openSUSE-SU-2020:0524-1
See a problem?- Import Source
- https://ftp.suse.com/pub/projects/security/osv/openSUSE-SU-2020:0524-1.json
- JSON Data
- https://api.osv.dev/v1/vulns/openSUSE-SU-2020:0524-1
- Related
- Published
- 2020-04-16T08:37:53Z
- Modified
- 2020-04-16T08:37:53Z
- Summary
- Security update for git
- Details
-
This update for git fixes the following issues:
- CVE-2020-5260: With a crafted URL that contains a newline in it, the credential helper machinery can be fooled to give credential information for a wrong host (bsc#1168930).
This update was imported from the SUSE:SLE-15:Update update project.
- References
Affected packages
openSUSE:Leap 15.1 / git
Package
- Name
- git
- Purl
- purl:rpm/suse/git&distro=openSUSE%20Leap%2015.1
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed2.16.4-lp151.4.6.1
Ecosystem specific
{
"binaries": [
{
"git-core": "2.16.4-lp151.4.6.1",
"git-email": "2.16.4-lp151.4.6.1",
"git": "2.16.4-lp151.4.6.1",
"gitk": "2.16.4-lp151.4.6.1",
"git-credential-gnome-keyring": "2.16.4-lp151.4.6.1",
"git-daemon": "2.16.4-lp151.4.6.1",
"git-doc": "2.16.4-lp151.4.6.1",
"git-cvs": "2.16.4-lp151.4.6.1",
"git-arch": "2.16.4-lp151.4.6.1",
"git-web": "2.16.4-lp151.4.6.1",
"git-p4": "2.16.4-lp151.4.6.1",
"git-credential-libsecret": "2.16.4-lp151.4.6.1",
"git-svn": "2.16.4-lp151.4.6.1",
"git-gui": "2.16.4-lp151.4.6.1"
}
]
}