Release Info

Advisory: CLSA-2025:1754342893

OS: CentOS 8.5 ELS

Public date: 2025-08-04 21:28:15.814359

Project: git

Version: 2.27.0-1.el8.tuxcare.els8

Errata link: https://errata.tuxcare.com/els_os/centos8.5els/CLSA-2025-1754342893.html

Changelog

- CVE-2025-27614: fix a vulnerability in Gitk that allowed arbitrary script execution via specially crafted filenames in a repository - CVE-2025-27614: fix a vulnerability in Gitk that allowed arbitrary file creation/truncation - CVE-2025-46835: fix a vulnerability in Git GUI where editing files in maliciously named directories could lead to arbitrary file overwrite

Update

Update command: dnf update git*

Packages list

git-2.27.0-1.el8.tuxcare.els8.x86_64.rpm git-all-2.27.0-1.el8.tuxcare.els8.noarch.rpm git-core-2.27.0-1.el8.tuxcare.els8.x86_64.rpm git-core-doc-2.27.0-1.el8.tuxcare.els8.noarch.rpm git-credential-libsecret-2.27.0-1.el8.tuxcare.els8.x86_64.rpm git-daemon-2.27.0-1.el8.tuxcare.els8.x86_64.rpm git-email-2.27.0-1.el8.tuxcare.els8.noarch.rpm git-gui-2.27.0-1.el8.tuxcare.els8.noarch.rpm git-instaweb-2.27.0-1.el8.tuxcare.els8.noarch.rpm git-subtree-2.27.0-1.el8.tuxcare.els8.x86_64.rpm git-svn-2.27.0-1.el8.tuxcare.els8.noarch.rpm gitk-2.27.0-1.el8.tuxcare.els8.noarch.rpm gitweb-2.27.0-1.el8.tuxcare.els8.noarch.rpm perl-Git-2.27.0-1.el8.tuxcare.els8.noarch.rpm perl-Git-SVN-2.27.0-1.el8.tuxcare.els8.noarch.rpm

CVEs

CVE-2025-27613
CVE-2025-6491
CVE-2025-27614
CVE-2025-46835