Your submission was sent successfully! Close

CVE-2008-3546

Published: 7 August 2008

Stack-based buffer overflow in the (1) diff_addremove and (2) diff_change functions in GIT before 1.5.6.4 might allow local users to execute arbitrary code via a PATH whose length is larger than the system's PATH_MAX when running GIT utilities such as git-diff or git-grep.

Priority

Low

Status

Package Release Status
git-core
Launchpad, Ubuntu, Debian
dapper
Released (1.1.3-1ubuntu1.1)
feisty Needed
(reached end-of-life)
gutsy
Released (1:1.5.2.5-2ubuntu0.1)
hardy
Released (1:1.5.4.3-1ubuntu2.1)
intrepid
Released (1:1.5.6.3-1.1ubuntu2.1)
upstream
Released (1:1.5.6.3-1.1)