drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Zwei Probleme in Git
| Name: |
Zwei Probleme in Git |
|
| ID: |
USN-7207-1 |
|
| Distribution: |
Ubuntu |
|
| Plattformen: |
Ubuntu 22.04 LTS, Ubuntu 24.04 LTS, Ubuntu 24.10 |
|
| Datum: |
Mi, 15. Januar 2025, 06:39 |
|
| Referenzen: |
https://www.cve.org/CVERecord?id=CVE-2024-52006
https://www.cve.org/CVERecord?id=CVE-2024-50349 |
|
| Applikationen: |
Git |
|
Originalnachricht |
--===============3947035383005606317==
Content-Type: multipart/signed; micalg=pgp-sha512;
protocol="application/pgp-signature";
boundary="r5Pyd7+fXNt84Ff3"
Content-Disposition: inline
--r5Pyd7+fXNt84Ff3
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
==========================================================================
Ubuntu Security Notice USN-7207-1
January 14, 2025
git vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 24.10
- Ubuntu 24.04 LTS
- Ubuntu 22.04 LTS
Summary:
Several security issues were fixed in Git.
Software Description:
- git: fast, scalable, distributed revision control system
Details:
It was discovered that Git incorrectly handled certain URLs when
asking for credentials. An attacker could possibly use this
issue to mislead the user into typing passwords for trusted
sites that would then be sent to untrusted sites instead.
(CVE-2024-50349)
It was discovered that git incorrectly handled line endings when
using credential helpers. (CVE-2024-52006)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 24.10
git 1:2.45.2-1ubuntu1.1
Ubuntu 24.04 LTS
git 1:2.43.0-1ubuntu7.2
Ubuntu 22.04 LTS
git 1:2.34.1-1ubuntu1.12
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-7207-1
CVE-2024-50349, CVE-2024-52006
Package Information:
https://launchpad.net/ubuntu/+source/git/1:2.45.2-1ubuntu1.1
https://launchpad.net/ubuntu/+source/git/1:2.43.0-1ubuntu7.2
https://launchpad.net/ubuntu/+source/git/1:2.34.1-1ubuntu1.12
--r5Pyd7+fXNt84Ff3
Content-Type: application/pgp-signature; name="signature.asc"
-----BEGIN PGP SIGNATURE-----
iQIzBAABCgAdFiEEf+ebRFcoyOoAQoOeRbznW4QLH2kFAmeG5h4ACgkQRbznW4QL
H2n7dxAAgG7b11dS1Lodnr1hYZS2j8EmwicxIDxG8IKrn1thzUj2rVW0f42CwEl1
3pPyGaoWfCKHsOItTCaZJB6yFjz3Hx4roKrEAzh+jiMT0qvWU8lFtLUknKkrzIEm
uYdMAvoZCGH8GKMZKEAEPg508pYWxcDcpwzz7W29deCfqKrgvYuF3S5rfMnXYNow
zUVGMbWQlyeIGnK/CwziLvoGHJs0W3zhpEWHVfZd5pzMZZzccEcUUZvgF3ikhEqe
Mj7URivfSfC6Q2mtDaul78OUcg407WprulolA8ZVFtd04+qHtA+UeGauG+ktUhMl
4Os36m/rVcVinSb8R6Yf4uvjDuEzgr/hcRGR+8swP4iYdynEkVRWqiq0i5kQA+0P
oEYJDlwN20bO2EyA2TA1MpyaTyHGgCwoE9ws8l76/S+UkH84L67uA8aBgYnPSg/2
LCPtrv9GsHRtpwXfvd+ZLd/WmRzmhFjqZLYw5kV09/wfnpSi8w8VI2bnc3ev3qjf
oangaLzsaOV5yK9B/PUkF4GXX2fBk483B8QbjTSAcZ1uKgCaK1vT2xZRb+sw93RF
+LNZAmjTo0efnlth6CDjUfCvm6F2hX6tQcGu2zrdlUGP0ft1+LQLMNS96f4s+TaY
0vpvr9xjLXhbeXlv4Gq7uvyk9BCF2Ms7RwPhzPZwsupT8ow1vmM=
=4Cvo
-----END PGP SIGNATURE-----
--r5Pyd7+fXNt84Ff3--
--===============3947035383005606317==
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: base64
Content-Disposition: inline
--===============3947035383005606317==--
|
|
|
|
