You are here
Home > Preporuke > Sigurnosni nedostaci programskog paketa git

Sigurnosni nedostaci programskog paketa git

  • Detalji os-a: WN7
  • Važnost: IMP
  • Operativni sustavi: L
  • Kategorije: LUB

==========================================================================
Ubuntu Security Notice USN-4220-1
December 10, 2019

git vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

– Ubuntu 19.10
– Ubuntu 19.04
– Ubuntu 18.04 LTS
– Ubuntu 16.04 LTS

Summary:

Several security issues were fixed in Git.

Software Description:
– git: fast, scalable, distributed revision control system

Details:

Joern Schneeweisz and Nicolas Joly discovered that Git contained various
security flaws. An attacker could possibly use these issues to overwrite
arbitrary paths, execute arbitrary code, and overwrite files in the .git
directory.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 19.10:
git 1:2.20.1-2ubuntu1.19.10.1

Ubuntu 19.04:
git 1:2.20.1-2ubuntu1.19.04.1

Ubuntu 18.04 LTS:
git 1:2.17.1-1ubuntu0.5

Ubuntu 16.04 LTS:
git 1:2.7.4-0ubuntu1.7

In general, a standard system update will make all the necessary changes.

References:
https://usn.ubuntu.com/4220-1
CVE-2019-1348, CVE-2019-1349, CVE-2019-1350, CVE-2019-1351,
CVE-2019-1352, CVE-2019-1353, CVE-2019-1354, CVE-2019-1387,
CVE-2019-19604

Package Information:
https://launchpad.net/ubuntu/+source/git/1:2.20.1-2ubuntu1.19.10.1
https://launchpad.net/ubuntu/+source/git/1:2.20.1-2ubuntu1.19.04.1
https://launchpad.net/ubuntu/+source/git/1:2.17.1-1ubuntu0.5
https://launchpad.net/ubuntu/+source/git/1:2.7.4-0ubuntu1.7

—–BEGIN PGP SIGNATURE—–

iQIzBAEBCgAdFiEEUMSg3c8x5FLOsZtRZWnYVadEvpMFAl3v998ACgkQZWnYVadE
vpMLRg/8DUwOuccLWambDOSrTe2PBq6YL5JCFYaZE4X7a3HGfhsw8mbILEMjWEsl
9q1pWyYsW/2gl8nEN/oAp1M2/Kp8M5f5gLC/LI2aT+handKJAAy5a3ExkW/HCWEg
xJuoIAS4ijDE6VUoxQGXmSSNfoq0HE4PuFOBhHWBtaGPy+eGf5rbjQ8KpwwChiOO
aKpmmPnLoW8U6Oqx89xkWYrgt5lQvoimQfopAv31Oa++gJKjl6no1mcRgGHLKYx8
HZ4ZInLPyTDSlmYJz+VZ7zLyRr8+ZIrwQIMhKdrUAlN3UobB9o6AzrUgyw6BaGMK
SrKSf8PJeNv5bOkmAbbYBz8iahVSUijN5HgFMTfSbHo6V0RclU0gGqjUg/6b7t4k
brjCcH6WYBJO0/nk5owdR/hrqQZppXdAONSHX1B/G63kd71zPiCq283SHUUR07Gw
rcQIMdwUWUUSgfInN36g6nyDGMLydAAbk+bE3OocEouWNKTblvYwmb0yNbGzKUtL
fKqjfYrmVUq4qjhOSe90AcPbOSkjaFH3nI1OSd9uxTpmEyvxB/1TH3WNcYDQoZuo
Af30bitlIUqYu2ny27b9K4WeAfzE/baW+uklLT7BTz8hXR6zYsVJ253Q5ndQTbkq
TnThOrrt4q/WAMqDGqmG93R4mFBMsZRaohFZfe0VsesuNOU6QEk=
=xJvk
—–END PGP SIGNATURE—–

AutorToni Vugdelija
Cert idNCERT-REF-2019-12-0001-ADV
CveCERT-CVE-DUMMY
ID izvornikaCERT-ORIGID-DUMMY
ProizvodCERT-DUMMY-PRODUCT
IzvorAdobe
Top
More in Preporuke
Sigurnosni nedostatak programske biblioteke libssh

Otkriven je sigurnosni nedostatak programske biblioteke libssh za operacijski sustav Ubuntu. Otkriveni nedostatak potencijalnim napadačima omogućuje izvršavanje proizvoljnog programskog koda....

Close