[SECURITY] Fedora 11 Update: git-1.6.2.5-1.fc11

Wed Jun 24 19:19:21 UTC 2009

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2009-6936
2009-06-23 20:29:04
--------------------------------------------------------------------------------

Name        : git
Product     : Fedora 11
Version     : 1.6.2.5
Release     : 1.fc11
URL         : http://git-scm.com/
Summary     : Core git tools
Description :
Git is a fast, scalable, distributed revision control system with an
unusually rich command set that provides both high-level operations
and full access to internals.

The git rpm installs the core tools with minimal dependencies.  To
install all git packages, including tools for integrating with other
SCMs, install the git-all meta-package.

--------------------------------------------------------------------------------
Update Information:

This update fixes a Denial of Service vulnerability in git-daemon.
--------------------------------------------------------------------------------
ChangeLog:

* Fri Jun 19 2009 Todd Zullinger <tmz at pobox.com> - 1.6.2.5-1
- Update to 1.6.2.5
- Fix git-daemon hang on invalid input (CVE-2009-2108, bug 505761)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #505761 - CVE-2009-2108 git daemon Denial of Service with unknown "extra arg" information
        https://bugzilla.redhat.com/show_bug.cgi?id=505761
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use 
su -c 'yum update git' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
http://fedoraproject.org/keys
--------------------------------------------------------------------------------