[ALSA-2024:4083] Important: git security update
Type:
security
Severity:
important
Release date:
2024-06-25
Description:
Git is a distributed revision control system with a decentralized architecture. As opposed to centralized version control systems with a client-server model, Git ensures that each working copy of a Git repository is an exact copy with complete revision history. This not only allows the user to work on and contribute to projects without the need to have permission to push the changes to their official repositories, but also makes it possible for the user to work with no network connection. Security Fix(es): * git: Recursive clones RCE (CVE-2024-32002) * git: RCE while cloning local repos (CVE-2024-32004) * git: additional local RCE (CVE-2024-32465) * git: insecure hardlinks (CVE-2024-32020) * git: symlink bypass (CVE-2024-32021) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer the CVE page(s) listed in the References section.
References:
Updated packages listed below:
Architecture Package Checksum
aarch64 git-core-2.43.5-1.el9_4.aarch64.rpm 09874b9e98ceb3e75bb32f0c286fa468077dfe2858c3b54a673fb58afc188aad
aarch64 git-subtree-2.43.5-1.el9_4.aarch64.rpm 41bb97a94cdbce20637829748cd0a012560bb2c80db0988c90ccb10c68985864
aarch64 git-daemon-2.43.5-1.el9_4.aarch64.rpm 773c764934815eab4fc8de50ab3074cc32232de2dc35c1d2167c9d2259f01324
aarch64 git-2.43.5-1.el9_4.aarch64.rpm 7f7f988aed9f8cee060b2bcd3915938ac982ce71a1cd45d6851b7180e09b3efc
aarch64 git-credential-libsecret-2.43.5-1.el9_4.aarch64.rpm b12ec4266ce70ff14bf90381e10dde7470915f8f72eb1dbc5005d225a1b59c25
noarch perl-Git-2.43.5-1.el9_4.noarch.rpm 1040a006be76c4ab6fd587de6b2fa2e1057bd491b4f06108f566b973f7ff606a
noarch git-instaweb-2.43.5-1.el9_4.noarch.rpm 1f9e2bb9dc7ce2e5c6cb9fd782c5ba444ca18027e0797dcd0dcc16ec6a45b7a0
noarch git-email-2.43.5-1.el9_4.noarch.rpm 32d0050fb7bc85092b757aaa20509941905d6b5ec6ef2f2a03a3637ef6395cce
noarch git-svn-2.43.5-1.el9_4.noarch.rpm 3c041a3de73ac67dd10243e216a44ae32a67422bf16ecf9e868cd559e1edaeac
noarch git-core-doc-2.43.5-1.el9_4.noarch.rpm 6b0bc3f5051fd024621c98f25ea0044cea0719dac8157201a77f3428ce1fe3f3
noarch perl-Git-SVN-2.43.5-1.el9_4.noarch.rpm 6d13b9cadb4d3d0487071cca7ab6c7b21fb70d7f8fd059e85c90e906997eaa67
noarch gitweb-2.43.5-1.el9_4.noarch.rpm 834cee01896b8d3c1ea3c6351f7f03f353216f4f065ba1c49a2b3751ee3ceab4
noarch git-gui-2.43.5-1.el9_4.noarch.rpm a62589f893188de99786f204c82ed8ad898034c02c545ce9ce3859676b33de8c
noarch git-all-2.43.5-1.el9_4.noarch.rpm cb02f0771e12424bdffaa9757eaf1efe1d904baef497b67a9975795806ada690
noarch gitk-2.43.5-1.el9_4.noarch.rpm d072cfefaf0501cf3ef324a529aa0775bafe170547712c65b752d8b83b6d88ed
ppc64le git-2.43.5-1.el9_4.ppc64le.rpm 014fa57748f18466572aa846b92271f0c4d9c1e73f4f91d4a324fa7d9623f6f2
ppc64le git-credential-libsecret-2.43.5-1.el9_4.ppc64le.rpm 4040ad0b7a74d9c0dd399ba604e1e040cc78c7929dce6c2d30cf932cdd1024bf
ppc64le git-subtree-2.43.5-1.el9_4.ppc64le.rpm 5c2a1ad5bf69cbe9fd6030b12ccfcdc2cfe3fe077cb49b64333c4d005bb48d4d
ppc64le git-core-2.43.5-1.el9_4.ppc64le.rpm 85c0d3f4bcd1edc6ea01dbb33f3afd0834e9a171f5b688ddf1cfe5fe622aa39d
ppc64le git-daemon-2.43.5-1.el9_4.ppc64le.rpm 9df957bade8c39c39f9a8c31a0b4888ba46946a864aa3c3bf4bf7445134611bb
s390x git-credential-libsecret-2.43.5-1.el9_4.s390x.rpm 2b889a7e7a95dd32b3f418bb622907da94a9166461b9be18bf5fdeb39736bc61
s390x git-core-2.43.5-1.el9_4.s390x.rpm 50da31825057a077d41a379dfd208e23b2f12472e4c5c35536ec2d070657d77d
s390x git-subtree-2.43.5-1.el9_4.s390x.rpm 8e655c49dfe96df2e41e3d77c06899b4e4e11f7421b99db337d85676c1b87d12
s390x git-2.43.5-1.el9_4.s390x.rpm c96a3214372ac7ac3632ca03ffc7c2d8812a9dcffc2f907c642f796ae6e17d7a
s390x git-daemon-2.43.5-1.el9_4.s390x.rpm f2036a6dc1bf82bb8b348050ff4145fcecc9e5c6500d9895639bcf635ae02c5b
x86_64 git-subtree-2.43.5-1.el9_4.x86_64.rpm 2864157044c760f0779b2fbe72494fc90d0f2090490650aa26d5b374e5eb18bc
x86_64 git-daemon-2.43.5-1.el9_4.x86_64.rpm 306ec7de34558f01dab0e4d066b1d1c2356d03834434ae09e94f65257825884c
x86_64 git-credential-libsecret-2.43.5-1.el9_4.x86_64.rpm 4b15fc53ddc3766250634c9b2e3ad97424f2552b6d664d90c6ddef7a23e6944c
x86_64 git-core-2.43.5-1.el9_4.x86_64.rpm 8b77fe1edac41c36d4eeb787be11f5ed763f036a46cb0d58053321458f908647
x86_64 git-2.43.5-1.el9_4.x86_64.rpm eb8643e9968fdf3b12b544356c3fe63908801c44bde6ad0995bb12a5872216cb
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.