Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 568
Alerts This Week
Warning Icon 1 568

Ubuntu 22.04 LTS USN-5376-3: Git Regression Critical Fix

ubuntu
Calendar Grey April 26, 2022
Dist Ubuntu Esm H88
Follow these steps on Ubuntu to fix absent Git patches regarding security issues identified as of April 26, 2022, for enhanced security and compliance
UNS-5376-1 was missing patches to properly fix the addressed issues.

Summary

UNS-5376-1 was missing patches to properly fix the addressed issues.

Software Description:

- git: fast, scalable, distributed revision control system

Details:

USN-5376-1 fixed vulnerabilities in Git, some patches were missing to properly fix

the issue. This update fixes the problem.

Original advisory details:

俞晨东 discovered that Git incorrectly handled certain repository paths

in platforms with multiple users support. An attacker could possibly use

this issue to run arbitrary commands.

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 22.04 LTS:
  git                             1:2.34.1-1ubuntu1.2

Ubuntu 21.10:
  git                             1:2.32.0-1ubuntu1.2

Ubuntu 20.04 LTS:
  git                             1:2.25.1-1ubuntu3.4

Ubuntu 18.04 LTS:
  git                             1:2.17.1-1ubuntu0.11

In general, a standard system update will make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-5376-3

https://ubuntu.com/security/notices/USN-5376-1

https://bugs.launchpad.net/ubuntu/+source/git/+bug/1970260

Severity
critical
Lowest
Low
Medium
High
Critical

April 26, 2022

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.