[CLSA-2024:1728056367] Fix CVE(s): CVE-2024-32465
Type:
security
Severity:
Important
Release date:
2024-10-04 15:39:32 UTC
Description:
* SECURITY UPDATE: Bypass of protections in untrusted repositories - debian/patches/CVE-2024-32465.patch: Disable lazy-fetching by default in upload-pack to prevent arbitrary command execution during clone/fetch - CVE-2024-32465
Updated packages:
  • git_2.17.1-1ubuntu0.18+tuxcare.els3_amd64.deb
    sha:4dc4481bc8ec755c6d14510d36b0b12c61d77ad2
  • git-all_2.17.1-1ubuntu0.18+tuxcare.els3_all.deb
    sha:ace223711c747262118f3ea234c02b4c1ec5d6ea
  • git-cvs_2.17.1-1ubuntu0.18+tuxcare.els3_all.deb
    sha:09c67f24a6774c77eff940ee44f1534aeafe2051
  • git-daemon-run_2.17.1-1ubuntu0.18+tuxcare.els3_all.deb
    sha:506dddcd306c3fba13e8a80101995a5898be1422
  • git-daemon-sysvinit_2.17.1-1ubuntu0.18+tuxcare.els3_all.deb
    sha:e53d2b11cbe729c586d8638bc0ce192fa69a24a6
  • git-doc_2.17.1-1ubuntu0.18+tuxcare.els3_all.deb
    sha:f85f5438654a86e1bb4c3b5a96ad6f4a587cca3e
  • git-el_2.17.1-1ubuntu0.18+tuxcare.els3_all.deb
    sha:b2a0c144197ee58704739eb08841808a5b4ee783
  • git-email_2.17.1-1ubuntu0.18+tuxcare.els3_all.deb
    sha:b049de143936c14b5452dcb0fb0965cfc2b82505
  • git-gui_2.17.1-1ubuntu0.18+tuxcare.els3_all.deb
    sha:e7bf72b3f2a1cf52fb648dd73e5f87436cadeb4a
  • git-man_2.17.1-1ubuntu0.18+tuxcare.els3_all.deb
    sha:6f2b7bbeb4c798b1267d28c748ebf7a33f1cfa53
  • git-mediawiki_2.17.1-1ubuntu0.18+tuxcare.els3_all.deb
    sha:6048f9b98cec5e3d9fe97277cd36e149d81e539e
  • git-svn_2.17.1-1ubuntu0.18+tuxcare.els3_all.deb
    sha:6568ffbebd9ad975c742112b25cf84ed4ab4212e
  • gitk_2.17.1-1ubuntu0.18+tuxcare.els3_all.deb
    sha:3a88ec4853a10552f39336aa8031ecbdcdb36b3f
  • gitweb_2.17.1-1ubuntu0.18+tuxcare.els3_all.deb
    sha:fbf1bcd76cda002e433b9d181eede4bed713309c
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.