Uploaded image for project: 'Sourcetree for Windows'
  1. Sourcetree for Windows
  2. SRCTREEWIN-5285

Update to a version of git that contains a fix for CVE-2016-2324 and CVE‑2016‑2315

    XMLWordPrintable

Details

    Description

      As outlined in http://seclists.org/oss-sec/2016/q1/645 , we are potentially vulnerable to remote code execution (the actual bugs trigger heap overflow) as sourcetree for windows bundles version 2.7.3 of git.

      Update to a version of git that addresses CVE-2016-2324 and CVE‑2016‑2315 (git 2.4.11, 2.5.5, 2.6.6 and 2.7.4 all have the fix).

      Attachments

        Issue Links

          is related to

          Bug - A problem which impairs or prevents the functions of the product. SRCTREE-3641 Update to a version of git that contains a fix for CVE-2016-2324 and CVE‑2016‑2315

          • Medium - Medium priority issues
          • Closed

          SCT-2946 Loading...

          mentioned in

          Page Loading...

          Activity

            People

              mminns minnsey
              dblack David Black
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: