-
Bug
-
Resolution: Fixed
-
Medium
-
None
As outlined in http://seclists.org/oss-sec/2016/q1/645 , we are potentially vulnerable to remote code execution (the actual bugs trigger heap overflow) as sourcetree for windows bundles version 2.7.3 of git.
Update to a version of git that addresses CVE-2016-2324 and CVE‑2016‑2315 (git 2.4.11, 2.5.5, 2.6.6 and 2.7.4 all have the fix).
- is related to
-
-
- Closed
-
-
SCT-2946 Failed to load
- mentioned in
-
Page
Failed to load
[SRCTREEWIN-5285] Update to a version of git that contains a fix for CVE-2016-2324 and CVE‑2016‑2315
| Workflow | Original: JAC Bug Workflow v3 [ 3454003 ] | New: SRCTREE JAC Bug Workflow [ 3743494 ] |
| Workflow | Original: SourceTree Bug Workflow [ 1148818 ] | New: JAC Bug Workflow v3 [ 3454003 ] |
| Status | Original: Resolved [ 5 ] | New: Closed [ 6 ] |
| Security | Original: Reporter and Atlassian Staff [ 10751 ] |
| Remote Link | New: This issue links to "SCT-2946 (Atlassian JIRA Extranet - Special Projects)" [ 167212 ] |
| Remote Link | Original: This issue links to "Page (Extranet)" [ 167029 ] |
| Remote Link | New: This issue links to "Page (Extranet)" [ 167029 ] |
| Resolution | New: Fixed [ 1 ] | |
| Status | Original: In Progress [ 3 ] | New: Resolved [ 5 ] |
| Fix Version/s | New: 1.8.3 [ 61393 ] |
| Fix Version/s | Original: 1.8.2.12 [ 61497 ] |
| Labels | Original: CVE-2016-2324 CVE‑2016‑2315 security | New: CVE-2016-2324 CVE‑2016‑2315 cvss-high security |