Bug 477523 (CVE-2008-5916) - git: gitweb local privilege escalation
Summary: git: gitweb local privilege escalation
Keywords:
Status: CLOSED ERRATA
Alias: CVE-2008-5916
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2008-12-21 15:13 UTC by Tomas Hoger
Modified: 2013-01-10 10:28 UTC (History)
4 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2009-01-12 14:16:03 UTC


Attachments (Terms of Use)

Description Tomas Hoger 2008-12-21 15:13:08 UTC
Git upstream released new maintenance releases fixing local privilege escalation flaw in gitweb.  Quoting upstream announcement:

  Current gitweb has a possible local privilege escalation bug that allows a
  malicious repository owner to run a command of his choice by specifying
  diff.external configuration variable in his repository and running a
  crafted gitweb query.

  Recent (post 1.4.3) gitweb itself never generates a link that would result
  in such a query, and the safest and cleanest fix to this issue is to
  simply drop the support for it.

http://article.gmane.org/gmane.comp.version-control.git/103624

Fixed upstream in: v1.6.0.6, v1.5.6.6, v1.5.5.6 and v1.5.4.7

Comment 1 Fedora Update System 2008-12-21 23:39:37 UTC
git-1.5.6.6-1.fc9 has been pushed to the Fedora 9 stable repository.  If problems still persist, please make note of it in this bug report.

Comment 2 Fedora Update System 2008-12-21 23:39:47 UTC
git-1.5.4.3-3.fc8 has been pushed to the Fedora 8 stable repository.  If problems still persist, please make note of it in this bug report.

Comment 3 Fedora Update System 2008-12-21 23:41:21 UTC
git-1.6.0.6-1.fc10 has been pushed to the Fedora 10 stable repository.  If problems still persist, please make note of it in this bug report.


Note You need to log in before you can comment on or make changes to this bug.