Release Info

Advisory: CLSA-2024:1728056367

OS: Ubuntu 18.04 ELS

Public date: 2024-10-04 11:39:30

Project: git

Version: 1:2.17.1-1ubuntu0.18+tuxcare.els3

Errata link: https://errata.cloudlinux.com/ubuntu18-els/CLSA-2024-1728056367.html

Changelog

* SECURITY UPDATE: Bypass of protections in untrusted repositories - debian/patches/CVE-2024-32465.patch: Disable lazy-fetching by default in upload-pack to prevent arbitrary command execution during clone/fetch - CVE-2024-32465

Update

Update command: apt-get update apt-get --only-upgrade install git*

Packages list

git_2.17.1-1ubuntu0.18+tuxcare.els3_amd64.deb git-all_2.17.1-1ubuntu0.18+tuxcare.els3_all.deb git-cvs_2.17.1-1ubuntu0.18+tuxcare.els3_all.deb git-daemon-run_2.17.1-1ubuntu0.18+tuxcare.els3_all.deb git-daemon-sysvinit_2.17.1-1ubuntu0.18+tuxcare.els3_all.deb git-doc_2.17.1-1ubuntu0.18+tuxcare.els3_all.deb git-el_2.17.1-1ubuntu0.18+tuxcare.els3_all.deb git-email_2.17.1-1ubuntu0.18+tuxcare.els3_all.deb git-gui_2.17.1-1ubuntu0.18+tuxcare.els3_all.deb git-man_2.17.1-1ubuntu0.18+tuxcare.els3_all.deb git-mediawiki_2.17.1-1ubuntu0.18+tuxcare.els3_all.deb git-svn_2.17.1-1ubuntu0.18+tuxcare.els3_all.deb gitk_2.17.1-1ubuntu0.18+tuxcare.els3_all.deb gitweb_2.17.1-1ubuntu0.18+tuxcare.els3_all.deb

CVEs

CVE-2024-32465