Package "git"
| Name: |
git
|
Description: |
This package is just an umbrella for a group of other packages,
it has no description.
Description samples from packages in group:
- fast, scalable, distributed revision control system (all subpackages)
- fast, scalable, distributed revision control system (cvs interoperability)
- fast, scalable, distributed revision control system (git-daemon service)
- fast, scalable, distributed revision control system (git-daemon service)
|
| Latest version: |
1:2.45.2-1ubuntu1.2 |
| Release: |
oracular (24.10) |
| Level: |
updates |
| Repository: |
universe |
Links
Other versions of "git" in Oracular
Packages in group
Deleted packages are displayed in grey.
Changelog
|
git (1:2.45.2-1ubuntu1.2) oracular-security; urgency=medium
* SECURITY UPDATE: Code execution and file manipulation when cloning
malicious repositories.
- debian/patches/CVE-2025-27613.patch: Add argument sanitizing and replace
command instances with safe versions in gitk-git/gitk.
- debian/patches/CVE-2025-27614.patch: Remove escape_filter_paths and wrap
concat instances with list in gitk-git/gitk.
- CVE-2025-27613
- CVE-2025-27614
* SECURITY UPDATE: File overwrite when editing a file in a malicious
directory in an untrusted repository.
- debian/patches/CVE-2025-46835-pre1.patch: Remove windows specific code
in git-gui/git-gui.sh.
- debian/patches/CVE-2025-46835.patch: Add argument sanitizing, replace
command instances with safe versions, and wrap instances with list in
git-gui/git-gui.sh and other files in git-gui directory.
- CVE-2025-46835
* SECURITY UPDATE: Unintentional script execution due to improperly stripped
carriage return.
- debian/patches/CVE-2025-48384.patch: Add carriage return checks in
config.c.
- CVE-2025-48384
* SECURITY UPDATE: Protocol injection potentially leading to arbitrary code
execution.
- debian/patches/CVE-2025-48385.patch: Add URI and filename checks in
bundle-uri.c.
- CVE-2025-48385
* SECURITY UPDATE: Buffer overflow.
- debian/patches/CVE-2025-48386.patch: Add target_append function and
change wcsncat calls to target_append in
contrib/credential/wincred/git-credential-wincred.c.
- CVE-2025-48386
-- Hlib Korzhynskyy <email address hidden> Thu, 03 Jul 2025 15:58:19 -0230
|
| Source diff to previous version |
| CVE-2025-48384 |
Git is a fast, scalable, distributed revision control system with an u ... |
| CVE-2025-48385 |
Git is a fast, scalable, distributed revision control system with an u ... |
| CVE-2025-48386 |
Git is a fast, scalable, distributed revision control system with an u ... |
|
|
git (1:2.45.2-1ubuntu1.1) oracular-security; urgency=medium
* SECURITY UPDATE: crafted URL susceptibility
- debian/patches/CVE-2024-50349-1.patch: sanitize credentials
in credential.c, strbuf.c, strbuf.h,
t/t0300-credentials.sh.
- debian/patches/CVE-2024-50349-2.patch: credential sanitize
the user prompt in credential.c, credential.h,
t/t0300-credentials.sh, t/t5541-http-push-smart.sh,
t/t5550-http-fetch-dumb.sh, t/t5551-http-fetch-smart.sh.
- CVE-2024-50349
* SECURITY UPDATE: Git may pass on Carriage Returns
- debian/patches/CVE-2024-52006.patch: disallow carriage
returns in the protocol by default in credential.c,
credential.h, t/t0300-credentials.sh.
- CVE-2024-52006
-- Leonidas Da Silva Barbosa <email address hidden> Mon, 13 Jan 2025 16:42:59 -0300
|
| CVE-2024-50349 |
Git is a fast, scalable, distributed revision control system with an u ... |
| CVE-2024-52006 |
Git is a fast, scalable, distributed revision control system with an u ... |
|
About
-
Send Feedback to @ubuntu_updates
