openSUSE Security Update : cgit (openSUSE-2015-436)

This script is Copyright (C) 2015-2016 Tenable Network Security, Inc.

Synopsis :

The remote openSUSE host is missing a security update.

Description :

The git web frontend cgit was updated to 0.11.2 to fix security issues
and bugs.

The following vulnerabilities were fixed :

- CVE-2014-9390: arbitrary command execution vulnerability
on case-insensitive file systems in git. Malicious
commits could affect client users on all platforms using
case-insensitive file systems when using vulnerable git

In addition cgit was updated to 0.11.2 with minor improvements and bug

The embedded git version was updated to 2.4.3.

See also :

Solution :

Update the affected cgit packages.

Risk factor :


Family: SuSE Local Security Checks

Nessus Plugin ID: 84335 ()

Bugtraq ID:

CVE ID: CVE-2014-9390

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now