git-1.8.3.1-25.el7
エラータID: AXSA:2023-5487:04
リリース日:
2023/05/24 Wednesday - 00:21
題名:
git-1.8.3.1-25.el7
影響のあるチャネル:
Asianux Server 7 for x86_64
Severity:
High
Description:
以下項目について対処しました。
[Security Fix]
- Git の git apply --reject コマンドには、リモートの攻撃者により、
巧妙に細工されたパッチを介して、作業ツリーの外部にあるファイル
の上書きを可能とする脆弱性が存在します。(CVE-2023-25652)
- Git の config.c の git_config_copy_or_rename_section_in_file()
関数には、config ファイルのセクションを削除する際にユーザーの
$GIT_DIR_config ファイルに任意の設定を挿入できてしまう問題が
あるため、ローカルの攻撃者により、1024 文字を超えるサブ
モジュールの URL を含むように巧妙に細工した .gitmodules ファイルを
介して、任意のコードの実行を可能とする脆弱性が存在します。
(CVE-2023-29007)
解決策:
パッケージをアップデートしてください。
CVE:
CVE-2023-25652
Git is a revision control system. Prior to versions 2.30.9, 2.31.8, 2.32.7, 2.33.8, 2.34.8, 2.35.8, 2.36.6, 2.37.7, 2.38.5, 2.39.3, and 2.40.1, by feeding specially crafted input to `git apply --reject`, a path outside the working tree can be overwritten with partially controlled contents (corresponding to the rejected hunk(s) from the given patch). A fix is available in versions 2.30.9, 2.31.8, 2.32.7, 2.33.8, 2.34.8, 2.35.8, 2.36.6, 2.37.7, 2.38.5, 2.39.3, and 2.40.1. As a workaround, avoid using `git apply` with `--reject` when applying patches from an untrusted source. Use `git apply --stat` to inspect a patch before applying; avoid applying one that create a conflict where a link corresponding to the `*.rej` file exists.
Git is a revision control system. Prior to versions 2.30.9, 2.31.8, 2.32.7, 2.33.8, 2.34.8, 2.35.8, 2.36.6, 2.37.7, 2.38.5, 2.39.3, and 2.40.1, by feeding specially crafted input to `git apply --reject`, a path outside the working tree can be overwritten with partially controlled contents (corresponding to the rejected hunk(s) from the given patch). A fix is available in versions 2.30.9, 2.31.8, 2.32.7, 2.33.8, 2.34.8, 2.35.8, 2.36.6, 2.37.7, 2.38.5, 2.39.3, and 2.40.1. As a workaround, avoid using `git apply` with `--reject` when applying patches from an untrusted source. Use `git apply --stat` to inspect a patch before applying; avoid applying one that create a conflict where a link corresponding to the `*.rej` file exists.
CVE-2023-29007
Git is a revision control system. Prior to versions 2.30.9, 2.31.8, 2.32.7, 2.33.8, 2.34.8, 2.35.8, 2.36.6, 2.37.7, 2.38.5, 2.39.3, and 2.40.1, a specially crafted `.gitmodules` file with submodule URLs that are longer than 1024 characters can used to exploit a bug in `config.c::git_config_copy_or_rename_section_in_file()`. This bug can be used to inject arbitrary configuration into a user's `$GIT_DIR/config` when attempting to remove the configuration section associated with that submodule. When the attacker injects configuration values which specify executables to run (such as `core.pager`, `core.editor`, `core.sshCommand`, etc.) this can lead to a remote code execution. A fix A fix is available in versions 2.30.9, 2.31.8, 2.32.7, 2.33.8, 2.34.8, 2.35.8, 2.36.6, 2.37.7, 2.38.5, 2.39.3, and 2.40.1. As a workaround, avoid running `git submodule deinit` on untrusted repositories or without prior inspection of any submodule sections in `$GIT_DIR/config`.
Git is a revision control system. Prior to versions 2.30.9, 2.31.8, 2.32.7, 2.33.8, 2.34.8, 2.35.8, 2.36.6, 2.37.7, 2.38.5, 2.39.3, and 2.40.1, a specially crafted `.gitmodules` file with submodule URLs that are longer than 1024 characters can used to exploit a bug in `config.c::git_config_copy_or_rename_section_in_file()`. This bug can be used to inject arbitrary configuration into a user's `$GIT_DIR/config` when attempting to remove the configuration section associated with that submodule. When the attacker injects configuration values which specify executables to run (such as `core.pager`, `core.editor`, `core.sshCommand`, etc.) this can lead to a remote code execution. A fix A fix is available in versions 2.30.9, 2.31.8, 2.32.7, 2.33.8, 2.34.8, 2.35.8, 2.36.6, 2.37.7, 2.38.5, 2.39.3, and 2.40.1. As a workaround, avoid running `git submodule deinit` on untrusted repositories or without prior inspection of any submodule sections in `$GIT_DIR/config`.
追加情報:
N/A
ダウンロード:
SRPMS
- git-1.8.3.1-25.el7.src.rpm
MD5: 5017e967b396369f55ab2362036b1af8
SHA-256: 3ae6209a2c6b15e8a6122c865c404eb356355e4175e646311cbbf883b01f247c
Size: 4.40 MB
Asianux Server 7 for x86_64
- git-1.8.3.1-25.el7.x86_64.rpm
MD5: 55936c4a62c3a8abd5ee1a5a78394e91
SHA-256: a5ff359bf4a36130a2d5cd2840747c4fb2787dcad077fcf048c439c89f7f2762
Size: 4.40 MB - perl-Git-1.8.3.1-25.el7.noarch.rpm
MD5: 117f988d5821f5bf60d6c99a321c5f28
SHA-256: 893a0e88a3b5cf5223d74d22cbdcb6a6cf43f207cf6b8fafd077ae19c887fa49
Size: 55.17 kB