git-1.8.3.1-25.0.6.el7.AXS7

エラータID: AXSA:2025-10998:13

Release date: 
Tuesday, October 28, 2025 - 10:16
Subject: 
git-1.8.3.1-25.0.6.el7.AXS7
Affected Channels: 
Asianux Server 7 for x86_64
Severity: 
Low
Description: 

Git is a fast, scalable, distributed revision control system with an
unusually rich command set that provides both high-level operations
and full access to internals.

The git rpm installs the core tools with minimal dependencies. To
install all git packages, including tools for integrating with other
SCMs, install the git-all meta-package.

Security Fix(es):

* CVE-2025-46835: prevent malicious creating and overwriting of user's files

CVE(s):
CVE-2025-46835
Git GUI allows you to use the Git source control management tools via a GUI. When a user clones an untrusted repository and is tricked into editing a file located in a maliciously named directory in the repository, then Git GUI can create and overwrite files for which the user has write permission. This vulnerability is fixed in 2.43.7, 2.44.4, 2.45.4, 2.46.4, 2.47.3, 2.48.2, 2.49.1, and 2.50.1.

Solution: 

Update packages.

CVEs: 
CVE-2025-46835
Git GUI allows you to use the Git source control management tools via a GUI. When a user clones an untrusted repository and is tricked into editing a file located in a maliciously named directory in the repository, then Git GUI can create and overwrite files for which the user has write permission. This vulnerability is fixed in 2.43.7, 2.44.4, 2.45.4, 2.46.4, 2.47.3, 2.48.2, 2.49.1, and 2.50.1.
Additional Info: 

N/A

Download: 

Asianux Server 7 for x86_64
  1. git-1.8.3.1-25.0.6.el7.AXS7.x86_64.rpm
    MD5: 047901aaff357687bffa09045f19fa6b
    SHA-256: 2647514546c9e621a3e0a1ef7a443253cba52dd62e87cefa966b9a8e669600b5
    Size: 4.41 MB
  2. perl-Git-1.8.3.1-25.0.6.el7.AXS7.noarch.rpm
    MD5: 9e4ac89f4952629bbb6101d4c296154e
    SHA-256: dd343068f8e3552b7cda34844362fb8eb2675203554263389d485fc15b04ad22
    Size: 56.32 kB