A git security update has been released for AlmaLinux 8.

ALSA-2023:0610 Important: git security update

Type:
security

Severity:
important

Release date:
2023-02-07

Description
Security Fix(es):
* git: gitattributes parsing integer overflow (CVE-2022-23521)
* git: Heap overflow in `git archive`, `git log --format` leading to RCE (CVE-2022-41903)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:
RHSA-2023:0610
CVE-2022-23521
CVE-2022-41903
ALSA-2023:0610

Updates packages:
git-email-2.31.1-3.el8_7.noarch.rpm
perl-Git-SVN-2.31.1-3.el8_7.noarch.rpm
git-core-doc-2.31.1-3.el8_7.noarch.rpm
git-instaweb-2.31.1-3.el8_7.noarch.rpm
gitk-2.31.1-3.el8_7.noarch.rpm
git-all-2.31.1-3.el8_7.noarch.rpm
git-svn-2.31.1-3.el8_7.noarch.rpm
gitweb-2.31.1-3.el8_7.noarch.rpm
git-gui-2.31.1-3.el8_7.noarch.rpm
perl-Git-2.31.1-3.el8_7.noarch.rpm
git-credential-libsecret-2.31.1-3.el8_7.s390x.rpm
git-daemon-2.31.1-3.el8_7.s390x.rpm
git-core-2.31.1-3.el8_7.s390x.rpm
git-2.31.1-3.el8_7.s390x.rpm
git-subtree-2.31.1-3.el8_7.s390x.rpm
git-2.31.1-3.el8_7.x86_64.rpm
git-subtree-2.31.1-3.el8_7.x86_64.rpm
git-daemon-2.31.1-3.el8_7.x86_64.rpm
git-core-2.31.1-3.el8_7.x86_64.rpm
git-credential-libsecret-2.31.1-3.el8_7.x86_64.rpm
git-core-2.31.1-3.el8_7.aarch64.rpm
git-daemon-2.31.1-3.el8_7.aarch64.rpm
git-credential-libsecret-2.31.1-3.el8_7.aarch64.rpm
git-2.31.1-3.el8_7.aarch64.rpm
git-subtree-2.31.1-3.el8_7.aarch64.rpm
git-core-2.31.1-3.el8_7.ppc64le.rpm
git-2.31.1-3.el8_7.ppc64le.rpm
git-subtree-2.31.1-3.el8_7.ppc64le.rpm
git-daemon-2.31.1-3.el8_7.ppc64le.rpm
git-credential-libsecret-2.31.1-3.el8_7.ppc64le.rpm

Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.

  ALSA-2023:0610 Important: git security update