[CLSA-2025:1754648405] Fix CVE(s): CVE-2025-27613, CVE-2025-27614, CVE-2025-46835
Type:
security
Severity:
Moderate
Release date:
2025-08-08 10:20:09 UTC
Description:
* SECURITY UPDATE: potential file creation/truncation when cloning untrusted repository in gitk - debian/patches/CVE-2025-27613_CVE-2025-27614_CVE-2025-46835.patch: improve dark mode support, remove hard-coded colors in ttext calls and use colors from the theme for text widgets via Text.Background and Text.Foreground - CVE-2025-27613 * SECURITY UPDATE: security vulnerability allowing arbitrary script execution - debian/patches/CVE-2025-27613_CVE-2025-27614_CVE-2025-46835.patch: Fix hard-coded colors in ttext widgets to use theme colors - CVE-2025-27614 * SECURITY UPDATE: security issue with untrusted repository cloning and file editing - debian/patches/CVE-2025-27613_CVE-2025-27614_CVE-2025-46835.patch: validate directory names to prevent file overwrite attacks - CVE-2025-46835
Updated packages:
  • git_2.7.4-0ubuntu1.10+tuxcare.els9_amd64.deb
    sha:7fc151b69e3933252dab8da37d505e6334cefe5a
  • git-all_2.7.4-0ubuntu1.10+tuxcare.els9_all.deb
    sha:109a03cea13d7a5871ceccbb9229ae322eec6190
  • git-arch_2.7.4-0ubuntu1.10+tuxcare.els9_all.deb
    sha:55252a87ad6c4fde18298e44e38cb872d439d940
  • git-core_2.7.4-0ubuntu1.10+tuxcare.els9_all.deb
    sha:67fddeb983407c8716d994de52a8322a662efe5f
  • git-cvs_2.7.4-0ubuntu1.10+tuxcare.els9_all.deb
    sha:a7f566c5ce6006eea0e8a4953c389f04f5903925
  • git-daemon-run_2.7.4-0ubuntu1.10+tuxcare.els9_all.deb
    sha:94935ac6b4867643c4f438d62ec1d32fa9d6a928
  • git-daemon-sysvinit_2.7.4-0ubuntu1.10+tuxcare.els9_all.deb
    sha:3a7605f28c94e8aacdf195e8e06b26c07e23c234
  • git-doc_2.7.4-0ubuntu1.10+tuxcare.els9_all.deb
    sha:e1e6f63311854e9fe3e30ad63ce92871fed69b6c
  • git-el_2.7.4-0ubuntu1.10+tuxcare.els9_all.deb
    sha:b6d5fbfe76ae87879adfb6dc67580cd6456093ee
  • git-email_2.7.4-0ubuntu1.10+tuxcare.els9_all.deb
    sha:cce1b00e6deb8a8bb3b4dfa42944c2c431ee9bce
  • git-gui_2.7.4-0ubuntu1.10+tuxcare.els9_all.deb
    sha:4c338e4730294c45a0e09424011bb028e923f345
  • git-man_2.7.4-0ubuntu1.10+tuxcare.els9_all.deb
    sha:e927311c25fe0f6f0fee2f863b71d18ad1d861de
  • git-mediawiki_2.7.4-0ubuntu1.10+tuxcare.els9_all.deb
    sha:54b5753935254e6317420cc07799afaae438a9f2
  • git-svn_2.7.4-0ubuntu1.10+tuxcare.els9_all.deb
    sha:0473bcba5ebcb2837febe58df8bab4aeb30de807
  • gitk_2.7.4-0ubuntu1.10+tuxcare.els9_all.deb
    sha:0ea60588a81e58f7e2cdbb831fda9dfdbf89d736
  • gitweb_2.7.4-0ubuntu1.10+tuxcare.els9_all.deb
    sha:88262db8c7f990f4c3889fbb4c9e6a3a5ab8a2f9
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.