Lucene search
PRIOn knowledge basePRION:CVE-2014-9706HistoryMar 31, 2015 - 2:59 p.m.
Design/Logic Flaw
2015-03-3114:59:00
PRIOn knowledge base
www.prio-n.com
5
The build_index_from_tree function in index.py in Dulwich before 0.9.9 allows remote attackers to execute arbitrary code via a commit with a directory path starting with .git/, which is not properly handled when checking out a working tree.
| CPE | Name | Operator | Version |
|---|---|---|---|
| debian_linux | eq | 7.0 | |
| dulwich | le | 0.9.8 |
References
www.debian.org/security/2015/dsa-3206
www.openwall.com/lists/oss-security/2015/03/21/1
www.openwall.com/lists/oss-security/2015/03/22/26
git.samba.org/?p=jelmer/dulwich.git%3Ba=commitdiff%3Bh=091638be3c89f46f42c3b1d57dc1504af5729176
lists.fedoraproject.org/pipermail/package-announce/2015-April/154523.html
lists.fedoraproject.org/pipermail/package-announce/2015-April/154551.html
lists.launchpad.net/dulwich-users/msg00827.html
Related
nessus
nessus
Fedora 20 : python-dulwich-0.10.0-1.fc20 (2015-4534)
2015-04-13 00:00:00
Fedora 22 : python-dulwich-0.10.0-1.fc22 (2015-4639)
2015-04-22 00:00:00
Fedora 21 : python-dulwich-0.10.0-1.fc21 (2015-4575)
2015-04-13 00:00:00
openvas
openvas
Fedora Update for python-dulwich FEDORA-2015-4639
2015-07-07 00:00:00
Fedora Update for python-dulwich FEDORA-2015-4534
2015-04-11 00:00:00
Fedora Update for python-dulwich FEDORA-2015-4575
2015-04-11 00:00:00
fedora
fedora
[SECURITY] Fedora 21 Update: python-dulwich-0.10.0-1.fc21
2015-04-10 07:28:15
[SECURITY] Fedora 22 Update: python-dulwich-0.10.0-1.fc22
2015-04-21 18:52:56
[SECURITY] Fedora 20 Update: python-dulwich-0.10.0-1.fc20
2015-04-10 07:31:45
nvd
nvd
CVE-2014-9706
2015-03-31 14:59:04
debiancve
debiancve
CVE-2014-9706
2015-03-31 14:59:04
github
github
cvelist
cvelist
CVE-2014-9706
2015-03-31 14:00:00
ubuntucve
ubuntucve
CVE-2014-9706
2015-03-31 00:00:00
osv
osv
PYSEC-2015-34
2015-03-31 14:59:00
dulwich - security update
2015-03-28 00:00:00
cve
cve
CVE-2014-9706
2015-03-31 14:59:04
debian
debian
[SECURITY] [DSA 3206-1] dulwich security update
2015-03-28 13:22:01
[SECURITY] [DSA 3206-1] dulwich security update
2015-03-28 13:22:01
securityvulns
securityvulns
dulwich security vulnerabilities
2015-04-19 00:00:00
[SECURITY] [DSA 3206-1] dulwich security update
2015-04-19 00:00:00
mageia
mageia
Updated python-dulwich packages fix security vulnerabilities
2015-04-15 20:22:53