Headline
RHSA-2023:3192: Red Hat Security Advisory: git security update
An update for git is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
Related CVEs:
- CVE-2023-25652: A vulnerability was found in Git. This security flaw occurs when feeding specially crafted input to
git apply --reject
; a path outside the working tree can be overwritten with partially controlled contents corresponding to the rejected hunk(s) from the given patch. - CVE-2023-25815: A vulnerability was found in Git. This security flaw occurs when Git compiles with runtime prefix support and runs without translated messages, and it still uses the gettext machinery to display messages, which subsequently looks for translated messages in unexpected places. This flaw allows the malicious placement of crafted messages.
- CVE-2023-29007: A vulnerability was found in Git. This security flaw occurs when renaming or deleting a section from a configuration file, where certain malicious configuration values may be misinterpreted as the beginning of a new configuration section. This flaw leads to arbitrary configuration injection.
Skip to navigation Skip to main content
Utilities
- Subscriptions
- Downloads
- Containers
- Support Cases
Infrastructure and Management
- Red Hat Enterprise Linux
- Red Hat Virtualization
- Red Hat Identity Management
- Red Hat Directory Server
- Red Hat Certificate System
- Red Hat Satellite
- Red Hat Subscription Management
- Red Hat Update Infrastructure
- Red Hat Insights
- Red Hat Ansible Automation Platform
Cloud Computing
- Red Hat OpenShift
- Red Hat CloudForms
- Red Hat OpenStack Platform
- Red Hat OpenShift Container Platform
- Red Hat OpenShift Data Science
- Red Hat OpenShift Online
- Red Hat OpenShift Dedicated
- Red Hat Advanced Cluster Security for Kubernetes
- Red Hat Advanced Cluster Management for Kubernetes
- Red Hat Quay
- Red Hat CodeReady Workspaces
- Red Hat OpenShift Service on AWS
Storage
- Red Hat Gluster Storage
- Red Hat Hyperconverged Infrastructure
- Red Hat Ceph Storage
- Red Hat OpenShift Data Foundation
Runtimes
- Red Hat Runtimes
- Red Hat JBoss Enterprise Application Platform
- Red Hat Data Grid
- Red Hat JBoss Web Server
- Red Hat Single Sign On
- Red Hat support for Spring Boot
- Red Hat build of Node.js
- Red Hat build of Thorntail
- Red Hat build of Eclipse Vert.x
- Red Hat build of OpenJDK
- Red Hat build of Quarkus
Integration and Automation
- Red Hat Process Automation
- Red Hat Process Automation Manager
- Red Hat Decision Manager
All Products
Issued:
2023-05-17
Updated:
2023-05-17
RHSA-2023:3192 - Security Advisory
- Overview
- Updated Packages
Synopsis
Important: git security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
View affected systems
Topic
An update for git is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Description
Git is a distributed revision control system with a decentralized architecture. As opposed to centralized version control systems with a client-server model, Git ensures that each working copy of a Git repository is an exact copy with complete revision history. This not only allows the user to work on and contribute to projects without the need to have permission to push the changes to their official repositories, but also makes it possible for the user to work with no network connection.
Security Fix(es):
- git: by feeding specially crafted input to `git apply --reject`, a path outside the working tree can be overwritten with partially controlled contents (CVE-2023-25652)
- git: arbitrary configuration injection when renaming or deleting a section from a configuration file (CVE-2023-29007)
- git: malicious placement of crafted messages when git was compiled with runtime prefix (CVE-2023-25815)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Affected Products
- Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.1 ppc64le
- Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.1 x86_64
Fixes
- BZ - 2188333 - CVE-2023-25652 git: by feeding specially crafted input to `git apply --reject`, a path outside the working tree can be overwritten with partially controlled contents
- BZ - 2188337 - CVE-2023-25815 git: malicious placement of crafted messages when git was compiled with runtime prefix
- BZ - 2188338 - CVE-2023-29007 git: arbitrary configuration injection when renaming or deleting a section from a configuration file
Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.1
SRPM
git-2.18.4-3.el8_1.src.rpm
SHA-256: 22f976669be7f68a6c1bd7be486e7f9367ecb2615b6d571dfb9693d5c4de590f
ppc64le
git-2.18.4-3.el8_1.ppc64le.rpm
SHA-256: f4dde2d0b1c84b989bcff49d2c9749e1e8ad88bc9c0f71badcfb16754786897d
git-all-2.18.4-3.el8_1.noarch.rpm
SHA-256: 2788ee8cdc5976e7aeb963c43c932664cf7c510b4c35f2b1ee64b7d800b29190
git-core-2.18.4-3.el8_1.ppc64le.rpm
SHA-256: aa8dd3a09c55797e5b0bfcf334e86be8b0ae1d561e30c65bc20f9e3f9a2dd5eb
git-core-debuginfo-2.18.4-3.el8_1.ppc64le.rpm
SHA-256: 799c852071ceef079833dbd04ec41ebb0fc70cfc994638f79cb6e87b427eee78
git-core-doc-2.18.4-3.el8_1.noarch.rpm
SHA-256: 13692503fac2a720b9622fe89ffe9978977b6bfacd51fffc39c96e429942e210
git-daemon-2.18.4-3.el8_1.ppc64le.rpm
SHA-256: f97fa617c1021cbbb525343c060eb5aae59ec3a51a768daf85278a584e092295
git-daemon-debuginfo-2.18.4-3.el8_1.ppc64le.rpm
SHA-256: ef9cf18a0f7897f6be993475a763fbdee1097d31398a78f26cf96fb978cdd4b6
git-debuginfo-2.18.4-3.el8_1.ppc64le.rpm
SHA-256: ff6d25563ef31a505271d9e4bc1b6618c7a773edc2b7d2d30133f0dd6aceaee5
git-debugsource-2.18.4-3.el8_1.ppc64le.rpm
SHA-256: deb73aaf9aad3060f5603630b6b2614c33777c7531748262ea9ca9b515c1a326
git-email-2.18.4-3.el8_1.noarch.rpm
SHA-256: 98ce45e5d91163f4d5adc961d7d303a50fccf05a0251b8f607d1210848fe2735
git-gui-2.18.4-3.el8_1.noarch.rpm
SHA-256: da44559ff81533cd675d481ad8da52fc7c74a8c2c1fb7e8c4c298373d96a8d52
git-instaweb-2.18.4-3.el8_1.ppc64le.rpm
SHA-256: ca6bfd06ddd87a22aa628d4895aef40c95e0e284b734982b550e2e659f50da57
git-subtree-2.18.4-3.el8_1.ppc64le.rpm
SHA-256: 558899726a6ccb5dbf95e8f70bd9ded9192bb7a4d0b331e3ac98947ca1fd3e3d
git-svn-2.18.4-3.el8_1.ppc64le.rpm
SHA-256: 6175d5e0588593220ec936ab90a7bf1e0fae1eb2986ced1758c3e6d70e287eeb
git-svn-debuginfo-2.18.4-3.el8_1.ppc64le.rpm
SHA-256: c7fd3601c2cba0aa4175d021e2bdbc43186a31ab2171e7ef8a6e1bfa81fe9106
gitk-2.18.4-3.el8_1.noarch.rpm
SHA-256: 8a0f122661f6b292784619b420a037b89545bc3d51c0a5608921ea86f9109dcc
gitweb-2.18.4-3.el8_1.noarch.rpm
SHA-256: b99fbecce82099126c39006228b5ad715c4cfa9e5868cd68ed4dbda76d418ac6
perl-Git-2.18.4-3.el8_1.noarch.rpm
SHA-256: d3723cac79298cb401ce3e6c23a3b57dae25797161efc2ede0a5fed6b5e76276
perl-Git-SVN-2.18.4-3.el8_1.noarch.rpm
SHA-256: c748f7b40106abb3f8db126c948fb5527a99b80c2e5a2d35dd10cd65789bd7d0
Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.1
SRPM
git-2.18.4-3.el8_1.src.rpm
SHA-256: 22f976669be7f68a6c1bd7be486e7f9367ecb2615b6d571dfb9693d5c4de590f
x86_64
git-2.18.4-3.el8_1.x86_64.rpm
SHA-256: ad74671dead401dd1e49ac6a4743a2dd9877c750b73342b44037ddacd4265107
git-all-2.18.4-3.el8_1.noarch.rpm
SHA-256: 2788ee8cdc5976e7aeb963c43c932664cf7c510b4c35f2b1ee64b7d800b29190
git-core-2.18.4-3.el8_1.x86_64.rpm
SHA-256: e238d8609c42fb0dd58f965ec36f1b0877686b9f687b6e4c6d3bd2e95f2eeb77
git-core-debuginfo-2.18.4-3.el8_1.x86_64.rpm
SHA-256: 2a4132b7a538db8324f2348fdc232e4ea81690b583b2b82e74358f3919a567f6
git-core-doc-2.18.4-3.el8_1.noarch.rpm
SHA-256: 13692503fac2a720b9622fe89ffe9978977b6bfacd51fffc39c96e429942e210
git-daemon-2.18.4-3.el8_1.x86_64.rpm
SHA-256: 60f722c0f2437e0af3fcb39ec544c9c4c9492d9bde2ecaed5e76bd4147ce5583
git-daemon-debuginfo-2.18.4-3.el8_1.x86_64.rpm
SHA-256: 85b96cda6973af4f06bead9e14da32eb16b2dda7748110da47deb43f745b90dc
git-debuginfo-2.18.4-3.el8_1.x86_64.rpm
SHA-256: 02002f65c5f7d064ea8d9c293e7b99e3bdd952e6e725fc692fc74a06ef30b980
git-debugsource-2.18.4-3.el8_1.x86_64.rpm
SHA-256: 277d5178673d49675b435faad7748fe8540d74c01bb7889155ac5003891aaaaf
git-email-2.18.4-3.el8_1.noarch.rpm
SHA-256: 98ce45e5d91163f4d5adc961d7d303a50fccf05a0251b8f607d1210848fe2735
git-gui-2.18.4-3.el8_1.noarch.rpm
SHA-256: da44559ff81533cd675d481ad8da52fc7c74a8c2c1fb7e8c4c298373d96a8d52
git-instaweb-2.18.4-3.el8_1.x86_64.rpm
SHA-256: 2e6bbe2f1ba2e119f38c777f52dc086a09aa3969f5a785b602e3b3419ed708a0
git-subtree-2.18.4-3.el8_1.x86_64.rpm
SHA-256: 61c2ba4bd6bea7a5f10c34741b326fb8e9b11f5d57902e1b54eb440acff91a01
git-svn-2.18.4-3.el8_1.x86_64.rpm
SHA-256: 7b40fafae6029a37adb9b0d80e4e500b875a1bade73f2354010ac273b5730301
git-svn-debuginfo-2.18.4-3.el8_1.x86_64.rpm
SHA-256: 1eb93aeddc92d9ba61ff1432362d3c32f9469d055bc80cea2817f6026cd053de
gitk-2.18.4-3.el8_1.noarch.rpm
SHA-256: 8a0f122661f6b292784619b420a037b89545bc3d51c0a5608921ea86f9109dcc
gitweb-2.18.4-3.el8_1.noarch.rpm
SHA-256: b99fbecce82099126c39006228b5ad715c4cfa9e5868cd68ed4dbda76d418ac6
perl-Git-2.18.4-3.el8_1.noarch.rpm
SHA-256: d3723cac79298cb401ce3e6c23a3b57dae25797161efc2ede0a5fed6b5e76276
perl-Git-SVN-2.18.4-3.el8_1.noarch.rpm
SHA-256: c748f7b40106abb3f8db126c948fb5527a99b80c2e5a2d35dd10cd65789bd7d0
The Red Hat security contact is [email protected]. More contact details at https://access.redhat.com/security/team/contact/.
Related news
Gentoo Linux Security Advisory 202312-15 - Several vulnerabilities have been found in Git, the worst of which could lead to remote code execution. Versions greater than or equal to 2.39.3 are affected.
Hello everyone! This episode will be about Microsoft Patch Tuesday for June 2023, including vulnerabilities that were added between May and June Patch Tuesdays. As usual, I use my open source Vulristics project to analyse and prioritize vulnerabilities. I took the comments about the vulnerabilities from the Qualys, Tenable, Rapid7, ZDI Patch Tuesday reviews. This time there […]
Red Hat Security Advisory 2023-3624-01 - The Migration Toolkit for Containers enables you to migrate Kubernetes resources, persistent volume data, and internal container images between OpenShift Container Platform clusters, using the MTC web console or the Kubernetes API. Issues addressed include a denial of service vulnerability.
The Migration Toolkit for Containers (MTC) 1.7.10 is now available. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-24534: A flaw was found in Golang Go, where it is vulnerable to a denial of service caused by memory exhaustion in the common function in HTTP and MIME header parsing. By sending a specially crafted request, a remote attacker can cause a denial of service. * CVE-2023-24536: A flaw was found in Golang Go, where it is vulnerable to a denial of service cause...
Red Hat Security Advisory 2023-3410-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.12.20.
Red Hat Security Advisory 2023-3363-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.10.61. Issues addressed include a denial of service vulnerability.
Red Hat Security Advisory 2023-3309-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.11.42. Issues addressed include a denial of service vulnerability.
Red Hat Security Advisory 2023-3356-01 - Red Hat Advanced Cluster Management for Kubernetes 2.5.9 images Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Clusters and applications are all visible and managed from a single console—with security policy built in. This advisory contains the container images for Red Hat Advanced Cluster Management for Kubernetes, which fix several bugs.
An update for git is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-25652: A vulnerability was found in Git. This security flaw occurs when feeding specially crafted input to `git apply --reject`; a path outside the working tree can be overwritten with partially controlled contents corresponding to the rejected hunk(s) from the given patch. * CVE-2023-25815: A vulnerability was found in Git. This ...
Red Hat OpenShift Container Platform release 4.13.1 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.13. Red Hat Product Security has rated this update as having a security impact of [impact]. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2018-17419: The Miek Gieben DNS library is vulnerable to a denial of service caused by a segmentation violation in setTA in scan_rr.go. By persuading a victim to open a specially-crafted file, a ...
Red Hat Security Advisory 2023-3297-01 - Red Hat Advanced Cluster Management for Kubernetes 2.7.4 images Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Clusters and applications are all visible and managed from a single console—with security policy built in. This advisory contains the container images for Red Hat Advanced Cluster Management for Kubernetes, which fix several bugs.
Red Hat Advanced Cluster Management for Kubernetes 2.7.4 General Availability release images, which fix security issues and update container images. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-32313: A flaw was found in the vm2. After making a vm, the inspect method is read-write for console.log, which allows an attacker to edit options for console.log. This issue impacts the integrity by changing the log subsystem. * CVE-2023-32314: A flaw was found in the vm2 sandbo...
Red Hat Security Advisory 2023-3280-01 - Git is a distributed revision control system with a decentralized architecture. As opposed to centralized version control systems with a client-server model, Git ensures that each working copy of a Git repository is an exact copy with complete revision history. This not only allows the user to work on and contribute to projects without the need to have permission to push the changes to their official repositories, but also makes it possible for the user to work with no network connection.
An update for rh-git227-git is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-25652: A vulnerability was found in Git. This security flaw occurs when feeding specially crafted input to `git apply --reject`; a path outside the working tree can be overwritten with partially controlled contents corresponding to the rejected hunk(s) from the given patch. * CVE-2023-25815: A vulnerability was found in Git. This security flaw ...
Red Hat Security Advisory 2023-3245-01 - Git is a distributed revision control system with a decentralized architecture. As opposed to centralized version control systems with a client-server model, Git ensures that each working copy of a Git repository is an exact copy with complete revision history. This not only allows the user to work on and contribute to projects without the need to have permission to push the changes to their official repositories, but also makes it possible for the user to work with no network connection.
Red Hat Security Advisory 2023-3247-01 - Git is a distributed revision control system with a decentralized architecture. As opposed to centralized version control systems with a client-server model, Git ensures that each working copy of a Git repository is an exact copy with complete revision history. This not only allows the user to work on and contribute to projects without the need to have permission to push the changes to their official repositories, but also makes it possible for the user to work with no network connection.
Red Hat Security Advisory 2023-3246-01 - Git is a distributed revision control system with a decentralized architecture. As opposed to centralized version control systems with a client-server model, Git ensures that each working copy of a Git repository is an exact copy with complete revision history. This not only allows the user to work on and contribute to projects without the need to have permission to push the changes to their official repositories, but also makes it possible for the user to work with no network connection.
Red Hat Security Advisory 2023-3243-01 - Git is a distributed revision control system with a decentralized architecture. As opposed to centralized version control systems with a client-server model, Git ensures that each working copy of a Git repository is an exact copy with complete revision history. This not only allows the user to work on and contribute to projects without the need to have permission to push the changes to their official repositories, but also makes it possible for the user to work with no network connection.
Red Hat Security Advisory 2023-3248-01 - Git is a distributed revision control system with a decentralized architecture. As opposed to centralized version control systems with a client-server model, Git ensures that each working copy of a Git repository is an exact copy with complete revision history. This not only allows the user to work on and contribute to projects without the need to have permission to push the changes to their official repositories, but also makes it possible for the user to work with no network connection.
An update for git is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-25652: A vulnerability was found in Git. This security flaw occurs when feeding specially crafted input to `git apply --reject`; a path outside the working tree can be overwritten with partially controlled contents corresponding to the rejected hunk(s) from the given patch. * CVE-2023-25815: A vulnerability was found in Git. This ...
An update for git is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-25652: A vulnerability was found in Git. This security flaw occurs when feeding specially crafted input to `git apply --reject`; a path outside the working tree can be overwritten with partially controlled contents corresponding to the rejected hunk(s) from the given patch. * CVE-2023-25815: A vulnerability was found in Git. This ...
An update for git is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-25652: A vulnerability was found in Git. This security flaw occurs when feeding specially crafted input to `git apply --reject`; a path outside the working tree can be overwritten with partially controlled contents corresponding to the rejected hunk(s) from the given patch. * CVE-2023-25815: A vulnerability was found in Git. This ...
Ubuntu Security Notice 6050-2 - USN-6050-1 fixed several vulnerabilities in Git. This update provides the corresponding updates for CVE-2023-25652 and CVE-2023-29007 on Ubuntu 16.04 LTS. It was discovered that Git incorrectly handled certain commands. An attacker could possibly use this issue to overwrite paths.
Ubuntu Security Notice 6050-1 - It was discovered that Git incorrectly handled certain commands. An attacker could possibly use this issue to overwriting some paths. Maxime Escourbiac and Yassine BENGANA discovered that Git incorrectly handled some gettext machinery. An attacker could possibly use this issue to allows the malicious placement of crafted messages. Andre Baptista and Vitor Pinho discovered that Git incorrectly handled certain configurations. An attacker could possibly use this issue to arbitrary configuration injection.
Ubuntu Security Notice 6050-1 - It was discovered that Git incorrectly handled certain commands. An attacker could possibly use this issue to overwriting some paths. Maxime Escourbiac and Yassine BENGANA discovered that Git incorrectly handled some gettext machinery. An attacker could possibly use this issue to allows the malicious placement of crafted messages. Andre Baptista and Vitor Pinho discovered that Git incorrectly handled certain configurations. An attacker could possibly use this issue to arbitrary configuration injection.
Ubuntu Security Notice 6050-1 - It was discovered that Git incorrectly handled certain commands. An attacker could possibly use this issue to overwriting some paths. Maxime Escourbiac and Yassine BENGANA discovered that Git incorrectly handled some gettext machinery. An attacker could possibly use this issue to allows the malicious placement of crafted messages. Andre Baptista and Vitor Pinho discovered that Git incorrectly handled certain configurations. An attacker could possibly use this issue to arbitrary configuration injection.
Git is a revision control system. Prior to versions 2.30.9, 2.31.8, 2.32.7, 2.33.8, 2.34.8, 2.35.8, 2.36.6, 2.37.7, 2.38.5, 2.39.3, and 2.40.1, a specially crafted `.gitmodules` file with submodule URLs that are longer than 1024 characters can used to exploit a bug in `config.c::git_config_copy_or_rename_section_in_file()`. This bug can be used to inject arbitrary configuration into a user's `$GIT_DIR/config` when attempting to remove the configuration section associated with that submodule. When the attacker injects configuration values which specify executables to run (such as `core.pager`, `core.editor`, `core.sshCommand`, etc.) this can lead to a remote code execution. A fix A fix is available in versions 2.30.9, 2.31.8, 2.32.7, 2.33.8, 2.34.8, 2.35.8, 2.36.6, 2.37.7, 2.38.5, 2.39.3, and 2.40.1. As a workaround, avoid running `git submodule deinit` on untrusted repositories or without prior inspection of any submodule sections in `$GIT_DIR/config`.
Git is a revision control system. Prior to versions 2.30.9, 2.31.8, 2.32.7, 2.33.8, 2.34.8, 2.35.8, 2.36.6, 2.37.7, 2.38.5, 2.39.3, and 2.40.1, by feeding specially crafted input to `git apply --reject`, a path outside the working tree can be overwritten with partially controlled contents (corresponding to the rejected hunk(s) from the given patch). A fix is available in versions 2.30.9, 2.31.8, 2.32.7, 2.33.8, 2.34.8, 2.35.8, 2.36.6, 2.37.7, 2.38.5, 2.39.3, and 2.40.1. As a workaround, avoid using `git apply` with `--reject` when applying patches from an untrusted source. Use `git apply --stat` to inspect a patch before applying; avoid applying one that create a conflict where a link corresponding to the `*.rej` file exists.
Git is a revision control system. Prior to versions 2.30.9, 2.31.8, 2.32.7, 2.33.8, 2.34.8, 2.35.8, 2.36.6, 2.37.7, 2.38.5, 2.39.3, and 2.40.1, by feeding specially crafted input to `git apply --reject`, a path outside the working tree can be overwritten with partially controlled contents (corresponding to the rejected hunk(s) from the given patch). A fix is available in versions 2.30.9, 2.31.8, 2.32.7, 2.33.8, 2.34.8, 2.35.8, 2.36.6, 2.37.7, 2.38.5, 2.39.3, and 2.40.1. As a workaround, avoid using `git apply` with `--reject` when applying patches from an untrusted source. Use `git apply --stat` to inspect a patch before applying; avoid applying one that create a conflict where a link corresponding to the `*.rej` file exists.
In Git for Windows, the Windows port of Git, no localized messages are shipped with the installer. As a consequence, Git is expected not to localize messages at all, and skips the gettext initialization. However, due to a change in MINGW-packages, the `gettext()` function's implicit initialization no longer uses the runtime prefix but uses the hard-coded path `C:\mingw64\share\locale` to look for localized messages. And since any authenticated user has the permission to create folders in `C:\` (and since `C:\mingw64` does not typically exist), it is possible for low-privilege users to place fake messages in that location where `git.exe` will pick them up in version 2.40.1. This vulnerability is relatively hard to exploit and requires social engineering. For example, a legitimate message at the end of a clone could be maliciously modified to ask the user to direct their web browser to a malicious website, and the user might think that the message comes from Git and is legitimate. It do...
In Git for Windows, the Windows port of Git, no localized messages are shipped with the installer. As a consequence, Git is expected not to localize messages at all, and skips the gettext initialization. However, due to a change in MINGW-packages, the `gettext()` function's implicit initialization no longer uses the runtime prefix but uses the hard-coded path `C:\mingw64\share\locale` to look for localized messages. And since any authenticated user has the permission to create folders in `C:\` (and since `C:\mingw64` does not typically exist), it is possible for low-privilege users to place fake messages in that location where `git.exe` will pick them up in version 2.40.1. This vulnerability is relatively hard to exploit and requires social engineering. For example, a legitimate message at the end of a clone could be maliciously modified to ask the user to direct their web browser to a malicious website, and the user might think that the message comes from Git and is legitimate. It do...
Git is a revision control system. Prior to versions 2.30.9, 2.31.8, 2.32.7, 2.33.8, 2.34.8, 2.35.8, 2.36.6, 2.37.7, 2.38.5, 2.39.3, and 2.40.1, by feeding specially crafted input to `git apply --reject`, a path outside the working tree can be overwritten with partially controlled contents (corresponding to the rejected hunk(s) from the given patch). A fix is available in versions 2.30.9, 2.31.8, 2.32.7, 2.33.8, 2.34.8, 2.35.8, 2.36.6, 2.37.7, 2.38.5, 2.39.3, and 2.40.1. As a workaround, avoid using `git apply` with `--reject` when applying patches from an untrusted source. Use `git apply --stat` to inspect a patch before applying; avoid applying one that create a conflict where a link corresponding to the `*.rej` file exists.
In Git for Windows, the Windows port of Git, no localized messages are shipped with the installer. As a consequence, Git is expected not to localize messages at all, and skips the gettext initialization. However, due to a change in MINGW-packages, the `gettext()` function's implicit initialization no longer uses the runtime prefix but uses the hard-coded path `C:\mingw64\share\locale` to look for localized messages. And since any authenticated user has the permission to create folders in `C:\` (and since `C:\mingw64` does not typically exist), it is possible for low-privilege users to place fake messages in that location where `git.exe` will pick them up in version 2.40.1. This vulnerability is relatively hard to exploit and requires social engineering. For example, a legitimate message at the end of a clone could be maliciously modified to ask the user to direct their web browser to a malicious website, and the user might think that the message comes from Git and is legitimate. It do...