Ubuntu Security Notice 5810-4 - USN-5810-1 fixed several vulnerabilities in Git. This update provides the corresponding update for Ubuntu 14.04 ESM. Markus Vervier and Eric Sesterhenn discovered that Git incorrectly handled certain gitattributes. An attacker could possibly use this issue to cause a crash or execute arbitrary code.
b7a001a11349d2b730cffb3f46ef81dd964ff8de4579c792ea639ca4409331c5=========================================================================
Ubuntu Security Notice USN-5810-4
March 01, 2023
git vulnerabilities
=========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 14.04 ESM
Summary:
Several security issues were fixed in Git.
Software Description:
- git: fast, scalable, distributed revision control system
Details:
USN-5810-1 fixed several vulnerabilities in Git. This update provides
the corresponding update for Ubuntu 14.04 ESM.
Original advisory details:
Markus Vervier and Eric Sesterhenn discovered that Git incorrectly handled certain
gitattributes. An attacker could possibly use this issue to cause a crash
or execute arbitrary code. (CVE-2022-23521)
Joern Schneeweisz discovered that Git incorrectly handled certain commands.
An attacker could possibly use this issue to cause a crash or execute
arbitrary code. (CVE-2022-41903)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 14.04 ESM:
git 1:1.9.1-1ubuntu0.10+esm1
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-5810-4
https://ubuntu.com/security/notices/USN-5810-1
CVE-2022-23521, CVE-2022-41903
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed