| Release | Version |
|---|---|
| wheezy | 1:1.7.10.4-1+wheezy3 |
| wheezy (security) | 1:1.7.10.4-1+wheezy5 |
| jessie | 1:2.1.4-2.1+deb8u3 |
| jessie (security) | 1:2.1.4-2.1+deb8u4 |
| stretch | 1:2.11.0-3 |
| stretch (security) | 1:2.11.0-3+deb9u1 |
| buster | 1:2.14.1-3 |
| sid | 1:2.14.1-3 |
| Bug | wheezy | jessie | stretch | buster | sid | Description |
|---|---|---|---|---|---|---|
| CVE-2014-9390 | vulnerable (no DSA) | fixed | fixed | fixed | fixed | arbitrary command execution vulnerability on case-insensitive file systems |
| Bug | Description |
|---|---|
| CVE-2017-8386 | git-shell in git before 2.4.12, 2.5.x before 2.5.6, 2.6.x before ... |
| CVE-2017-1000117 | |
| CVE-2016-2324 | Integer overflow in Git before 2.7.4 allows remote attackers to ... |
| CVE-2016-2315 | revision.c in git before 2.7.4 uses an incorrect integer data type, ... |
| CVE-2015-7545 | The (1) git-remote-ext and (2) unspecified other remote helper ... |
| CVE-2014-9938 | contrib/completion/git-prompt.sh in Git before 1.9.3 does not sanitize ... |
| CVE-2013-0308 | The imap-send command in GIT before 1.8.1.4 does not verify that the ... |
| CVE-2010-3906 | Cross-site scripting (XSS) vulnerability in Gitweb 1.7.3.3 and earlier ... |
| DSA / DLA | Description |
|---|---|
| DLA-1068-1 | git - security update |
| DSA-3934-1 | git - security update |
| DSA-3934-1 | git - security update |
| DSA-3848-1 | git - security update |
| DLA-938-1 | git - security update |
| DSA-3521-1 | git - security update |
| DSA-3521-1 | git - security update |
| DSA-3435-1 | git - security update |
| DSA-3435-1 | git - security update |