git-1.8.3.1-25.0.5.el7.AXS7
エラータID: AXSA:2025-10788:12
リリース日:
2025/09/01 Monday - 10:10
題名:
git-1.8.3.1-25.0.5.el7.AXS7
影響のあるチャネル:
Asianux Server 7 for x86_64
Severity:
Moderate
Description:
以下項目について対処しました。
[Security Fix]
- git には、リモートの攻撃者により、不正なファイル作成、切り捨て
を可能とする脆弱性が存在します。(CVE-2025-27613)
解決策:
パッケージをアップデートしてください。
CVE:
CVE-2025-27613
Gitk is a Tcl/Tk based Git history browser. Starting with 1.7.0, when a user clones an untrusted repository and runs gitk without additional command arguments, files for which the user has write permission can be created and truncated. The option Support per-file encoding must have been enabled before in Gitk's Preferences. This option is disabled by default. The same happens when Show origin of this line is used in the main window (regardless of whether Support per-file encoding is enabled or not). This vulnerability is fixed in 2.43.7, 2.44.4, 2.45.4, 2.46.4, 2.47.3, 2.48.2, 2.49.1, and 2.50.1.
Gitk is a Tcl/Tk based Git history browser. Starting with 1.7.0, when a user clones an untrusted repository and runs gitk without additional command arguments, files for which the user has write permission can be created and truncated. The option Support per-file encoding must have been enabled before in Gitk's Preferences. This option is disabled by default. The same happens when Show origin of this line is used in the main window (regardless of whether Support per-file encoding is enabled or not). This vulnerability is fixed in 2.43.7, 2.44.4, 2.45.4, 2.46.4, 2.47.3, 2.48.2, 2.49.1, and 2.50.1.
追加情報:
N/A
ダウンロード:
Asianux Server 7 for x86_64
- git-1.8.3.1-25.0.5.el7.AXS7.x86_64.rpm
MD5: 88cad8ffcad53068347f88a49b83ad0e
SHA-256: ea4c9c9784590e7dac60f77ced2b4d9af0c724aed299f61a62bf3240729262f1
Size: 4.41 MB - perl-Git-1.8.3.1-25.0.5.el7.AXS7.noarch.rpm
MD5: cf00a738247f89abb94310fe6d5b4ed5
SHA-256: 49ffc8fc746c0d2ad032d41f6b97bfc76c3806b1b110545ff3dadeda83163c8f
Size: 56.17 kB
English