Oracle alert ELSA-2017-2004 (git)

From:
    	     
 
Errata Announcements for Oracle Linux <el-errata@oss.oracle.com> 
To:
    	     
 
el-errata@oss.oracle.com 
Subject:
    	     
 
[El-errata] ELSA-2017-2004 Moderate: Oracle Linux 7 git security and bug fix update 
Date:
    	     
 
Tue, 8 Aug 2017 13:50:04 -0700
Message-ID:
    	     
 
<e7b37c84-7a62-4387-e290-da8883ad8302@oracle.com>
Oracle Linux Security Advisory ELSA-2017-2004

http://linux.oracle.com/errata/ELSA-2017-2004.html

The following updated rpms for Oracle Linux 7 have been uploaded to the 
Unbreakable Linux Network:

x86_64:
emacs-git-1.8.3.1-11.el7.noarch.rpm
emacs-git-el-1.8.3.1-11.el7.noarch.rpm
git-1.8.3.1-11.el7.x86_64.rpm
git-all-1.8.3.1-11.el7.noarch.rpm
git-bzr-1.8.3.1-11.el7.noarch.rpm
git-cvs-1.8.3.1-11.el7.noarch.rpm
git-daemon-1.8.3.1-11.el7.x86_64.rpm
git-email-1.8.3.1-11.el7.noarch.rpm
git-gui-1.8.3.1-11.el7.noarch.rpm
git-hg-1.8.3.1-11.el7.noarch.rpm
git-p4-1.8.3.1-11.el7.noarch.rpm
git-svn-1.8.3.1-11.el7.x86_64.rpm
gitk-1.8.3.1-11.el7.noarch.rpm
gitweb-1.8.3.1-11.el7.noarch.rpm
perl-Git-1.8.3.1-11.el7.noarch.rpm
perl-Git-SVN-1.8.3.1-11.el7.noarch.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/git-1.8.3.1-11.el...



Description of changes:

[1.8.3.1-11]
- dissalow repo names beginning with dash
   Resolves: CVE-2017-8386

[-1.8.3.1-10]
- do not put unsanitized branch names in $PS1
   Resolves: CVE-2014-9938

[-1.8.3.1-9]
- add control of GSSAPI credential delegation to enable HTTP(S)-SSO
   authentication
   Resolves: #1369173

[1.8.3.1-8]
- remove needles check of xmalloc from previous patch
   Resolves: #1318255

[1.8.3.1-7]
- fix heap overflow CVE-2016-2315 CVE-2016-2324
   Resolves: #1318255


_______________________________________________
El-errata mailing list
El-errata@oss.oracle.com
https://oss.oracle.com/mailman/listinfo/el-errata