エラータID: AXSA:2023-4991:01

Release date: 
Tuesday, February 7, 2023 - 10:13
Affected Channels: 
Asianux Server 8 for x86_64

Git is a distributed revision control system with a decentralized architecture. As opposed to centralized version control systems with a client-server model, Git ensures that each working copy of a Git repository is an exact copy with complete revision history. This not only allows the user to work on and contribute to projects without the need to have permission to push the changes to their official repositories, but also makes it possible for the user to work with no network connection.

Security Fix(es):

* git: gitattributes parsing integer overflow (CVE-2022-23521)
* git: Heap overflow in `git archive`, `git log --format` leading to RCE (CVE-2022-41903)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Git is distributed revision control system. gitattributes are a mechanism to allow defining attributes for paths. These attributes can be defined by adding a `.gitattributes` file to the repository, which contains a set of file patterns and the attributes that should be set for paths matching this pattern. When parsing gitattributes, multiple integer overflows can occur when there is a huge number of path patterns, a huge number of attributes for a single pattern, or when the declared attribute names are huge. These overflows can be triggered via a crafted `.gitattributes` file that may be part of the commit history. Git silently splits lines longer than 2KB when parsing gitattributes from a file, but not when parsing them from the index. Consequentially, the failure mode depends on whether the file exists in the working tree, the index or both. This integer overflow can result in arbitrary heap reads and writes, which may result in remote code execution. The problem has been patched in the versions published on 2023-01-17, going back to v2.30.7. Users are advised to upgrade. There are no known workarounds for this issue.
Git is distributed revision control system. `git log` can display commits in an arbitrary format using its `--format` specifiers. This functionality is also exposed to `git archive` via the `export-subst` gitattribute. When processing the padding operators, there is a integer overflow in `pretty.c::format_and_pad_commit()` where a `size_t` is stored improperly as an `int`, and then added as an offset to a `memcpy()`. This overflow can be triggered directly by a user running a command which invokes the commit formatting machinery (e.g., `git log --format=...`). It may also be triggered indirectly through git archive via the export-subst mechanism, which expands format specifiers inside of files within the repository during a git archive. This integer overflow can result in arbitrary heap writes, which may result in arbitrary code execution. The problem has been patched in the versions published on 2023-01-17, going back to v2.30.7. Users are advised to upgrade. Users who are unable to upgrade should disable `git archive` in untrusted repositories. If you expose git archive via `git daemon`, disable it by running `git config --global daemon.uploadArch false`.


Update packages.

Additional Info: 



  1. git-2.31.1-3.el8.src.rpm
    MD5: d5b63074a1e5021b86b7417529dbd176
    SHA-256: 11874e452576a9861f1e7f552e96f762dca0481c96caae49ef14d18739bcefd3
    Size: 6.21 MB

Asianux Server 8 for x86_64
  1. git-2.31.1-3.el8.x86_64.rpm
    MD5: 5fcfbc59f19a2757dc9417d51bf533b1
    SHA-256: 662a771251a295e5661016223ae6325dd4782af16dd77bb44e2a4d4b75e807c9
    Size: 160.49 kB
  2. git-all-2.31.1-3.el8.noarch.rpm
    MD5: 635498a747d9ab73f93998df1a18c045
    SHA-256: a6e152b1f26401dca73287c8fa9b3a66c8719017fb807a07f4c0171ff977f75c
    Size: 47.58 kB
  3. git-core-2.31.1-3.el8.x86_64.rpm
    MD5: fda63baee435a33ba4014a6a392026c9
    SHA-256: 884e686efa918c9af24fe45fef43ef96c862d79fbbe1873c5321da89d3f9b7fb
    Size: 4.75 MB
  4. git-core-doc-2.31.1-3.el8.noarch.rpm
    MD5: 226bd2ff30d2854d1a29e2b9c03af5de
    SHA-256: dadd91a52a8d46eca86150250293e0cf73746c37a71b77fab390040934820c6f
    Size: 2.65 MB
  5. git-credential-libsecret-2.31.1-3.el8.x86_64.rpm
    MD5: 262cb71a6dc897cf363e72a2e4b0a4cd
    SHA-256: b07f94c39bcca0e504a70b4011926161e784dc04c3a19a4a215404c6f0d0eac1
    Size: 54.11 kB
  6. git-daemon-2.31.1-3.el8.x86_64.rpm
    MD5: 77406b034f98810a96545da792d2a9a2
    SHA-256: 1c2e8b8f131bfc9eed1a2acb63e37cb67c26cd8960430bc9fa27d8cccb46c596
    Size: 862.77 kB
  7. git-email-2.31.1-3.el8.noarch.rpm
    MD5: 9a378057dbf8f778da2a635761366889
    SHA-256: 61bff82aa98be65c0b238d813f375966d48800c985875a731c142dae1fab5845
    Size: 89.00 kB
  8. git-gui-2.31.1-3.el8.noarch.rpm
    MD5: 2186451aad0262972998971996ae8677
    SHA-256: 7334ea44c8e610cd39271afe260de4ab51224f11fd86d296df5a3952daaaafb6
    Size: 305.72 kB
  9. git-instaweb-2.31.1-3.el8.noarch.rpm
    MD5: 95e09858fd917adf14d4748040cc1e3d
    SHA-256: f41f07899d6f1768e8d673180288334268f39d53c57472bf0aaa3c7be015e2f9
    Size: 62.62 kB
  10. git-subtree-2.31.1-3.el8.x86_64.rpm
    MD5: bf987d42893a8ad34e2d54bce8eaf2f0
    SHA-256: 74d8d377689cccb6a2309fe744e15d4216495baf716a6484a5f44f428d622329
    Size: 69.71 kB
  11. git-svn-2.31.1-3.el8.noarch.rpm
    MD5: 3b84898d6c3c0fb8a8eb4ae8e4cdd932
    SHA-256: 191f807708b3c32a4850d1c3c473a4dbd983f4d83d5bf14d26c9d08334f15aea
    Size: 110.08 kB
  12. gitk-2.31.1-3.el8.noarch.rpm
    MD5: 034c5cb8458b836d95ab5c42fc893080
    SHA-256: 37f042815f1d9a62c976d3fd12b493337c8316fbe3eb3725264afef45d70d069
    Size: 208.15 kB
  13. gitweb-2.31.1-3.el8.noarch.rpm
    MD5: c2f0be5f1124ab22fdb577f11ed13db1
    SHA-256: c25b9dc3d0800a2cf1688a17e9fe57e4579bbf3ddab7ff02cc5ffaf736e7d2ba
    Size: 188.71 kB
  14. perl-Git-2.31.1-3.el8.noarch.rpm
    MD5: 8d815ba68e79c34c2fe3f7cd5aacc0da
    SHA-256: 8e901f6613f810c1681f6a60b1b159ff44a251e642913e1028765750dd49157f
    Size: 77.14 kB
  15. perl-Git-SVN-2.31.1-3.el8.noarch.rpm
    MD5: da2f8156ebfd391c98d7f2288ce66ded
    SHA-256: dff3f583cf46ec630e014466abc42d72fd1c2acf1d3e840aec6623cf81871e53
    Size: 93.99 kB