git-2.43.5-3.el8_10

エラータID: AXSA:2025-9978:03

リリース日: 
2025/06/04 Wednesday - 16:20
題名: 
git-2.43.5-3.el8_10
影響のあるチャネル: 
Asianux Server 8 for x86_64
Severity: 
Moderate
Description: 

以下項目について対処しました。

[Security Fix]
- Git には、サイドバンドチャンネルを用いてサーバーからクライアント
の標準エラー出力に対しサニタイズされていない出力を許容してしまう
問題があるため、リモートの攻撃者により、細工された応答を介して、
任意の端末制御文字の実行を可能とする脆弱性が存在します。
(CVE-2024-52005)

解決策: 

パッケージをアップデートしてください。

CVE: 
CVE-2024-52005
Git is a source code management tool. When cloning from a server (or fetching, or pushing), informational or error messages are transported from the remote Git process to the client via the so-called "sideband channel". These messages will be prefixed with "remote:" and printed directly to the standard error output. Typically, this standard error output is connected to a terminal that understands ANSI escape sequences, which Git did not protect against. Most modern terminals support control sequences that can be used by a malicious actor to hide and misrepresent information, or to mislead the user into executing untrusted scripts. As requested on the git-security mailing list, the patches are under discussion on the public mailing list. Users are advised to update as soon as possible. Users unable to upgrade should avoid recursive clones unless they are from trusted sources.
追加情報: 

N/A

ダウンロード: 

SRPMS
  1. git-2.43.5-3.el8_10.src.rpm
    MD5: 0787597016efe86b127cf872dc5c0c24
    SHA-256: e75e6938487ae52642eccc0d3467e8a0b4d145e43558100637b0e4abfe95bec7
    Size: 7.15 MB

Asianux Server 8 for x86_64
  1. git-2.43.5-3.el8_10.x86_64.rpm
    MD5: 4bba5cd4f5a2b70e643c8624b6e06f93
    SHA-256: eb84f4dfdd2c6d6412d4e4db54f09b4cb383b01169fa1f3a6a598d4b51d0a881
    Size: 91.43 kB
  2. git-all-2.43.5-3.el8_10.noarch.rpm
    MD5: 095b619f37f93be4de99d7fc592a424f
    SHA-256: 72bc1996e745d07820203eb96e13e47448202b32d5bc3735138cb687fb46b1c6
    Size: 48.25 kB
  3. git-core-2.43.5-3.el8_10.x86_64.rpm
    MD5: e13522d3a4e4d676dadbfe8154ea344a
    SHA-256: 40a355b0c029f87c16f538be34fecbdfaba08048fbb7815e945dfb41bc29b2d9
    Size: 11.09 MB
  4. git-core-doc-2.43.5-3.el8_10.noarch.rpm
    MD5: 4da5b92ee0dd8c4e184c291f79387a6f
    SHA-256: 3998463ebce04d79d8239573dbd9cff4b3c9260b597986912db545a731f48e7c
    Size: 3.06 MB
  5. git-credential-libsecret-2.43.5-3.el8_10.x86_64.rpm
    MD5: 280866554711a7321b929f0f5a68cc8e
    SHA-256: 7e989b01449fd12536694d7f01aaa41908f66c6e6fda2ed40776fd89561b5470
    Size: 55.29 kB
  6. git-daemon-2.43.5-3.el8_10.x86_64.rpm
    MD5: 7da2baab0110f932534869a211a5a8d9
    SHA-256: c2f7d8f1022621d2b4ebbc2f419ef0fe80798e901ef3b8961df80deead0fcac6
    Size: 1.05 MB
  7. git-email-2.43.5-3.el8_10.noarch.rpm
    MD5: 61cda590361f61a190b0c2eb1ea4d39e
    SHA-256: ff25c63bbc77d6e4a0aec2b7c84fe9731ff20a2e4645496f6298638d3737dd00
    Size: 93.39 kB
  8. git-gui-2.43.5-3.el8_10.noarch.rpm
    MD5: ef40933e9c1c4847727089a3f52c3d4c
    SHA-256: c065ab2bf64a98d9a3029cd5cb68798623fc736395592b15892cf143b9aa0cf6
    Size: 305.92 kB
  9. git-instaweb-2.43.5-3.el8_10.noarch.rpm
    MD5: 79ab8a5c75e9a58d6e1147acd704bfaa
    SHA-256: 20386e98b75c4491dc591d808be9094f0d2a942570cfd38ff16569a3a56a6038
    Size: 63.15 kB
  10. gitk-2.43.5-3.el8_10.noarch.rpm
    MD5: 382446d2e47d09be1fa43dc2d2b59f73
    SHA-256: 8ea2534178dd973c4954c94811d4d83cc10cf69da15ddb540cecc10e84b6fde5
    Size: 208.97 kB
  11. git-subtree-2.43.5-3.el8_10.x86_64.rpm
    MD5: 099599868d98d43b7c18ade95aa81bc3
    SHA-256: 04152f9980bd2dda721692ff164a7b8e15a58ce52e5f44f10003c9a16323ce91
    Size: 72.85 kB
  12. git-svn-2.43.5-3.el8_10.noarch.rpm
    MD5: 4c6dc661a393653a7fda28a287228fe1
    SHA-256: 89fef3cc1ed1e0b7d8dc3cce8e50101b6b0adca0788e4e7cfcbfe8900f323302
    Size: 110.58 kB
  13. gitweb-2.43.5-3.el8_10.noarch.rpm
    MD5: b42ed96872c209a6242011c96dafcf3d
    SHA-256: a2ad35b6126bfbbcf25ead3c8c0919bc263ed50fed5f4da957af98258c9462d6
    Size: 189.96 kB
  14. perl-Git-2.43.5-3.el8_10.noarch.rpm
    MD5: d267f5916c53359936fd3171e410e35c
    SHA-256: 91783570c32e6c2e099c3ead290b867cafbcccd6ded5b67fb48568696101d6a2
    Size: 78.02 kB
  15. perl-Git-SVN-2.43.5-3.el8_10.noarch.rpm
    MD5: 5e2647aa71a0e56ff7e3eb9b2026b870
    SHA-256: 787540d9f3d78e373ac636c247d5771138404d5a08af36677e06b240c33d2522
    Size: 94.74 kB