Red Hat Bugzilla – Bug 862035
CVE-2012-4465 cgit: specially-crafted commit can trigger a heap-based buffer overflow
Last modified: 2016-03-04 06:53:32 EST
It was reported , that cgit suffers from a heap-based buffer overflow flaw that could lead to a denial of service or, possibly (albeit unlikely as the second report indicates), a remote shell.
This has not yet been fixed upstream, but a patch is available .
Created cgit tracking bugs for this issue
Affects: epel-all [bug 862037]
This was assigned the name CVE-2012-4465: