[ALSA-2024:4084] Important: git security update
Type:
security
Severity:
important
Release date:
2024-06-25
Description:
Git is a distributed revision control system with a decentralized architecture. As opposed to centralized version control systems with a client-server model, Git ensures that each working copy of a Git repository is an exact copy with complete revision history. This not only allows the user to work on and contribute to projects without the need to have permission to push the changes to their official repositories, but also makes it possible for the user to work with no network connection. Security Fix(es): * git: Recursive clones RCE (CVE-2024-32002) * git: RCE while cloning local repos (CVE-2024-32004) * git: additional local RCE (CVE-2024-32465) * git: insecure hardlinks (CVE-2024-32020) * git: symlink bypass (CVE-2024-32021) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer the CVE page(s) listed in the References section.
References:
Updated packages listed below:
Architecture Package Checksum
aarch64 git-2.43.5-1.el8_10.aarch64.rpm 5fa833b556d110eddfcec3b435f4848fca8321d1823ad9e4f4e6619bca20a9f2
aarch64 git-credential-libsecret-2.43.5-1.el8_10.aarch64.rpm 73c416683f424eadcd9e62c428c83c3431f775899ff74991ba0e56040931d896
aarch64 git-subtree-2.43.5-1.el8_10.aarch64.rpm b4cf072d02a3aed6bd985358dbb9a6ea0e9702d75e382865a821a42cb666b6c0
aarch64 git-daemon-2.43.5-1.el8_10.aarch64.rpm cebad56f91ec1dca82c86ac93adbeaac5c3816ff5e59a773fc5b6d2b589f286e
aarch64 git-core-2.43.5-1.el8_10.aarch64.rpm e9e41a6d8869e41eabf8c15f85efedae6a0a2983b41207fe14fd35ad5414c86e
noarch git-instaweb-2.43.5-1.el8_10.noarch.rpm 0c55b4348e6fef5183d4f41232a04306b52e4a662fea23f8473d89f42ce93992
noarch gitk-2.43.5-1.el8_10.noarch.rpm 153573119c596bf4cb869a04ece33a273f5501e0c679c478ae3d368614d5dc3d
noarch perl-Git-2.43.5-1.el8_10.noarch.rpm 1bbeed83f118bb41825ad949f76535c7e327bee6eafd474f5f16fe3447ae1f9a
noarch gitweb-2.43.5-1.el8_10.noarch.rpm 46aca45c161147dc7c0cbcb246962bb1857dc6589c4df680bfd166f734245ce1
noarch git-gui-2.43.5-1.el8_10.noarch.rpm 6c06f19cdb6fab7903d2e41ed4b1b5277fdaf1a59fc45639e30430ece3a7deb9
noarch perl-Git-SVN-2.43.5-1.el8_10.noarch.rpm b13a0b8c73c6d96e926d5bfc8fe30423b30bd28a8331632f95306444002868a1
noarch git-email-2.43.5-1.el8_10.noarch.rpm d3a7a9b15cc2e060dc2431955ee77b60aa3b808c029fc5869eaafe8a4f68a6b6
noarch git-core-doc-2.43.5-1.el8_10.noarch.rpm da1cbfc97504a229e3e6d5a9961bee396ff4a6a01b415927d76b11d44d8a8949
noarch git-svn-2.43.5-1.el8_10.noarch.rpm db73232276dd4b0a81eb0dd7e6ffb93d33106c2c2705cfad0c575289cae216e7
noarch git-all-2.43.5-1.el8_10.noarch.rpm ea10f0978df14bc8d7fd2215048983bfeb364b35eebd4e772aad5c1184c19633
ppc64le git-core-2.43.5-1.el8_10.ppc64le.rpm 268b621924637ccf120e12c3ffa68bc19baf2d8203c73b6655838d9d5ee7299a
ppc64le git-credential-libsecret-2.43.5-1.el8_10.ppc64le.rpm 57c92831fbc6ea1b93455912052877e4579f8361daf76a49d44f1b8a7bf37ae4
ppc64le git-2.43.5-1.el8_10.ppc64le.rpm 9cd76eb2a69b4c841a737c33be8ede3dee8c83f698a33653ef511db2ab109a43
ppc64le git-daemon-2.43.5-1.el8_10.ppc64le.rpm c2f35c353ec2bbd654e806918edb9460c05ba851ef37c2a9ef07c3f5f43a96e9
ppc64le git-subtree-2.43.5-1.el8_10.ppc64le.rpm e8c1e18eddad61e6bd1b7d0db562bd6e5dbc9ceb2aecc85f726b8ad08cc914a4
s390x git-daemon-2.43.5-1.el8_10.s390x.rpm 0d86df8cbcedd8049452f1b0e323a71ff22aad7174dffbe3a784242db9ae19cb
s390x git-2.43.5-1.el8_10.s390x.rpm 5f2c5034bf11eb6e85293c6285cb4b9ca5bf6dea0cff11053f366afac5bdd9d8
s390x git-subtree-2.43.5-1.el8_10.s390x.rpm 5fa6cf76edd833ac58e08d16453820bf43880de8428a91eb14277b6d9fc4b992
s390x git-credential-libsecret-2.43.5-1.el8_10.s390x.rpm 6272e06ce1527e3fe0eaa219ba3e413c972ba4c55127b04bd95a00ed2933ee45
s390x git-core-2.43.5-1.el8_10.s390x.rpm 9d227f07fb261bb885f63c23050ea23dc1c2c3ad0912d73e6dfcf0937e91ce40
x86_64 git-daemon-2.43.5-1.el8_10.x86_64.rpm 06db67978285fdc83a01f0cb3d01328e93272fed117d3c39c00c676eead27758
x86_64 git-credential-libsecret-2.43.5-1.el8_10.x86_64.rpm 7c03ee44e75d4ca8288c14c3beac826ba163e01da4038dfe0c6e73ed4e861a4f
x86_64 git-core-2.43.5-1.el8_10.x86_64.rpm 891740275d4b64135c2e94104fd7bc66a7910b58821d02beba0d7660be6be19b
x86_64 git-2.43.5-1.el8_10.x86_64.rpm 9ea80989f35befd43a5ede8074d1c51e5dc2adf3c8129d3cdbb798c82dd8eb0e
x86_64 git-subtree-2.43.5-1.el8_10.x86_64.rpm c1473e8713f1ab7d1ecb6da38909c416e1820c183d2d4b87de5f4d7edfbb6c64
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.