Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 556
Alerts This Week
Warning Icon 1 556

Ubuntu 16.04 ESM USN-5686-2 Moderate: Git Arbitrary Code Execution

ubuntu
Calendar Grey November 17, 2022
Dist Ubuntu Esm H88
Ubuntu Security Notice USN-5690-1 highlights a security flaw in OpenSSH which could lead to unauthorized access or system instability.
Git could be made to crash or run programs as your login if it received specially crafted input.

Summary

Git could be made to crash or run programs as your login if it

received specially crafted input.

Software Description:

- git: fast, scalable, distributed revision control system

Details:

USN-5686-1 fixed several vulnerabilities in Git. This update

provides the corresponding fix for CVE-2022-39260 on Ubuntu 16.04 ESM.

Original advisory details:

Kevin Backhouse discovered that Git incorrectly handled certain command

strings. An attacker could possibly use this issue to cause a crash or

arbitrary code execution.

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 16.04 ESM:
   git                             1:2.7.4-0ubuntu1.10+esm3

In general, a standard system update will make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-5686-2

https://ubuntu.com/security/notices/USN-5686-1

CVE-2022-39260

November 17, 2022

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.