CVE-2016-10128

Priority
Medium
Description
Buffer overflow in the git_pkt_parse_line function in
transports/smart_pkt.c in the Git Smart Protocol support in libgit2 before
0.24.6 and 0.25.x before 0.25.1 allows remote attackers to have unspecified
impact via a crafted non-flush packet.
References
Package
Upstream:released (0.24.6, 0.25.1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):needed
Ubuntu 16.04 LTS (Xenial Xerus):needed
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (0.26.0+dfsg.1-1.1build1)
Ubuntu 18.10 (Cosmic Cuttlefish):not-affected (0.26.0+dfsg.1-1.1build1)
More Information

Updated: 2018-09-05 14:14:20 UTC (commit d32ea995d85f96f35c80cb36eb37c749d1e96fe2)