USN-6050-1: Git vulnerabilities
1 May 2023
Several security issues were fixed in Git.
Releases
Packages
- git - fast, scalable, distributed revision control system
Details
It was discovered that Git incorrectly handled certain commands.
An attacker could possibly use this issue to overwriting some paths.
(CVE-2023-25652)
Maxime Escourbiac and Yassine BENGANA discovered that Git incorrectly
handled some gettext machinery. An attacker could possibly use this issue
to allows the malicious placement of crafted messages. (CVE-2023-25815)
André Baptista and Vítor Pinho discovered that Git incorrectly handled
certain configurations. An attacker could possibly use this issue
to arbitrary configuration injection. (CVE-2023-29007)
Update instructions
The problem can be corrected by updating your system to the following package versions:
Ubuntu 23.04
Ubuntu 22.10
Ubuntu 22.04
Ubuntu 20.04
Ubuntu 18.04
In general, a standard system update will make all the necessary changes.