Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found -4 articles for you...
202
security advisorysecurity issueupdateopenSUSE Tumbleweed: 2025:14652-1 moderate: git-2.48.1-1.1 Security Issue
An update that solves one vulnerability can now be installed.. # git-2.48.1-1.1 on GA media Announcement ID: openSUSE-SU-2025:14652-1 Rating: moderate Cross-References: * CVE-2024-50349 CVSS scores: * CVE-2024-50349 ( SUSE ): 3.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N Affected Products: * openSUSE Tumbleweed An update that solves one vulnerability can now be installed. ## Description: These are all security issues fixed in the git-2.48.1-1.1 package on the GA media of openSUSE Tumbleweed. ## Package List: * openSUSE Tumbleweed: * git 2.48.1-1.1 * git-arch 2.48.1-1.1 * git-core 2.48.1-1.1 * git-credential-libsecret 2.48.1-1.1 * git-cvs 2.48.1-1.1 * git-daemon 2.48.1-1.1 * git-doc 2.48.1-1.1 * git-email 2.48.1-1.1 * git-gui 2.48.1-1.1 * git-p4 2.48.1-1.1 * git-svn 2.48.1-1.1 * git-web 2.48.1-1.1 * gitk 2.48.1-1.1 * perl-Git 2.48.1-1.1 ## References: * https://www.suse.com/security/cve/CVE-2024-50349.html . openSUSE Tumbleweed has upgraded to git-2.48.1-1.1 for addressing a significant security concern. For in-depth information, please refer to the advisory.. openSUSE Advisory, git Update, Security Issue, Software Update, Moderate Severity. . LinuxSecurity.com Team
Jan 17, 2025
OpenSUSE
199
security advisorycritical issuesecurity issueCentOS: CESA-2023-0978 Critical: Git Package Security Issue
Upstream details at : https://access.redhat.com/errata/RHSA-2023:0978. CentOS Errata and Security Advisory 2023:0978 Important Upstream details at : https://access.redhat.com/errata/RHSA-2023:0978 The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) x86_64: 72415fc89f5dcb558370bd92e670638fc9add9ad19ba4ee77ef546520c9a9e39 emacs-git-1.8.3.1-24.el7_9.noarch.rpm 2d55f68e1a5fb1da8eb138aca00951f0f028a8f3db6a4427488b57f1c043891e emacs-git-el-1.8.3.1-24.el7_9.noarch.rpm d977ef2c9e09f15898d44de8446c4e0984f357c637fa6b2194f05cf87e8abc29 git-1.8.3.1-24.el7_9.x86_64.rpm 48db0a9dafc6ecf4c0b955075d04ff198a44fa5b1bdea37a0f03af3d9d75e1a6 git-all-1.8.3.1-24.el7_9.noarch.rpm 3e669a493af1a126cce0a77eecae0864765c9b701b5640962ecfa5a8ec1afc30 git-bzr-1.8.3.1-24.el7_9.noarch.rpm a0b6efe5d9993351a08c5873bc1be89455d96a5535d9bf69e24384ab21850577 git-cvs-1.8.3.1-24.el7_9.noarch.rpm 4a1eda7aca52060e944393a7b40798a1e90bbd8b4ffcf3bdfe5779ccbe2acc43 git-daemon-1.8.3.1-24.el7_9.x86_64.rpm 2f40644349b7b023a5ac1b6045dc14e19a4d5af38ffd90e8907d4b98929b12b2 git-email-1.8.3.1-24.el7_9.noarch.rpm eace35203de4fbc64ea081a27197877a56615d25b23b30e79f559209ff736310 git-gnome-keyring-1.8.3.1-24.el7_9.x86_64.rpm 6a1b6459f1f724a4030deb520745ead7657fcaae71a35ba2905022d5da341997 git-gui-1.8.3.1-24.el7_9.noarch.rpm 7f8cb3fbedf15a4146ccc43a641071e7f99fbde04c72526476d5cd90545e4644 git-hg-1.8.3.1-24.el7_9.noarch.rpm 37146ed7255163cbdf3bb94a0f5e8ea9cb46eeddd0d269546fb213017f212548 git-instaweb-1.8.3.1-24.el7_9.noarch.rpm b649840984828bb702a86f59b74053d9fb62a7d9512eed421f9ac6fd2c5e648a gitk-1.8.3.1-24.el7_9.noarch.rpm 4f181bcb90816497b5e18006556c8e9c5e26bb5a1da4f5be2acce0472c81866d git-p4-1.8.3.1-24.el7_9.noarch.rpm 37036b6e228127d501401f8546d504c70f6e51fcc1271a33342effbc6d6a62cd git-svn-1.8.3.1-24.el7_9.x86_64.rpm 84b71cd28250d68d8dd0c9a9da4983782f0ef2c5888c5734b7d12841ff61313b gitweb-1.8.3.1-24.el7_9.noarch.rpm 8e6103f5bc92eabbe008d9d10cd7ea86a1fd82eed882657037c36f9c0dd9ef59 perl-Git-1.8.3.1-24.el7_9.noarch.rpm d666c7aa2c9af7b68e1d9bb3646d95b078ea804f6833a701a44fd99fac4c9ae2 perl-Git-SVN-1.8.3.1-24.el7_9.noarch.rpm Source: 188779028ec3e5d4e43e7a0edf533c75725d9086138c787db9f4792636513939 git-1.8.3.1-24.el7_9.src.rpm -- Johnny Hughes CentOS Project { https://www.centos.org/ } irc: hughesjr, #
Mar 01, 2023
•Critical
CentOS
198
security advisorysecurity issueremote code executionArch Linux: 202103-3 Low Severity: Git Arbitrary Code Execution
The package git before version 2.30.2-1 is vulnerable to arbitrary code execution. . Arch Linux Security Advisory ASA-202103-3 ======================================== Severity: Low Date : 2021-03-13 CVE-ID : CVE-2021-21300 Package : git Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-1665 Summary ====== The package git before version 2.30.2-1 is vulnerable to arbitrary code execution. Resolution ========= Upgrade to 2.30.2-1. # pacman -Syu "git> =2.30.2-1" The problem has been fixed upstream in version 2.30.2. Workaround ========= None. Description ========== In affected versions of Git a specially crafted repository that contains symbolic links as well as files using a clean/smudge filter such as Git LFS, may cause just-checked out script to be executed while cloning onto a case-insensitive file system such as NTFS, HFS+ or APFS. Note that clean/smudge filters have to be configured for that. As a workaround, if symbolic link support is disabled in Git (e.g. via `git config --global core.symlinks false`), the described attack won't work. Likewise, if no clean/smudge filters such as Git LFS are configured globally (i.e. _before_ cloning), the attack is foiled. As always, it is best to avoid cloning repositories from untrusted sources. The earliest impacted version is 2.14.2. The fix versions are: 2.30.1, 2.29.3, 2.28.1, 2.27.1, 2.26.3, 2.25.5, 2.24.4, 2.23.4, 2.22.5, 2.21.4, 2.20.5, 2.19.6, 2.18.5, 2.17.62.17.6. Impact ===== Under certain circumstances, a remote attacker might be able to execute arbitrary code by getting a local user to clone a crafted repository. References ========= https://github.com/git/git/security/advisories/GHSA-8prw-h3cq-mghm https://lore.kernel.org/git/
Mar 20, 2021
•Low
ArchLinux
198
security advisoryhigh severityinformation disclosureArch Linux: 202004-21 High Severity: Git Information Disclosure
The package git before version 2.26.2-1 is vulnerable to information disclosure. . Arch Linux Security Advisory ASA-202004-21 ========================================= Severity: High Date : 2020-04-22 CVE-ID : CVE-2020-11008 Package : git Type : information disclosure Remote : Yes Link : https://security.archlinux.org/AVG-1138 Summary ====== The package git before version 2.26.2-1 is vulnerable to information disclosure. Resolution ========= Upgrade to 2.26.2-1. # pacman -Syu "git> =2.26.2-1" The problem has been fixed upstream in version 2.26.2. Workaround ========= None. Description ========== A vulnerability has been found in git before 2.26.2. With a crafted URL that contains a newline or empty host, or lacks a scheme, the credential helper machinery can be fooled into providing credential information that is not appropriate for the protocol in use and host being contacted. Unlike the vulnerability CVE-2020-5260 fixed in v2.26.1, the credentials are not for a host of the attacker's choosing; instead, they are for some unspecified host (based on how the configured credential helper handles an absent "host" parameter). The attack has been made impossible by refusing to work with under-specified credential patterns. Impact ===== A remote attacker might be able to retrieve passwords or other credentials by tricking a user into cloning from a crafted URL, either directly or via Git submodules, or package systems built around Git. References ========= https://github.com/git/git/security/advisories/GHSA-hjc9-x69f-jqj7 https://github.com/git/git/compare/v2.17.4...v2.17.5 https://security.archlinux.org/CVE-2020-11008 . The Arch Linux Security Advisory ASA-202004-22 details a critical vulnerability related to privilege escalation in the curl package.. information disclosure, Arch Linux, git package, security advisory, high severity. . LinuxSecurity.com Team
Apr 30, 2020
ArchLinux
98
security advisoryRed Hatmoderate impactRed Hat 7: RHSA-2015:2515-01 Moderate: Git19 Arbitrary Code Issue
Updated git19-git packages that fix one security issue are now available for Red Hat Software Collections 2. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ==================================================================== Red Hat Security Advisory Synopsis: Moderate: git19-git security update Advisory ID: RHSA-2015:2515-01 Product: Red Hat Software Collections Advisory URL: https://access.redhat.com/errata/RHSA-2015:2515.html Issue date: 2015-11-25 ==================================================================== 1. Summary: Updated git19-git packages that fix one security issue are now available for Red Hat Software Collections 2. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. 2. Relevant releases/architectures: Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6) - noarch, x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7) - noarch, x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.5) - noarch, x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.6) - noarch, x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.7) - noarch, x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.1) - noarch, x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6) - noarch, x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7) - noarch, x86_64 3. Description: Git is a distributed revision control system with a decentralized architecture. As opposed to centralized version control systems with a client-servermodel, Git ensures that each working copy of a Git repository is an exact copy with complete revision history. This not only allows the user to work on and contribute to projects without the need to have permission to push the changes to their official repositories, but also makes it possible for the user to work with no network connection. A flaw was found in the way the git-remote-ext helper processed certain URLs. If a user had Git configured to automatically clone submodules from untrusted repositories, an attacker could inject commands into the URL of a submodule, allowing them to execute arbitrary code on the user's system. (BZ#1269794) All git19-git users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1269794 - git: arbitrary code execution via crafted URLs 6. Package List: Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6): Source: git19-git-1.9.4-3.el6.1.src.rpm noarch: git19-emacs-git-1.9.4-3.el6.1.noarch.rpm git19-emacs-git-el-1.9.4-3.el6.1.noarch.rpm git19-git-all-1.9.4-3.el6.1.noarch.rpm git19-git-cvs-1.9.4-3.el6.1.noarch.rpm git19-git-email-1.9.4-3.el6.1.noarch.rpm git19-git-gui-1.9.4-3.el6.1.noarch.rpm git19-gitk-1.9.4-3.el6.1.noarch.rpm git19-gitweb-1.9.4-3.el6.1.noarch.rpm git19-perl-Git-1.9.4-3.el6.1.noarch.rpm git19-perl-Git-SVN-1.9.4-3.el6.1.noarch.rpm x86_64: git19-git-1.9.4-3.el6.1.x86_64.rpm git19-git-daemon-1.9.4-3.el6.1.x86_64.rpm git19-git-debuginfo-1.9.4-3.el6.1.x86_64.rpm git19-git-svn-1.9.4-3.el6.1.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v.6.5): Source: git19-git-1.9.4-3.el6.1.src.rpm noarch: git19-emacs-git-1.9.4-3.el6.1.noarch.rpm git19-emacs-git-el-1.9.4-3.el6.1.noarch.rpm git19-git-all-1.9.4-3.el6.1.noarch.rpm git19-git-cvs-1.9.4-3.el6.1.noarch.rpm git19-git-email-1.9.4-3.el6.1.noarch.rpm git19-git-gui-1.9.4-3.el6.1.noarch.rpm git19-gitk-1.9.4-3.el6.1.noarch.rpm git19-gitweb-1.9.4-3.el6.1.noarch.rpm git19-perl-Git-1.9.4-3.el6.1.noarch.rpm git19-perl-Git-SVN-1.9.4-3.el6.1.noarch.rpm x86_64: git19-git-1.9.4-3.el6.1.x86_64.rpm git19-git-daemon-1.9.4-3.el6.1.x86_64.rpm git19-git-debuginfo-1.9.4-3.el6.1.x86_64.rpm git19-git-svn-1.9.4-3.el6.1.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.6): Source: git19-git-1.9.4-3.el6.1.src.rpm noarch: git19-emacs-git-1.9.4-3.el6.1.noarch.rpm git19-emacs-git-el-1.9.4-3.el6.1.noarch.rpm git19-git-all-1.9.4-3.el6.1.noarch.rpm git19-git-cvs-1.9.4-3.el6.1.noarch.rpm git19-git-email-1.9.4-3.el6.1.noarch.rpm git19-git-gui-1.9.4-3.el6.1.noarch.rpm git19-gitk-1.9.4-3.el6.1.noarch.rpm git19-gitweb-1.9.4-3.el6.1.noarch.rpm git19-perl-Git-1.9.4-3.el6.1.noarch.rpm git19-perl-Git-SVN-1.9.4-3.el6.1.noarch.rpm x86_64: git19-git-1.9.4-3.el6.1.x86_64.rpm git19-git-daemon-1.9.4-3.el6.1.x86_64.rpm git19-git-debuginfo-1.9.4-3.el6.1.x86_64.rpm git19-git-svn-1.9.4-3.el6.1.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.7): Source: git19-git-1.9.4-3.el6.1.src.rpm noarch: git19-emacs-git-1.9.4-3.el6.1.noarch.rpm git19-emacs-git-el-1.9.4-3.el6.1.noarch.rpm git19-git-all-1.9.4-3.el6.1.noarch.rpm git19-git-cvs-1.9.4-3.el6.1.noarch.rpm git19-git-email-1.9.4-3.el6.1.noarch.rpm git19-git-gui-1.9.4-3.el6.1.noarch.rpm git19-gitk-1.9.4-3.el6.1.noarch.rpm git19-gitweb-1.9.4-3.el6.1.noarch.rpm git19-perl-Git-1.9.4-3.el6.1.noarch.rpm git19-perl-Git-SVN-1.9.4-3.el6.1.noarch.rpm x86_64: git19-git-1.9.4-3.el6.1.x86_64.rpm git19-git-daemon-1.9.4-3.el6.1.x86_64.rpm git19-git-debuginfo-1.9.4-3.el6.1.x86_64.rpm git19-git-svn-1.9.4-3.el6.1.x86_64.rpm Red Hat SoftwareCollections for Red Hat Enterprise Linux Workstation (v. 6): Source: git19-git-1.9.4-3.el6.1.src.rpm noarch: git19-emacs-git-1.9.4-3.el6.1.noarch.rpm git19-emacs-git-el-1.9.4-3.el6.1.noarch.rpm git19-git-all-1.9.4-3.el6.1.noarch.rpm git19-git-cvs-1.9.4-3.el6.1.noarch.rpm git19-git-email-1.9.4-3.el6.1.noarch.rpm git19-git-gui-1.9.4-3.el6.1.noarch.rpm git19-gitk-1.9.4-3.el6.1.noarch.rpm git19-gitweb-1.9.4-3.el6.1.noarch.rpm git19-perl-Git-1.9.4-3.el6.1.noarch.rpm git19-perl-Git-SVN-1.9.4-3.el6.1.noarch.rpm x86_64: git19-git-1.9.4-3.el6.1.x86_64.rpm git19-git-daemon-1.9.4-3.el6.1.x86_64.rpm git19-git-debuginfo-1.9.4-3.el6.1.x86_64.rpm git19-git-svn-1.9.4-3.el6.1.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7): Source: git19-git-1.9.4-3.el7.1.src.rpm noarch: git19-emacs-git-1.9.4-3.el7.1.noarch.rpm git19-emacs-git-el-1.9.4-3.el7.1.noarch.rpm git19-git-all-1.9.4-3.el7.1.noarch.rpm git19-git-bzr-1.9.4-3.el7.1.noarch.rpm git19-git-cvs-1.9.4-3.el7.1.noarch.rpm git19-git-email-1.9.4-3.el7.1.noarch.rpm git19-git-gui-1.9.4-3.el7.1.noarch.rpm git19-git-hg-1.9.4-3.el7.1.noarch.rpm git19-gitk-1.9.4-3.el7.1.noarch.rpm git19-gitweb-1.9.4-3.el7.1.noarch.rpm git19-perl-Git-1.9.4-3.el7.1.noarch.rpm git19-perl-Git-SVN-1.9.4-3.el7.1.noarch.rpm x86_64: git19-git-1.9.4-3.el7.1.x86_64.rpm git19-git-daemon-1.9.4-3.el7.1.x86_64.rpm git19-git-debuginfo-1.9.4-3.el7.1.x86_64.rpm git19-git-svn-1.9.4-3.el7.1.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v.7.1): Source: git19-git-1.9.4-3.el7.1.src.rpm noarch: git19-emacs-git-1.9.4-3.el7.1.noarch.rpm git19-emacs-git-el-1.9.4-3.el7.1.noarch.rpm git19-git-all-1.9.4-3.el7.1.noarch.rpm git19-git-bzr-1.9.4-3.el7.1.noarch.rpm git19-git-cvs-1.9.4-3.el7.1.noarch.rpm git19-git-email-1.9.4-3.el7.1.noarch.rpm git19-git-gui-1.9.4-3.el7.1.noarch.rpm git19-git-hg-1.9.4-3.el7.1.noarch.rpm git19-gitk-1.9.4-3.el7.1.noarch.rpm git19-gitweb-1.9.4-3.el7.1.noarch.rpm git19-perl-Git-1.9.4-3.el7.1.noarch.rpm git19-perl-Git-SVN-1.9.4-3.el7.1.noarch.rpm x86_64: git19-git-1.9.4-3.el7.1.x86_64.rpm git19-git-daemon-1.9.4-3.el7.1.x86_64.rpm git19-git-debuginfo-1.9.4-3.el7.1.x86_64.rpm git19-git-svn-1.9.4-3.el7.1.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7): Source: git19-git-1.9.4-3.el7.1.src.rpm noarch: git19-emacs-git-1.9.4-3.el7.1.noarch.rpm git19-emacs-git-el-1.9.4-3.el7.1.noarch.rpm git19-git-all-1.9.4-3.el7.1.noarch.rpm git19-git-bzr-1.9.4-3.el7.1.noarch.rpm git19-git-cvs-1.9.4-3.el7.1.noarch.rpm git19-git-email-1.9.4-3.el7.1.noarch.rpm git19-git-gui-1.9.4-3.el7.1.noarch.rpm git19-git-hg-1.9.4-3.el7.1.noarch.rpm git19-gitk-1.9.4-3.el7.1.noarch.rpm git19-gitweb-1.9.4-3.el7.1.noarch.rpm git19-perl-Git-1.9.4-3.el7.1.noarch.rpm git19-perl-Git-SVN-1.9.4-3.el7.1.noarch.rpm x86_64: git19-git-1.9.4-3.el7.1.x86_64.rpm git19-git-daemon-1.9.4-3.el7.1.x86_64.rpm git19-git-debuginfo-1.9.4-3.el7.1.x86_64.rpm git19-git-svn-1.9.4-3.el7.1.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2015 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFWVf0xXlSAg2UNWIIRAnekAKCvh5z9bVlRkeGe9/5wGJUNvHSGEACfX8EU zsqtxmbc4gw+WPGLNg8IbeU=EIuV -----END PGPSIGNATURE----- -- Enterprise-watch-list mailing list
Nov 25, 2015
Red Hat
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!