CVE-2016-2315 (retired)

Priority
Description
revision.c in git before 2.7.4 uses an incorrect integer data type, which
allows remote attackers to execute arbitrary code via a (1) long filename
or (2) many nested trees, leading to a heap-based buffer overflow.
Assigned-to
tyhicks
Package
Source: git (LP Ubuntu Debian)
Upstream:released (2.7.0)
Ubuntu 14.04 LTS (Trusty Tahr):released (1:1.9.1-1ubuntu0.3)
Ubuntu 16.04 LTS (Xenial Xerus):released (1:2.7.3-0ubuntu1)
Patches:
Upstream:https://github.com/git/git/commit/34fa79a6cde56d6d428ab0d3160cb094ebad3305
More Information

Updated: 2019-03-26 12:19:19 UTC (commit ccdecfcf0fead22bd291e5f4ea745a46872dcb15)