git-2.31.1-3.el9
エラータID: AXSA:2023-4994:02
Git is a distributed revision control system with a decentralized architecture. As opposed to centralized version control systems with a client-server model, Git ensures that each working copy of a Git repository is an exact copy with complete revision history. This not only allows the user to work on and contribute to projects without the need to have permission to push the changes to their official repositories, but also makes it possible for the user to work with no network connection.
Security Fix(es):
* git: gitattributes parsing integer overflow (CVE-2022-23521)
* git: Heap overflow in `git archive`, `git log --format` leading to RCE (CVE-2022-41903)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
CVE-2022-23521
Git is distributed revision control system. gitattributes are a mechanism to allow defining attributes for paths. These attributes can be defined by adding a `.gitattributes` file to the repository, which contains a set of file patterns and the attributes that should be set for paths matching this pattern. When parsing gitattributes, multiple integer overflows can occur when there is a huge number of path patterns, a huge number of attributes for a single pattern, or when the declared attribute names are huge. These overflows can be triggered via a crafted `.gitattributes` file that may be part of the commit history. Git silently splits lines longer than 2KB when parsing gitattributes from a file, but not when parsing them from the index. Consequentially, the failure mode depends on whether the file exists in the working tree, the index or both. This integer overflow can result in arbitrary heap reads and writes, which may result in remote code execution. The problem has been patched in the versions published on 2023-01-17, going back to v2.30.7. Users are advised to upgrade. There are no known workarounds for this issue.
CVE-2022-41903
Git is distributed revision control system. `git log` can display commits in an arbitrary format using its `--format` specifiers. This functionality is also exposed to `git archive` via the `export-subst` gitattribute. When processing the padding operators, there is a integer overflow in `pretty.c::format_and_pad_commit()` where a `size_t` is stored improperly as an `int`, and then added as an offset to a `memcpy()`. This overflow can be triggered directly by a user running a command which invokes the commit formatting machinery (e.g., `git log --format=...`). It may also be triggered indirectly through git archive via the export-subst mechanism, which expands format specifiers inside of files within the repository during a git archive. This integer overflow can result in arbitrary heap writes, which may result in arbitrary code execution. The problem has been patched in the versions published on 2023-01-17, going back to v2.30.7. Users are advised to upgrade. Users who are unable to upgrade should disable `git archive` in untrusted repositories. If you expose git archive via `git daemon`, disable it by running `git config --global daemon.uploadArch false`.
Update packages.
Git is distributed revision control system. gitattributes are a mechanism to allow defining attributes for paths. These attributes can be defined by adding a `.gitattributes` file to the repository, which contains a set of file patterns and the attributes that should be set for paths matching this pattern. When parsing gitattributes, multiple integer overflows can occur when there is a huge number of path patterns, a huge number of attributes for a single pattern, or when the declared attribute names are huge. These overflows can be triggered via a crafted `.gitattributes` file that may be part of the commit history. Git silently splits lines longer than 2KB when parsing gitattributes from a file, but not when parsing them from the index. Consequentially, the failure mode depends on whether the file exists in the working tree, the index or both. This integer overflow can result in arbitrary heap reads and writes, which may result in remote code execution. The problem has been patched in the versions published on 2023-01-17, going back to v2.30.7. Users are advised to upgrade. There are no known workarounds for this issue.
Git is distributed revision control system. `git log` can display commits in an arbitrary format using its `--format` specifiers. This functionality is also exposed to `git archive` via the `export-subst` gitattribute. When processing the padding operators, there is a integer overflow in `pretty.c::format_and_pad_commit()` where a `size_t` is stored improperly as an `int`, and then added as an offset to a `memcpy()`. This overflow can be triggered directly by a user running a command which invokes the commit formatting machinery (e.g., `git log --format=...`). It may also be triggered indirectly through git archive via the export-subst mechanism, which expands format specifiers inside of files within the repository during a git archive. This integer overflow can result in arbitrary heap writes, which may result in arbitrary code execution. The problem has been patched in the versions published on 2023-01-17, going back to v2.30.7. Users are advised to upgrade. Users who are unable to upgrade should disable `git archive` in untrusted repositories. If you expose git archive via `git daemon`, disable it by running `git config --global daemon.uploadArch false`.
N/A
SRPMS
- git-2.31.1-3.el9.src.rpm
MD5: 805a6204b296f3b6aa0dfee48fb94fda
SHA-256: d2c3f3b1d2b52bfe8e590481b187b799271a7349aa9879d111c87c05568841fa
Size: 6.17 MB
Asianux Server 9 for x86_64
- git-2.31.1-3.el9.x86_64.rpm
MD5: 6764c97d098b5d6808c4e7bb6b978fa3
SHA-256: afdd0f6fa952e5d99d091d0baed8374f00836f7304086931b7269448b4f03fb3
Size: 115.62 kB - git-all-2.31.1-3.el9.noarch.rpm
MD5: 0d6380ef757effd8fd9506643a4adc8f
SHA-256: ee24d50b7aee46c5bb2b8b58360a9b44aac34d7cb1889efba45f5f5464f6a326
Size: 8.30 kB - git-core-2.31.1-3.el9.x86_64.rpm
MD5: 6de58b9a1d2f428571d369d4714dd103
SHA-256: 06caded6bb1a16e01e814d7351abf814d0e372cf2f91d3c75e89f71fa6237a56
Size: 3.58 MB - git-core-doc-2.31.1-3.el9.noarch.rpm
MD5: b59d0f3e7feb5ccb142e8298bda79aab
SHA-256: f3831b7fadec406498d51df7fc7bd8dd6eb0f605f8633a629ece58c2e3658f58
Size: 2.28 MB - git-credential-libsecret-2.31.1-3.el9.x86_64.rpm
MD5: 3d21b1dc9cade36bcb0a0f644b4631df
SHA-256: 929c3c746f9fba82e187223d508851683921151e521b2ce5648455b79b46daf1
Size: 14.56 kB - git-daemon-2.31.1-3.el9.x86_64.rpm
MD5: 654e49f4afa549cbff78486f0fbead7a
SHA-256: 3eec228f6b228aaec0ae8a857e90fa1f672bcefd1cbff989b296979fd430210d
Size: 261.89 kB - git-email-2.31.1-3.el9.noarch.rpm
MD5: e8e104181f86622795d1c382264d5eba
SHA-256: a7a6f789c4073ce011dd8438e519297823f75f26ff01e2a55044e3cdb84b62ef
Size: 50.47 kB - git-gui-2.31.1-3.el9.noarch.rpm
MD5: 7a6b09f5f4955c4d69e06cb3b224d979
SHA-256: 6171e50f16b53c8dfce0ada115c3ba014ebe3bbe6c89eb2bfe9391cb4d1640c5
Size: 243.26 kB - git-instaweb-2.31.1-3.el9.noarch.rpm
MD5: 141e5866646cfdc57fd0f5b711cf3eb2
SHA-256: 69f83579381d5bf0f19917929bd70e1a1beb736323a004638acb16260bb9d560
Size: 25.81 kB - gitk-2.31.1-3.el9.noarch.rpm
MD5: fb3077bb5511e5b95432a20f49b7ad72
SHA-256: ced4f7eddf0823cea6d49c4b547de1fe7550de358465c82de4782d244041e7c5
Size: 157.45 kB - git-subtree-2.31.1-3.el9.x86_64.rpm
MD5: a202290503d8b0b93c41502a5ad1c7c3
SHA-256: 6575abac0fe1a0fa3337d7a096d8f0a16cb5d58b0762c8184ff1f6c5082f3c3e
Size: 32.37 kB - git-svn-2.31.1-3.el9.noarch.rpm
MD5: 12bcf573e092726666e096251542d8c0
SHA-256: 27b23068a85531ad412d85ba8baccce7ff30bd489d9cc0204b259a88a512cffd
Size: 70.09 kB - gitweb-2.31.1-3.el9.noarch.rpm
MD5: b473cc7308927af9832a019b1def7cce
SHA-256: eef6e3836ab4b5b5d97871fbfd714b1114768d558b9fd50db205b6c93104fac8
Size: 143.26 kB - perl-Git-2.31.1-3.el9.noarch.rpm
MD5: 584791101e3581a55d34d5cac8f56fb2
SHA-256: df16e80803df49337185660b0fc85163a215498150baba28a98872756324b92d
Size: 37.64 kB - perl-Git-SVN-2.31.1-3.el9.noarch.rpm
MD5: 9fb1cade1843fd0c3449bfdbfad6527e
SHA-256: 9ddcead3ab9def2afd93331d806457ad685063b13b08e525ea8eb76fc4604c59
Size: 52.36 kB