QID 241554
Date Published: 2023-05-25
QID 241554: Red Hat Update for git (RHSA-2023:3263)
Git is a distributed revision control system with a decentralized architecture.
As opposed to centralized version control systems with a client-server model, git ensures that each working copy of a git repository is an exact copy with complete revision history.
This not only allows the user to work on and contribute to projects without the need to have permission to push the changes to their official repositories, but also makes it possible for the user to work with no network connection...Security Fix(es):
- git: by feeding specially crafted input to `git apply --reject`, a path outside the working tree can be overwritten with partially controlled contents (cve-2023-25652).
Git: arbitrary configuration injection when renaming or deleting a section from a configuration file (cve-2023-29007).
- Red Hat enterprise linux server 7 x86_64.
Red hat enterprise linux workstation 7 x86_64.
Red hat enterprise linux desktop 7 x86_64.
Red hat enterprise linux for ibm z systems 7 s390x.
Red hat enterprise linux for power, big endian 7 ppc64.
Red hat enterprise linux for scientific computing 7 x86_64.
Red hat enterprise linux for power, little endian 7 ppc64le.
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
Successful exploitation of this vulnerability could lead to a security breach or could affect integrity, availability, and confidentiality.
Solution
Refer to Red Hat security advisory RHSA-2023:3263 for updates and patch information.
Vendor References
- RHSA-2023:3263 -
access.redhat.com/errata/RHSA-2023:3263
CVEs related to QID 241554
Software Advisories
| Advisory ID | Software | Component | Link |
|---|---|---|---|
| RHSA-2023:3263 | Red Hat Enterprise Linux |
access.redhat.com/errata/RHSA-2023:3263 |