Release date:
2023-02-22 20:11:15 UTC
Description:
* SECURITY UPDATE: out-of-bounds write caused by integer overflow
- debian/patches/CVE-2022-41903.patch: use 'size_t' instead of
'int' to track the string lengths and so allow >2GB input sizes.
- CVE-2022-41903
- t-mark-submodule-clean-test-as-known-failure.patch: mark
submodule clean test as known failure and so pass 'make test'.
* SECURITY UPDATE: possible cross-protocol requests
- debian/patches/CVE-2021-40330.patch: forbid newlines in host
and path.
- CVE-2021-40330
* SECURITY UPDATE: out-of-bounds write and possible RCE caused by
integer overflow
- debian/patches/CVE-2022-39260.patch: reject too long command
line strings in split_cmdline().
- CVE-2022-39260
* SECURITY UPDATE: out-of-bounds write when reading an unreasonably
large .gitattributes file
- debian/patches/CVE-2021-23521.patch: implement line and overall
size checks for .gitattributes files.
- CVE-2021-23521
* SECURITY UPDATE: possible write outside of the repository's
working directory
- debian/patches/CVE-2023-23946.patch: prevent git-apply from
writing behind newly created symbolic links.
- CVE-2023-23946
Updated packages:
-
git_2.7.4-0ubuntu1.10+tuxcare.els1_amd64.deb
sha:485f4aa4db3aedcc6901ae521c7402bbadceb018
-
git-all_2.7.4-0ubuntu1.10+tuxcare.els1_all.deb
sha:e10bdf160064e0d67087071e32f35b668846c56b
-
git-arch_2.7.4-0ubuntu1.10+tuxcare.els1_all.deb
sha:f977584b18db46dbf75722f71294c40c2e68a1b0
-
git-core_2.7.4-0ubuntu1.10+tuxcare.els1_all.deb
sha:7d7d0f2bca387bcd69bd0ecccd610581cd4d97df
-
git-cvs_2.7.4-0ubuntu1.10+tuxcare.els1_all.deb
sha:a618bcdd593b81821085703398792c2b462cf411
-
git-daemon-run_2.7.4-0ubuntu1.10+tuxcare.els1_all.deb
sha:4081aa0f4299d037afd648ab9ccdd0a63a9e0fb1
-
git-daemon-sysvinit_2.7.4-0ubuntu1.10+tuxcare.els1_all.deb
sha:8256722101a606bd3ef2880ea2e65803d38fe9af
-
git-doc_2.7.4-0ubuntu1.10+tuxcare.els1_all.deb
sha:0a719133c454b5d4e8ae097f9a8793229d840e46
-
git-el_2.7.4-0ubuntu1.10+tuxcare.els1_all.deb
sha:c27efd86c7c5db8f887be46484f8069d0bcec7b1
-
git-email_2.7.4-0ubuntu1.10+tuxcare.els1_all.deb
sha:5f078615e5359d62b7a5e3894efe4f13218d4229
-
git-gui_2.7.4-0ubuntu1.10+tuxcare.els1_all.deb
sha:1278fddb0135b78af19f240f3e423abaa248ef2b
-
git-man_2.7.4-0ubuntu1.10+tuxcare.els1_all.deb
sha:e3e26f83213818445fa0c6e654b82d36e0318276
-
git-mediawiki_2.7.4-0ubuntu1.10+tuxcare.els1_all.deb
sha:2c3b74cefda16656269a97a60e3c24e5400c2df3
-
git-svn_2.7.4-0ubuntu1.10+tuxcare.els1_all.deb
sha:e4c2e8c170b50ce220fd53d36772aad305e233cc
-
gitk_2.7.4-0ubuntu1.10+tuxcare.els1_all.deb
sha:0322d1cbe82c9774d61b6cf71291fc06f96a7ff7
-
gitweb_2.7.4-0ubuntu1.10+tuxcare.els1_all.deb
sha:66c441cc9983979cc894256b45b021f867ace896
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.