Alerts This Week
Warning Icon 1 619
Alerts This Week
Warning Icon 1 619

Stay Secure with the Latest Linux Advisories

Opensuse Large Esm H800
openSUSE

openSUSE Chromedriver Moderate Security Issues Fixed 2026-10958-1

Calendar White Jun 08, 2026
moderate
Opensuse Large Esm H900
openSUSE

openSUSE Tumbleweed libmozjs Moderate Update CVE-2025-70103

Calendar White Jun 08, 2026
moderate
Opensuse Large Esm H900
openSUSE

openSUSE Tumbleweed Perl HTML Parser Moderate CVE-2026-8829 Advisory

Calendar White Jun 08, 2026
moderate
Opensuse Large Esm H800
openSUSE

openSUSE Tumbleweed kernel-devel Moderate Security Issue 2026-10954-1

Calendar White Jun 08, 2026
moderate
Opensuse Large Esm H900
openSUSE

openSUSE Tumbleweed Gleam Moderate Threat Fixed 2026-10953-1

Calendar White Jun 08, 2026
moderate
Ubuntu Large Esm H900
Ubuntu

Ubuntu 25.10 Systemd Critical Arbitrary Code Exec DNS Issues USN-8402-1

Calendar White Jun 08, 2026
Critical
Opensuse Large Esm H800
openSUSE

openSUSE Epiphany Important Password Handling Issue CVE-2023-26081

Calendar White Jun 08, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 26.04 LTS 8399-1 Pillow Denial of Service Risk CVE-2026-42308

Calendar White Jun 08, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 26.04 LTS Poppler Critical DoS Code Execution Vuln USN-8400-1

Calendar White Jun 08, 2026
Critical
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":548,"type":"x","order":1,"pct":78.51,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.3,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.87,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.32,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -4 articles for you...
100
Ls Advisories Suse Esm H240
Price Tag 1security advisoryarbitrary code executionimportant update

SUSE Linux Micro: 2025:20049-1 important: git updates and issues

* bsc#1042640 * bsc#1061041 * bsc#1069468 * bsc#1082023 * bsc#1216545 . # Security update for git Announcement ID: SUSE-SU-2025:20049-1 Release Date: 2025-02-03T08:56:21Z Rating: important References: * bsc#1042640 * bsc#1061041 * bsc#1069468 * bsc#1082023 * bsc#1216545 * bsc#1218588 * bsc#1218664 * bsc#1224168 * bsc#1224170 * bsc#1224171 * bsc#1224172 * bsc#1224173 * bsc#779536 * jsc#SLE-17838 Cross-References: * CVE-2005-4900 * CVE-2017-14867 * CVE-2024-32002 * CVE-2024-32004 * CVE-2024-32020 * CVE-2024-32021 * CVE-2024-32465 CVSS scores: * CVE-2005-4900 ( NVD ): 5.9 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2017-14867 ( SUSE ): 7.8 CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2017-14867 ( NVD ): 8.8 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-32002 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-32002 ( NVD ): 9.0 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H * CVE-2024-32004 ( SUSE ): 8.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H * CVE-2024-32020 ( SUSE ): 3.9 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:N/I:L/A:L * CVE-2024-32021 ( SUSE ): 3.9 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:N/I:L/A:L * CVE-2024-32465 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.0 An update that solves seven vulnerabilities, contains one feature and has six fixes can now be installed. ## Description: This update for git fixes the following issues: git was updated to 2.45.1: * CVE-2024-32002: recursive clones on case-insensitive filesystems that support symbolic links are susceptible to case confusion (bsc#1224168) * CVE-2024-32004: arbitrary code execution during local clones (bsc#1224170) * CVE-2024-32020: file overwriting vulnerability during local clones (bsc#1224171) * CVE-2024-32021: git may create hardlinks to arbitrary user- readable files (bsc#1224172) * CVE-2024-32465: arbitrary code execution during cloneoperations (bsc#1224173) Update to 2.45.0: * Improved efficiency managing repositories with many references ("git init --ref-format=reftable") * "git checkout -p" and friends learned that that "@" is a synonym for "HEAD" * cli improvements handling refs * Expanded a number of commands and options, UI improvements * status.showUntrackedFiles now accepts "true" * git-cherry-pick(1) now automatically drops redundant commits with new --empty option * The userdiff patterns for C# has been updated. Update to 2.44.0: * "git checkout -B " now longer allows switching to a branch that is in use on another worktree. The users need to use "\--ignore-other- worktrees" option. * Faster server-side rebases with git replay * Faster pack generation with multi-pack reuse * rebase auto-squashing now works in non-interactive mode * pathspec now understands attr, e.g. ':(attr:~binary) for selecting non- binaries, or builtin_objectmode for selecting items by file mode or other properties * Many other cli UI and internal improvements and extensions * Do not replace apparmor configuration, fixes bsc#1216545 Update to 2.43.2: * * Update to a new feature recently added, "git show-ref --exists". * Rename detection logic ignored the final line of a file if it is an incomplete line. * "git diff --no-rename A B" did not disable rename detection but did not trigger an error from the command line parser. * "git diff --no-index file1 file2" segfaulted while invoking the external diff driver, which has been corrected. * A failed "git tag -s" did not necessarily result in an error depending on the crypto backend, which has been corrected. * "git stash" sometimes was silent even when it failed due to unwritable index file, which has been corrected. * Recent conversion to allow more than 0/1 in GIT_FLUSH broke the mechanism by flipping what yes/no means by mistake, which has been corrected. Update to 2.43.1: * * gitweb AppArmorprofile: allow reading etc/gitweb-common.conf (bsc#1218664) * git moved to /usr/libexec/git/git, update AppArmor profile accordingly (bsc#1218588) Update to 2.43.0: * The "\--rfc" option of "git format-patch" used to be a valid way to override an earlier "\--subject-prefix= " on the command line and replace it with "[RFC PATCH]", but from this release, it merely prefixes the string "RFC " in front of the given subject prefix. If you are negatively affected by this change, please use "\--subject-prefix=PATCH --rfc" as a replacement. * In Git 2.42, "git rev-list --stdin" learned to take non-revisions (like "\--not") from the standard input, but the way such a "\--not" was handled was quite confusing, which has been rethought. The updated rule is that "\--not" given from the command line only affects revs given from the command line that comes but not revs read from the standard input, and "\--not" read from the standard input affects revs given from the standard input and not revs given from the command line. * A message written in olden time prevented a branch from getting checked out, saying it is already checked out elsewhere. But these days, we treat a branch that is being bisected or rebased just like a branch that is checked out and protect it from getting modified with the same codepath. The message has been rephrased to say that the branch is "in use" to avoid confusion. * Hourly and other schedules of "git maintenance" jobs are randomly distributed now. * "git cmd -h" learned to signal which options can be negated by listing such options like "\--[no-]opt". * The way authentication related data other than passwords (e.g., oauth token and password expiration data) are stored in libsecret keyrings has been rethought. * Update the libsecret and wincred credential helpers to correctly match which credential to erase; they erased the wrong entry in some cases. * Git GUI updates. * "git format-patch" learned anew "\--description-file" option that lets cover letter description to be fed; this can be used on detached HEAD where there is no branch description available, and also can override the branch description if there is one. * Use of the "\--max-pack-size" option to allow multiple packfiles to be created is now supported even when we are sending unreachable objects to cruft packs. * "git format-patch --rfc --subject-prefix= " used to ignore the "\--subject-prefix" option and used "[RFC PATCH]"; now we will add "RFC" prefix to whatever subject prefix is specified. * "git log --format" has been taught the %(decorate) placeholder for further customization over what the "\--decorate" option offers. * The default log message created by "git revert", when reverting a commit that records a revert, has been tweaked, to encourage people to describe complex "revert of revert of revert" situations better in their own words. * The command-line completion support (in contrib/) learned to complete "git commit --trailer=" for possible trailer keys. * "git update-index" learned the "\--show-index-version" option to inspect the index format version used by the on-disk index file. * "git diff" learned the "diff.statNameWidth" configuration variable, to give the default width for the name part in the "\--stat" output. * "git range-diff --notes=foo" compared "log --notes=foo --notes" of the two ranges, instead of using just the specified notes tree, which has been corrected to use only the specified notes tree. * The command line completion script (in contrib/) can be told to complete aliases by including ": git ;" in the alias to tell it that the alias should be completed in a similar way to how "git " is completed. The parsing code for the alias has been loosened to allow ';' without an extra space before it. * "git for-each-ref" and friends learned to apply mailmap to authorname and other fields in a more flexible way than usingseparate placeholder letters like %a[eElL] every time we want to come up with small variants. * "git repack" machinery learned to pay attention to the "\--filter=" option. * "git repack" learned the "\--max-cruft-size" option to prevent cruft packs from growing without bounds. * "git merge-tree" learned to take strategy backend specific options via the "-X" option, like "git merge" does. * "git log" and friends learned the "\--dd" option that is a short-hand for "\--diff-merges=first-parent -p". * The attribute subsystem learned to honor the "attr.tree" configuration variable that specifies which tree to read the .gitattributes files from. * "git merge-file" learns a mode to read three variants of the contents to be merged from blob objects. * see Update 2.42.1: * Fix "git diff" exit code handling ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-48=1 ## Package List: * SUSE Linux Micro 6.0 (aarch64 s390x x86_64) * perl-Git-2.45.1-1.1 * git-debugsource-2.45.1-1.1 * git-core-2.45.1-1.1 * git-2.45.1-1.1 * git-core-debuginfo-2.45.1-1.1 * git-debuginfo-2.45.1-1.1 ## References: * https://www.suse.com/security/cve/CVE-2005-4900.html * https://www.suse.com/security/cve/CVE-2017-14867.html * https://www.suse.com/security/cve/CVE-2024-32002.html * https://www.suse.com/security/cve/CVE-2024-32004.html * https://www.suse.com/security/cve/CVE-2024-32020.html * https://www.suse.com/security/cve/CVE-2024-32021.html * https://www.suse.com/security/cve/CVE-2024-32465.html * https://bugzilla.suse.com/show_bug.cgi?id=1042640 * https://bugzilla.suse.com/show_bug.cgi?id=1061041 * https://bugzilla.suse.com/show_bug.cgi?id=1069468 * https://bugzilla.suse.com/show_bug.cgi?id=1082023 *https://bugzilla.suse.com/show_bug.cgi?id=1216545 * https://bugzilla.suse.com/show_bug.cgi?id=1218588 * https://bugzilla.suse.com/show_bug.cgi?id=1218664 * https://bugzilla.suse.com/show_bug.cgi?id=1224168 * https://bugzilla.suse.com/show_bug.cgi?id=1224170 * https://bugzilla.suse.com/show_bug.cgi?id=1224171 * https://bugzilla.suse.com/show_bug.cgi?id=1224172 * https://bugzilla.suse.com/show_bug.cgi?id=1224173 * https://bugzilla.suse.com/show_bug.cgi?id=779536 * https://jira.suse.com/login.jsp?permissionViolation=true&os_destination=%2Fbrowse%2FSLE-17838&page_caps=&user_role= . This bulletin highlights significant upgrades for git on SUSE Linux Micro, focusing on essential concerns and security threats.. SUSE Linux Micro, git security, important update. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Jun 04, 2025 Important SuSE
100
Ls Advisories Suse Esm H240
Price Tag 1security advisoryarbitrary code executionimportant update

SUSE Linux Micro: 2025:20049-1 important: git update fixes critical threats

* bsc#1042640 * bsc#1061041 * bsc#1069468 * bsc#1082023 * bsc#1216545 . # Security update for git Announcement ID: SUSE-SU-2025:20049-1 Release Date: 2025-02-03T08:56:21Z Rating: important References: * bsc#1042640 * bsc#1061041 * bsc#1069468 * bsc#1082023 * bsc#1216545 * bsc#1218588 * bsc#1218664 * bsc#1224168 * bsc#1224170 * bsc#1224171 * bsc#1224172 * bsc#1224173 * bsc#779536 * jsc#SLE-17838 Cross-References: * CVE-2005-4900 * CVE-2017-14867 * CVE-2024-32002 * CVE-2024-32004 * CVE-2024-32020 * CVE-2024-32021 * CVE-2024-32465 CVSS scores: * CVE-2005-4900 ( NVD ): 5.9 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2017-14867 ( SUSE ): 7.8 CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2017-14867 ( NVD ): 8.8 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-32002 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-32002 ( NVD ): 9.0 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H * CVE-2024-32004 ( SUSE ): 8.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H * CVE-2024-32020 ( SUSE ): 3.9 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:N/I:L/A:L * CVE-2024-32021 ( SUSE ): 3.9 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:N/I:L/A:L * CVE-2024-32465 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.0 An update that solves seven vulnerabilities, contains one feature and has six fixes can now be installed. ## Description: This update for git fixes the following issues: git was updated to 2.45.1: * CVE-2024-32002: recursive clones on case-insensitive filesystems that support symbolic links are susceptible to case confusion (bsc#1224168) * CVE-2024-32004: arbitrary code execution during local clones (bsc#1224170) * CVE-2024-32020: file overwriting vulnerability during local clones (bsc#1224171) * CVE-2024-32021: git may create hardlinks to arbitrary user- readable files (bsc#1224172) * CVE-2024-32465: arbitrary code execution during cloneoperations (bsc#1224173) Update to 2.45.0: * Improved efficiency managing repositories with many references ("git init --ref-format=reftable") * "git checkout -p" and friends learned that that "@" is a synonym for "HEAD" * cli improvements handling refs * Expanded a number of commands and options, UI improvements * status.showUntrackedFiles now accepts "true" * git-cherry-pick(1) now automatically drops redundant commits with new --empty option * The userdiff patterns for C# has been updated. Update to 2.44.0: * "git checkout -B " now longer allows switching to a branch that is in use on another worktree. The users need to use "\--ignore-other- worktrees" option. * Faster server-side rebases with git replay * Faster pack generation with multi-pack reuse * rebase auto-squashing now works in non-interactive mode * pathspec now understands attr, e.g. ':(attr:~binary) for selecting non- binaries, or builtin_objectmode for selecting items by file mode or other properties * Many other cli UI and internal improvements and extensions * Do not replace apparmor configuration, fixes bsc#1216545 Update to 2.43.2: * * Update to a new feature recently added, "git show-ref --exists". * Rename detection logic ignored the final line of a file if it is an incomplete line. * "git diff --no-rename A B" did not disable rename detection but did not trigger an error from the command line parser. * "git diff --no-index file1 file2" segfaulted while invoking the external diff driver, which has been corrected. * A failed "git tag -s" did not necessarily result in an error depending on the crypto backend, which has been corrected. * "git stash" sometimes was silent even when it failed due to unwritable index file, which has been corrected. * Recent conversion to allow more than 0/1 in GIT_FLUSH broke the mechanism by flipping what yes/no means by mistake, which has been corrected. Update to 2.43.1: * * gitweb AppArmorprofile: allow reading etc/gitweb-common.conf (bsc#1218664) * git moved to /usr/libexec/git/git, update AppArmor profile accordingly (bsc#1218588) Update to 2.43.0: * The "\--rfc" option of "git format-patch" used to be a valid way to override an earlier "\--subject-prefix= " on the command line and replace it with "[RFC PATCH]", but from this release, it merely prefixes the string "RFC " in front of the given subject prefix. If you are negatively affected by this change, please use "\--subject-prefix=PATCH --rfc" as a replacement. * In Git 2.42, "git rev-list --stdin" learned to take non-revisions (like "\--not") from the standard input, but the way such a "\--not" was handled was quite confusing, which has been rethought. The updated rule is that "\--not" given from the command line only affects revs given from the command line that comes but not revs read from the standard input, and "\--not" read from the standard input affects revs given from the standard input and not revs given from the command line. * A message written in olden time prevented a branch from getting checked out, saying it is already checked out elsewhere. But these days, we treat a branch that is being bisected or rebased just like a branch that is checked out and protect it from getting modified with the same codepath. The message has been rephrased to say that the branch is "in use" to avoid confusion. * Hourly and other schedules of "git maintenance" jobs are randomly distributed now. * "git cmd -h" learned to signal which options can be negated by listing such options like "\--[no-]opt". * The way authentication related data other than passwords (e.g., oauth token and password expiration data) are stored in libsecret keyrings has been rethought. * Update the libsecret and wincred credential helpers to correctly match which credential to erase; they erased the wrong entry in some cases. * Git GUI updates. * "git format-patch" learned anew "\--description-file" option that lets cover letter description to be fed; this can be used on detached HEAD where there is no branch description available, and also can override the branch description if there is one. * Use of the "\--max-pack-size" option to allow multiple packfiles to be created is now supported even when we are sending unreachable objects to cruft packs. * "git format-patch --rfc --subject-prefix= " used to ignore the "\--subject-prefix" option and used "[RFC PATCH]"; now we will add "RFC" prefix to whatever subject prefix is specified. * "git log --format" has been taught the %(decorate) placeholder for further customization over what the "\--decorate" option offers. * The default log message created by "git revert", when reverting a commit that records a revert, has been tweaked, to encourage people to describe complex "revert of revert of revert" situations better in their own words. * The command-line completion support (in contrib/) learned to complete "git commit --trailer=" for possible trailer keys. * "git update-index" learned the "\--show-index-version" option to inspect the index format version used by the on-disk index file. * "git diff" learned the "diff.statNameWidth" configuration variable, to give the default width for the name part in the "\--stat" output. * "git range-diff --notes=foo" compared "log --notes=foo --notes" of the two ranges, instead of using just the specified notes tree, which has been corrected to use only the specified notes tree. * The command line completion script (in contrib/) can be told to complete aliases by including ": git ;" in the alias to tell it that the alias should be completed in a similar way to how "git " is completed. The parsing code for the alias has been loosened to allow ';' without an extra space before it. * "git for-each-ref" and friends learned to apply mailmap to authorname and other fields in a more flexible way than usingseparate placeholder letters like %a[eElL] every time we want to come up with small variants. * "git repack" machinery learned to pay attention to the "\--filter=" option. * "git repack" learned the "\--max-cruft-size" option to prevent cruft packs from growing without bounds. * "git merge-tree" learned to take strategy backend specific options via the "-X" option, like "git merge" does. * "git log" and friends learned the "\--dd" option that is a short-hand for "\--diff-merges=first-parent -p". * The attribute subsystem learned to honor the "attr.tree" configuration variable that specifies which tree to read the .gitattributes files from. * "git merge-file" learns a mode to read three variants of the contents to be merged from blob objects. * see Update 2.42.1: * Fix "git diff" exit code handling ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-48=1 ## Package List: * SUSE Linux Micro 6.0 (aarch64 s390x x86_64) * git-debugsource-2.45.1-1.1 * git-core-2.45.1-1.1 * git-core-debuginfo-2.45.1-1.1 * git-2.45.1-1.1 * git-debuginfo-2.45.1-1.1 * perl-Git-2.45.1-1.1 ## References: * https://www.suse.com/security/cve/CVE-2005-4900.html * https://www.suse.com/security/cve/CVE-2017-14867.html * https://www.suse.com/security/cve/CVE-2024-32002.html * https://www.suse.com/security/cve/CVE-2024-32004.html * https://www.suse.com/security/cve/CVE-2024-32020.html * https://www.suse.com/security/cve/CVE-2024-32021.html * https://www.suse.com/security/cve/CVE-2024-32465.html * https://bugzilla.suse.com/show_bug.cgi?id=1042640 * https://bugzilla.suse.com/show_bug.cgi?id=1061041 * https://bugzilla.suse.com/show_bug.cgi?id=1069468 * https://bugzilla.suse.com/show_bug.cgi?id=1082023 *https://bugzilla.suse.com/show_bug.cgi?id=1216545 * https://bugzilla.suse.com/show_bug.cgi?id=1218588 * https://bugzilla.suse.com/show_bug.cgi?id=1218664 * https://bugzilla.suse.com/show_bug.cgi?id=1224168 * https://bugzilla.suse.com/show_bug.cgi?id=1224170 * https://bugzilla.suse.com/show_bug.cgi?id=1224171 * https://bugzilla.suse.com/show_bug.cgi?id=1224172 * https://bugzilla.suse.com/show_bug.cgi?id=1224173 * https://bugzilla.suse.com/show_bug.cgi?id=779536 * https://jira.suse.com/login.jsp?permissionViolation=true&os_destination=%2Fbrowse%2FSLE-17838&page_caps=&user_role= . Crucial enhancement release for git on SUSE Linux Micro addresses severe vulnerabilities and enhances performance.. git security update,SUSE Linux Micro,important vulnerabilities,code execution. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Jun 04, 2025 Important SuSE
Banner 1 1028x280 1708121660 1771599717
100
Ls Advisories Suse Esm H240
Price Tag 1security advisoryarbitrary code executionimportant

SUSE 12 SP5: 2025:0197-1 important: git arbitrary code execution

* bsc#1224168 * bsc#1224170 * bsc#1224171 * bsc#1224172 * bsc#1224173 . # Security update for git Announcement ID: SUSE-SU-2025:0197-1 Release Date: 2025-01-21T10:03:39Z Rating: important References: * bsc#1224168 * bsc#1224170 * bsc#1224171 * bsc#1224172 * bsc#1224173 * bsc#1235600 * bsc#1235601 Cross-References: * CVE-2024-32002 * CVE-2024-32004 * CVE-2024-32020 * CVE-2024-32021 * CVE-2024-32465 * CVE-2024-50349 * CVE-2024-52006 CVSS scores: * CVE-2024-32002 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-32002 ( NVD ): 9.0 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H * CVE-2024-32004 ( SUSE ): 8.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H * CVE-2024-32020 ( SUSE ): 3.9 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:N/I:L/A:L * CVE-2024-32021 ( SUSE ): 3.9 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:N/I:L/A:L * CVE-2024-32465 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-50349 ( SUSE ): 3.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N * CVE-2024-50349 ( NVD ): 2.1 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:A/VC:N/VI:L/VA:N/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-52006 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N * CVE-2024-52006 ( NVD ): 2.1 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves seven vulnerabilities can now be installed. ## Description: This update for git fixes the following issues: * CVE-2024-32002: Fix recursive clones on case-insensitivefilesystems that support symbolic links are susceptible to case confusion. (bsc#1224168) * CVE-2024-32004: Fixed arbitrary code execution during local clones. (bsc#1224170) * CVE-2024-32020: Fix file overwriting vulnerability during local clones. (bsc#1224171) * CVE-2024-32021: Git may create hardlinks to arbitrary user-readable files. (bsc#1224172) * CVE-2024-32465: Fixed arbitrary code execution during clone operations. (bsc#1224173) * CVE-2024-50349: Passwords for trusted sites could be sent to untrusted sites (bsc#1235600). * CVE-2024-52006: Carriage Returns via the credential protocol to credential helpers (bsc#1235601). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2025-197=1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-197=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64) * git-daemon-debuginfo-2.26.2-27.78.1 * git-debugsource-2.26.2-27.78.1 * git-svn-2.26.2-27.78.1 * git-daemon-2.26.2-27.78.1 * git-core-2.26.2-27.78.1 * git-2.26.2-27.78.1 * git-email-2.26.2-27.78.1 * git-cvs-2.26.2-27.78.1 * git-core-debuginfo-2.26.2-27.78.1 * git-web-2.26.2-27.78.1 * gitk-2.26.2-27.78.1 * git-gui-2.26.2-27.78.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * git-daemon-debuginfo-2.26.2-27.78.1 * git-debugsource-2.26.2-27.78.1 * git-svn-2.26.2-27.78.1 * git-daemon-2.26.2-27.78.1 * git-core-2.26.2-27.78.1 * git-2.26.2-27.78.1 * git-email-2.26.2-27.78.1 * git-cvs-2.26.2-27.78.1 * git-core-debuginfo-2.26.2-27.78.1 * git-web-2.26.2-27.78.1 * gitk-2.26.2-27.78.1 *git-gui-2.26.2-27.78.1 ## References: * https://www.suse.com/security/cve/CVE-2024-32002.html * https://www.suse.com/security/cve/CVE-2024-32004.html * https://www.suse.com/security/cve/CVE-2024-32020.html * https://www.suse.com/security/cve/CVE-2024-32021.html * https://www.suse.com/security/cve/CVE-2024-32465.html * https://www.suse.com/security/cve/CVE-2024-50349.html * https://www.suse.com/security/cve/CVE-2024-52006.html * https://bugzilla.suse.com/show_bug.cgi?id=1224168 * https://bugzilla.suse.com/show_bug.cgi?id=1224170 * https://bugzilla.suse.com/show_bug.cgi?id=1224171 * https://bugzilla.suse.com/show_bug.cgi?id=1224172 * https://bugzilla.suse.com/show_bug.cgi?id=1224173 * https://bugzilla.suse.com/show_bug.cgi?id=1235600 * https://bugzilla.suse.com/show_bug.cgi?id=1235601 . Crucial security patches for Git resolve significant vulnerabilities found in SUSE. Immediate updates are accessible for impacted versions.. SUSE Linux Enterprise, Git Security Advisory, Vulnerability Fixes. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Jan 21, 2025 Important SuSE
100
Ls Advisories Suse Esm H240
Price Tag 1security advisoryimportantarbitrary code

SUSE: 2024:1807-2 Important: Git Security Issues and Fixes

* bsc#1224168 * bsc#1224170 * bsc#1224171 * bsc#1224172 * bsc#1224173 . # Security update for git Announcement ID: SUSE-SU-2024:1807-2 Rating: important References: * bsc#1224168 * bsc#1224170 * bsc#1224171 * bsc#1224172 * bsc#1224173 Cross-References: * CVE-2024-32002 * CVE-2024-32004 * CVE-2024-32020 * CVE-2024-32021 * CVE-2024-32465 CVSS scores: * CVE-2024-32002 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-32002 ( NVD ): 9.0 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H * CVE-2024-32004 ( SUSE ): 8.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H * CVE-2024-32020 ( SUSE ): 3.9 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:N/I:L/A:L * CVE-2024-32021 ( SUSE ): 3.9 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:N/I:L/A:L * CVE-2024-32465 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise Micro 5.5 An update that solves five vulnerabilities can now be installed. ## Description: This update for git fixes the following issues: * CVE-2024-32002: Fixed recursive clones on case-insensitive filesystems that support symbolic links are susceptible to case confusion (bsc#1224168). * CVE-2024-32004: Fixed arbitrary code execution during local clones (bsc#1224170). * CVE-2024-32020: Fixed file overwriting vulnerability during local clones (bsc#1224171). * CVE-2024-32021: Fixed git may create hardlinks to arbitrary user-readable files (bsc#1224172). * CVE-2024-32465: Fixed arbitrary code execution during clone operations (bsc#1224173). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-1807=1 ## Package List: * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * perl-Git-2.35.3-150300.10.39.1 *git-2.35.3-150300.10.39.1 * git-core-2.35.3-150300.10.39.1 * git-debuginfo-2.35.3-150300.10.39.1 * git-debugsource-2.35.3-150300.10.39.1 * git-core-debuginfo-2.35.3-150300.10.39.1 ## References: * https://www.suse.com/security/cve/CVE-2024-32002.html * https://www.suse.com/security/cve/CVE-2024-32004.html * https://www.suse.com/security/cve/CVE-2024-32020.html * https://www.suse.com/security/cve/CVE-2024-32021.html * https://www.suse.com/security/cve/CVE-2024-32465.html * https://bugzilla.suse.com/show_bug.cgi?id=1224168 * https://bugzilla.suse.com/show_bug.cgi?id=1224170 * https://bugzilla.suse.com/show_bug.cgi?id=1224171 * https://bugzilla.suse.com/show_bug.cgi?id=1224172 * https://bugzilla.suse.com/show_bug.cgi?id=1224173 . A new Git security update for SUSE Linux Enterprise Micro 5.5 addresses vulnerabilities risking code execution and unauthorized access. Prompt patching is essential. SUSE Linux, git security, patch update, case confusion, code execution. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Jul 12, 2024 Important SuSE
Banner 1 1028x280 1708121660 1771599717
100
Ls Advisories Suse Esm H240
Price Tag 1security advisorysoftware updatecode execution

SUSE: 2024:1807-1 Important: Git Execution Risk Advisory

* bsc#1224168 * bsc#1224170 * bsc#1224171 * bsc#1224172 * bsc#1224173 . # Security update for git Announcement ID: SUSE-SU-2024:1807-1 Rating: important References: * bsc#1224168 * bsc#1224170 * bsc#1224171 * bsc#1224172 * bsc#1224173 Cross-References: * CVE-2024-32002 * CVE-2024-32004 * CVE-2024-32020 * CVE-2024-32021 * CVE-2024-32465 CVSS scores: * CVE-2024-32002 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-32002 ( NVD ): 9.0 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H * CVE-2024-32004 ( SUSE ): 8.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H * CVE-2024-32020 ( SUSE ): 3.9 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:N/I:L/A:L * CVE-2024-32021 ( SUSE ): 3.9 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:N/I:L/A:L * CVE-2024-32465 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: * Basesystem Module 15-SP5 * Development Tools Module 15-SP5 * openSUSE Leap 15.3 * openSUSE Leap 15.5 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Proxy 4.3 * SUSE Manager Retail BranchServer 4.3 * SUSE Manager Server 4.3 An update that solves five vulnerabilities can now be installed. ## Description: This update for git fixes the following issues: * CVE-2024-32002: Fixed recursive clones on case-insensitive filesystems that support symbolic links are susceptible to case confusion (bsc#1224168). * CVE-2024-32004: Fixed arbitrary code execution during local clones (bsc#1224170). * CVE-2024-32020: Fixed file overwriting vulnerability during local clones (bsc#1224171). * CVE-2024-32021: Fixed git may create hardlinks to arbitrary user-readable files (bsc#1224172). * CVE-2024-32465: Fixed arbitrary code execution during clone operations (bsc#1224173). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-1807=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-1807=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-1807=1 * Development Tools Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP5-2024-1807=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-1807=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-1807=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-1807=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-1807=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-1807=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -tpatch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-1807=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-1807=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-1807=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-1807=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-1807=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-1807=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-1807=1 * openSUSE Leap 15.3 zypper in -t patch SUSE-2024-1807=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * git-credential-libsecret-2.35.3-150300.10.39.1 * git-credential-libsecret-debuginfo-2.35.3-150300.10.39.1 * git-daemon-2.35.3-150300.10.39.1 * git-core-debuginfo-2.35.3-150300.10.39.1 * git-core-2.35.3-150300.10.39.1 * git-cvs-2.35.3-150300.10.39.1 * git-daemon-debuginfo-2.35.3-150300.10.39.1 * git-2.35.3-150300.10.39.1 * git-svn-2.35.3-150300.10.39.1 * gitk-2.35.3-150300.10.39.1 * git-credential-gnome-keyring-debuginfo-2.35.3-150300.10.39.1 * perl-Git-2.35.3-150300.10.39.1 * git-credential-gnome-keyring-2.35.3-150300.10.39.1 * git-email-2.35.3-150300.10.39.1 * git-arch-2.35.3-150300.10.39.1 * git-debugsource-2.35.3-150300.10.39.1 * git-gui-2.35.3-150300.10.39.1 * git-p4-2.35.3-150300.10.39.1 * git-debuginfo-2.35.3-150300.10.39.1 * git-web-2.35.3-150300.10.39.1 * openSUSE Leap 15.5 (noarch) * git-doc-2.35.3-150300.10.39.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 s390x x86_64) * git-core-debuginfo-2.35.3-150300.10.39.1 * git-core-2.35.3-150300.10.39.1 * git-2.35.3-150300.10.39.1 * perl-Git-2.35.3-150300.10.39.1 *git-debugsource-2.35.3-150300.10.39.1 * git-debuginfo-2.35.3-150300.10.39.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * git-debuginfo-2.35.3-150300.10.39.1 * git-debugsource-2.35.3-150300.10.39.1 * git-core-debuginfo-2.35.3-150300.10.39.1 * git-core-2.35.3-150300.10.39.1 * Development Tools Module 15-SP5 (aarch64 ppc64le s390x x86_64) * git-daemon-2.35.3-150300.10.39.1 * gitk-2.35.3-150300.10.39.1 * git-cvs-2.35.3-150300.10.39.1 * git-daemon-debuginfo-2.35.3-150300.10.39.1 * git-2.35.3-150300.10.39.1 * git-svn-2.35.3-150300.10.39.1 * perl-Git-2.35.3-150300.10.39.1 * git-email-2.35.3-150300.10.39.1 * git-arch-2.35.3-150300.10.39.1 * git-debugsource-2.35.3-150300.10.39.1 * git-gui-2.35.3-150300.10.39.1 * git-debuginfo-2.35.3-150300.10.39.1 * git-web-2.35.3-150300.10.39.1 * Development Tools Module 15-SP5 (noarch) * git-doc-2.35.3-150300.10.39.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * git-daemon-2.35.3-150300.10.39.1 * git-core-debuginfo-2.35.3-150300.10.39.1 * git-core-2.35.3-150300.10.39.1 * git-cvs-2.35.3-150300.10.39.1 * git-daemon-debuginfo-2.35.3-150300.10.39.1 * git-2.35.3-150300.10.39.1 * git-svn-2.35.3-150300.10.39.1 * gitk-2.35.3-150300.10.39.1 * perl-Git-2.35.3-150300.10.39.1 * git-email-2.35.3-150300.10.39.1 * git-arch-2.35.3-150300.10.39.1 * git-debugsource-2.35.3-150300.10.39.1 * git-gui-2.35.3-150300.10.39.1 * git-debuginfo-2.35.3-150300.10.39.1 * git-web-2.35.3-150300.10.39.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch) * git-doc-2.35.3-150300.10.39.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * git-daemon-2.35.3-150300.10.39.1 * git-core-debuginfo-2.35.3-150300.10.39.1 * git-core-2.35.3-150300.10.39.1 * git-cvs-2.35.3-150300.10.39.1 * git-daemon-debuginfo-2.35.3-150300.10.39.1 *git-2.35.3-150300.10.39.1 * git-svn-2.35.3-150300.10.39.1 * gitk-2.35.3-150300.10.39.1 * perl-Git-2.35.3-150300.10.39.1 * git-email-2.35.3-150300.10.39.1 * git-arch-2.35.3-150300.10.39.1 * git-debugsource-2.35.3-150300.10.39.1 * git-gui-2.35.3-150300.10.39.1 * git-debuginfo-2.35.3-150300.10.39.1 * git-web-2.35.3-150300.10.39.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * git-doc-2.35.3-150300.10.39.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * git-daemon-2.35.3-150300.10.39.1 * git-core-debuginfo-2.35.3-150300.10.39.1 * git-core-2.35.3-150300.10.39.1 * git-cvs-2.35.3-150300.10.39.1 * git-daemon-debuginfo-2.35.3-150300.10.39.1 * git-2.35.3-150300.10.39.1 * git-svn-2.35.3-150300.10.39.1 * gitk-2.35.3-150300.10.39.1 * perl-Git-2.35.3-150300.10.39.1 * git-email-2.35.3-150300.10.39.1 * git-arch-2.35.3-150300.10.39.1 * git-debugsource-2.35.3-150300.10.39.1 * git-gui-2.35.3-150300.10.39.1 * git-debuginfo-2.35.3-150300.10.39.1 * git-web-2.35.3-150300.10.39.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * git-doc-2.35.3-150300.10.39.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * git-daemon-2.35.3-150300.10.39.1 * git-core-debuginfo-2.35.3-150300.10.39.1 * git-core-2.35.3-150300.10.39.1 * git-cvs-2.35.3-150300.10.39.1 * git-daemon-debuginfo-2.35.3-150300.10.39.1 * git-2.35.3-150300.10.39.1 * git-svn-2.35.3-150300.10.39.1 * gitk-2.35.3-150300.10.39.1 * perl-Git-2.35.3-150300.10.39.1 * git-email-2.35.3-150300.10.39.1 * git-arch-2.35.3-150300.10.39.1 * git-debugsource-2.35.3-150300.10.39.1 * git-gui-2.35.3-150300.10.39.1 * git-debuginfo-2.35.3-150300.10.39.1 * git-web-2.35.3-150300.10.39.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (noarch) * git-doc-2.35.3-150300.10.39.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3(aarch64 ppc64le s390x x86_64) * git-daemon-2.35.3-150300.10.39.1 * git-core-debuginfo-2.35.3-150300.10.39.1 * git-core-2.35.3-150300.10.39.1 * git-cvs-2.35.3-150300.10.39.1 * git-daemon-debuginfo-2.35.3-150300.10.39.1 * git-2.35.3-150300.10.39.1 * git-svn-2.35.3-150300.10.39.1 * gitk-2.35.3-150300.10.39.1 * perl-Git-2.35.3-150300.10.39.1 * git-email-2.35.3-150300.10.39.1 * git-arch-2.35.3-150300.10.39.1 * git-debugsource-2.35.3-150300.10.39.1 * git-gui-2.35.3-150300.10.39.1 * git-debuginfo-2.35.3-150300.10.39.1 * git-web-2.35.3-150300.10.39.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (noarch) * git-doc-2.35.3-150300.10.39.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * git-daemon-2.35.3-150300.10.39.1 * git-core-debuginfo-2.35.3-150300.10.39.1 * git-core-2.35.3-150300.10.39.1 * git-cvs-2.35.3-150300.10.39.1 * git-daemon-debuginfo-2.35.3-150300.10.39.1 * git-2.35.3-150300.10.39.1 * git-svn-2.35.3-150300.10.39.1 * gitk-2.35.3-150300.10.39.1 * perl-Git-2.35.3-150300.10.39.1 * git-email-2.35.3-150300.10.39.1 * git-arch-2.35.3-150300.10.39.1 * git-debugsource-2.35.3-150300.10.39.1 * git-gui-2.35.3-150300.10.39.1 * git-debuginfo-2.35.3-150300.10.39.1 * git-web-2.35.3-150300.10.39.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (noarch) * git-doc-2.35.3-150300.10.39.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * git-daemon-2.35.3-150300.10.39.1 * git-core-debuginfo-2.35.3-150300.10.39.1 * git-core-2.35.3-150300.10.39.1 * git-cvs-2.35.3-150300.10.39.1 * git-daemon-debuginfo-2.35.3-150300.10.39.1 * git-2.35.3-150300.10.39.1 * git-svn-2.35.3-150300.10.39.1 * gitk-2.35.3-150300.10.39.1 * perl-Git-2.35.3-150300.10.39.1 * git-email-2.35.3-150300.10.39.1 * git-arch-2.35.3-150300.10.39.1 * git-debugsource-2.35.3-150300.10.39.1 *git-gui-2.35.3-150300.10.39.1 * git-debuginfo-2.35.3-150300.10.39.1 * git-web-2.35.3-150300.10.39.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch) * git-doc-2.35.3-150300.10.39.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * git-daemon-2.35.3-150300.10.39.1 * git-core-debuginfo-2.35.3-150300.10.39.1 * git-core-2.35.3-150300.10.39.1 * git-cvs-2.35.3-150300.10.39.1 * git-daemon-debuginfo-2.35.3-150300.10.39.1 * git-2.35.3-150300.10.39.1 * git-svn-2.35.3-150300.10.39.1 * gitk-2.35.3-150300.10.39.1 * perl-Git-2.35.3-150300.10.39.1 * git-email-2.35.3-150300.10.39.1 * git-arch-2.35.3-150300.10.39.1 * git-debugsource-2.35.3-150300.10.39.1 * git-gui-2.35.3-150300.10.39.1 * git-debuginfo-2.35.3-150300.10.39.1 * git-web-2.35.3-150300.10.39.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * git-doc-2.35.3-150300.10.39.1 * SUSE Manager Proxy 4.3 (x86_64) * git-debuginfo-2.35.3-150300.10.39.1 * git-debugsource-2.35.3-150300.10.39.1 * git-core-debuginfo-2.35.3-150300.10.39.1 * git-core-2.35.3-150300.10.39.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * git-debuginfo-2.35.3-150300.10.39.1 * git-debugsource-2.35.3-150300.10.39.1 * git-core-debuginfo-2.35.3-150300.10.39.1 * git-core-2.35.3-150300.10.39.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * git-debuginfo-2.35.3-150300.10.39.1 * git-debugsource-2.35.3-150300.10.39.1 * git-core-debuginfo-2.35.3-150300.10.39.1 * git-core-2.35.3-150300.10.39.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * git-daemon-2.35.3-150300.10.39.1 * git-core-debuginfo-2.35.3-150300.10.39.1 * git-core-2.35.3-150300.10.39.1 * git-cvs-2.35.3-150300.10.39.1 * git-daemon-debuginfo-2.35.3-150300.10.39.1 * git-2.35.3-150300.10.39.1 * git-svn-2.35.3-150300.10.39.1 * gitk-2.35.3-150300.10.39.1 * perl-Git-2.35.3-150300.10.39.1 *git-email-2.35.3-150300.10.39.1 * git-arch-2.35.3-150300.10.39.1 * git-debugsource-2.35.3-150300.10.39.1 * git-gui-2.35.3-150300.10.39.1 * git-debuginfo-2.35.3-150300.10.39.1 * git-web-2.35.3-150300.10.39.1 * SUSE Enterprise Storage 7.1 (noarch) * git-doc-2.35.3-150300.10.39.1 * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 i586) * git-credential-libsecret-2.35.3-150300.10.39.1 * git-credential-libsecret-debuginfo-2.35.3-150300.10.39.1 * git-daemon-2.35.3-150300.10.39.1 * git-core-debuginfo-2.35.3-150300.10.39.1 * git-core-2.35.3-150300.10.39.1 * git-cvs-2.35.3-150300.10.39.1 * git-daemon-debuginfo-2.35.3-150300.10.39.1 * git-2.35.3-150300.10.39.1 * git-svn-2.35.3-150300.10.39.1 * gitk-2.35.3-150300.10.39.1 * git-credential-gnome-keyring-debuginfo-2.35.3-150300.10.39.1 * perl-Git-2.35.3-150300.10.39.1 * git-credential-gnome-keyring-2.35.3-150300.10.39.1 * git-email-2.35.3-150300.10.39.1 * git-arch-2.35.3-150300.10.39.1 * git-debugsource-2.35.3-150300.10.39.1 * git-gui-2.35.3-150300.10.39.1 * git-p4-2.35.3-150300.10.39.1 * git-debuginfo-2.35.3-150300.10.39.1 * git-web-2.35.3-150300.10.39.1 * openSUSE Leap 15.3 (noarch) * git-doc-2.35.3-150300.10.39.1 ## References: * https://www.suse.com/security/cve/CVE-2024-32002.html * https://www.suse.com/security/cve/CVE-2024-32004.html * https://www.suse.com/security/cve/CVE-2024-32020.html * https://www.suse.com/security/cve/CVE-2024-32021.html * https://www.suse.com/security/cve/CVE-2024-32465.html * https://bugzilla.suse.com/show_bug.cgi?id=1224168 * https://bugzilla.suse.com/show_bug.cgi?id=1224170 * https://bugzilla.suse.com/show_bug.cgi?id=1224171 * https://bugzilla.suse.com/show_bug.cgi?id=1224172 * https://bugzilla.suse.com/show_bug.cgi?id=1224173 . Essential patches for git security flaws identified within SUSE environments, addressing problems such as case sensitivity errors and potential execution of unauthorized code.. SUSEGit Advisory, Security Update, Linux Package Fixes. . Severity: Important. LinuxSecurity.com Team

Calendar 2 May 29, 2024 Important SuSE
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":548,"type":"x","order":1,"pct":78.51,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.3,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.87,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.32,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here