Executive Summary

Name MDVSA-2015:169 First vendor Publication 2015-03-30
Vendor Mandriva Last vendor Modification 2015-03-30
Severity (Vendor) N/A Revision N/A

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector :
Cvss Base Score Not Defined Attack Range Not Defined
Cvss Impact Score Not Defined Attack Complexity Not Defined
Cvss Expoit Score Not Defined Authentication Not Defined
Calculate full CVSS 2.0 Vectors scores


Updated git packages fix security vulnerability:

It was reported that git, when used as a client on a case-insensitive filesystem, could allow the overwrite of the .git/config file when the client performed a git pull. Because git permitted committing .Git/config (or any case variation), on the pull this would replace the user's .git/config. If this malicious config file contained defined external commands (such as for invoking and editor or an external diff utility) it could allow for the execution of arbitrary code with the privileges of the user running the git client (CVE-2014-9390).

Original Source

Url : http://www.mandriva.com/security/advisories?name=MDVSA-2015:169

Alert History

If you want to see full details history, please login or register.
Date Informations
2015-03-31 13:29:48
  • Multiple Updates
2015-03-30 13:30:08
  • First insertion