git-1.8.3.1-20.el7
エラータID: AXSA:2019-3447:01
Git is a distributed revision control system with a decentralized architecture. As opposed to centralized version control systems with a client-server model, Git ensures that each working copy of a Git repository is an exact copy with complete revision history. This not only allows the user to work on and contribute to projects without the need to have permission to push the changes to their official repositories, but also makes it possible for the user to work with no network connection.
Security Fix(es):
* git: arbitrary code execution via .gitmodules (CVE-2018-17456)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
CVE-2018-17456
Git before 2.14.5, 2.15.x before 2.15.3, 2.16.x before 2.16.5, 2.17.x before 2.17.2, 2.18.x before 2.18.1, and 2.19.x before 2.19.1 allows remote code execution during processing of a recursive "git clone" of a superproject if a .gitmodules file has a URL field beginning with a '-' character.
Update packages.
Git before 2.14.5, 2.15.x before 2.15.3, 2.16.x before 2.16.5, 2.17.x before 2.17.2, 2.18.x before 2.18.1, and 2.19.x before 2.19.1 allows remote code execution during processing of a recursive "git clone" of a superproject if a .gitmodules file has a URL field beginning with a '-' character.
N/A
SRPMS
- git-1.8.3.1-20.el7.src.rpm
MD5: c51328ef2109de30be29e71e425db211
SHA-256: 30941c20e44cccf725a0db42c209cede1dfb165d6d2489433abe1e83b17e9667
Size: 4.37 MB
Asianux Server 7 for x86_64
- git-1.8.3.1-20.el7.x86_64.rpm
MD5: 6eff1f28bcaf48bd52bd26e9d0563a23
SHA-256: ca42fd472a502634814b18cafdba8c6012a4aa57434a3d32e18e46140a53d957
Size: 4.39 MB - perl-Git-1.8.3.1-20.el7.noarch.rpm
MD5: f3f227d5b6d705462992aa3532b88e88
SHA-256: fc3f96629c93eb68afc7cfee6d1689ca8231683a2973ad5a2d78aede8dfabda7
Size: 54.45 kB
日本語