Alerts This Week
Warning Icon 1 677
Alerts This Week
Warning Icon 1 677

Ubuntu 22.04 LTS USN-5376-3: Git Regression Critical Fix

Calendar Apr 26, 2022 User Avatar LinuxSecurity Advisories
1 - 2 min read
Ubuntu Large Esm H500
Topics%20covered

Topics Covered

security advisory critical remote update instructions arbitrary commands ubuntu regression fix git
UNS-5376-1 was missing patches to properly fix the addressed issues. 
=========================================================================Ubuntu Security Notice USN-5376-3
April 26, 2022

git regression
=========================================================================
A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 22.04 LTS
- Ubuntu 21.10
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS

Summary:

UNS-5376-1 was missing patches to properly fix the addressed issues.

Software Description:
- git: fast, scalable, distributed revision control system

Details:

USN-5376-1 fixed vulnerabilities in Git, some patches were missing to properly fix
the issue. This update fixes the problem.

Original advisory details:

 俞晨东 discovered that Git incorrectly handled certain repository paths
 in platforms with multiple users support. An attacker could possibly use
 this issue to run arbitrary commands.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 22.04 LTS:
  git                             1:2.34.1-1ubuntu1.2

Ubuntu 21.10:
  git                             1:2.32.0-1ubuntu1.2

Ubuntu 20.04 LTS:
  git                             1:2.25.1-1ubuntu3.4

Ubuntu 18.04 LTS:
  git                             1:2.17.1-1ubuntu0.11

In general, a standard system update will make all the necessary changes.

References:
  https://ubuntu.com/security/notices/USN-5376-3
  https://ubuntu.com/security/notices/USN-5376-1
  https://bugs.launchpad.net/ubuntu/+source/git/+bug/1970260

Package Information:
  https://launchpad.net/ubuntu/+source/git/1:2.34.1-1ubuntu1.2
  https://launchpad.net/ubuntu/+source/git/1:2.32.0-1ubuntu1.2
  https://launchpad.net/ubuntu/+source/git/1:2.25.1-1ubuntu3.4
  https://launchpad.net/ubuntu/+source/git/1:2.17.1-1ubuntu0.11

Ubuntu 22.04 LTS USN-5376-3: Git Regression Critical Fix

ubuntu
Calendar Grey April 26, 2022
Dist Ubuntu Esm H88
Follow these steps on Ubuntu to fix absent Git patches regarding security issues identified as of April 26, 2022, for enhanced security and compliance
UNS-5376-1 was missing patches to properly fix the addressed issues.

Summary

Topics%20covered

Topics Covered

security advisory critical remote update instructions arbitrary commands ubuntu regression fix git

Update Instructions

The problem can be corrected by updating your system to the following package versions: Ubuntu 22.04 LTS: git 1:2.34.1-1ubuntu1.2 Ubuntu 21.10: git 1:2.32.0-1ubuntu1.2 Ubuntu 20.04 LTS: git 1:2.25.1-1ubuntu3.4 Ubuntu 18.04 LTS: git 1:2.17.1-1ubuntu0.11 In general, a standard system update will make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-5376-3

https://ubuntu.com/security/notices/USN-5376-1

https://bugs.launchpad.net/ubuntu/+source/git/+bug/1970260

Severity
critical
Lowest
Low
Medium
High
Critical

April 26, 2022

Topics%20covered

Topics Covered

security advisory critical remote update instructions arbitrary commands ubuntu regression fix git

Package Information

https://launchpad.net/ubuntu/+source/git/1:2.34.1-1ubuntu1.2 https://launchpad.net/ubuntu/+source/git/1:2.32.0-1ubuntu1.2 https://launchpad.net/ubuntu/+source/git/1:2.25.1-1ubuntu3.4 https://launchpad.net/ubuntu/+source/git/1:2.17.1-1ubuntu0.11

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here