ubuntu1", "git-man": "1:2.17.0-1ubuntu1", "gitweb": "1:2.17.0-1ubuntu1", "git-all": "1:2.17.0-1ubuntu1" } ] }