Ubuntu 19.10: USN-4329-1 Critical: Git Sensitive Data Exposure
ubuntu
April 14, 2020
Git could be made to expose sensitive information.
Summary
Git could be made to expose sensitive information.
Software Description:
- git: fast, scalable, distributed revision control system
Details:
Felix Wilhelm discovered that Git incorrectly handled certain URLs that
included newlines. A remote attacker could possibly use this issue to trick
Git into returning credential information for a wrong host.
Topics Covered
Update Instructions
The problem can be corrected by updating your system to the following package versions: Ubuntu 19.10: git 1:2.20.1-2ubuntu1.19.10.2 Ubuntu 18.04 LTS: git 1:2.17.1-1ubuntu0.6 Ubuntu 16.04 LTS: git 1:2.7.4-0ubuntu1.8 In general, a standard system update will make all the necessary changes.
References
https://ubuntu.com/security/notices/USN-4329-1
CVE-2020-5260
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
April 14, 2020
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!