[Apollo] Advisories Statistics light light Login

RLSA-2024:4083

Security Mirrored from RHSA-2024:4083
Issued at: 2024-07-02
Updated at: 2024-07-02

Synopsis

Important: git security update



Description

Git is a distributed revision control system with a decentralized architecture. As opposed to centralized version control systems with a client-server model, Git ensures that each working copy of a Git repository is an exact copy with complete revision history. This not only allows the user to work on and contribute to projects without the need to have permission to push the changes to their official repositories, but also makes it possible for the user to work with no network connection.

Security Fix(es):

* git: Recursive clones RCE (CVE-2024-32002)

* git: RCE while cloning local repos (CVE-2024-32004)

* git: additional local RCE (CVE-2024-32465)

* git: insecure hardlinks (CVE-2024-32020)

* git: symlink bypass (CVE-2024-32021)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer the CVE page(s) listed in the References section.



Affected products

Rocky Linux 9 aarch64 Rocky Linux 9 ppc64le Rocky Linux 9 s390x Rocky Linux 9 x86_64

Fixes

2280421 2280428 2280446 2280466 2280484

CVEs

CVE-2024-32002 CVE-2024-32004 CVE-2024-32020 CVE-2024-32021 CVE-2024-32465

Affected packages

Rocky Linux 9 aarch64 - AppStream

git-0:2.43.5-1.el9_4.aarch64.rpm git-0:2.43.5-1.el9_4.src.rpm git-all-0:2.43.5-1.el9_4.noarch.rpm git-core-0:2.43.5-1.el9_4.aarch64.rpm git-core-debuginfo-0:2.43.5-1.el9_4.aarch64.rpm git-core-doc-0:2.43.5-1.el9_4.noarch.rpm git-credential-libsecret-0:2.43.5-1.el9_4.aarch64.rpm git-credential-libsecret-debuginfo-0:2.43.5-1.el9_4.aarch64.rpm git-daemon-0:2.43.5-1.el9_4.aarch64.rpm git-daemon-debuginfo-0:2.43.5-1.el9_4.aarch64.rpm git-debuginfo-0:2.43.5-1.el9_4.aarch64.rpm git-debugsource-0:2.43.5-1.el9_4.aarch64.rpm git-email-0:2.43.5-1.el9_4.noarch.rpm git-gui-0:2.43.5-1.el9_4.noarch.rpm git-instaweb-0:2.43.5-1.el9_4.noarch.rpm gitk-0:2.43.5-1.el9_4.noarch.rpm git-subtree-0:2.43.5-1.el9_4.aarch64.rpm git-svn-0:2.43.5-1.el9_4.noarch.rpm gitweb-0:2.43.5-1.el9_4.noarch.rpm perl-Git-0:2.43.5-1.el9_4.noarch.rpm perl-Git-SVN-0:2.43.5-1.el9_4.noarch.rpm

Rocky Linux 9 ppc64le - AppStream

git-0:2.43.5-1.el9_4.ppc64le.rpm git-0:2.43.5-1.el9_4.src.rpm git-all-0:2.43.5-1.el9_4.noarch.rpm git-core-0:2.43.5-1.el9_4.ppc64le.rpm git-core-debuginfo-0:2.43.5-1.el9_4.ppc64le.rpm git-core-doc-0:2.43.5-1.el9_4.noarch.rpm git-credential-libsecret-0:2.43.5-1.el9_4.ppc64le.rpm git-credential-libsecret-debuginfo-0:2.43.5-1.el9_4.ppc64le.rpm git-daemon-0:2.43.5-1.el9_4.ppc64le.rpm git-daemon-debuginfo-0:2.43.5-1.el9_4.ppc64le.rpm git-debuginfo-0:2.43.5-1.el9_4.ppc64le.rpm git-debugsource-0:2.43.5-1.el9_4.ppc64le.rpm git-email-0:2.43.5-1.el9_4.noarch.rpm git-gui-0:2.43.5-1.el9_4.noarch.rpm git-instaweb-0:2.43.5-1.el9_4.noarch.rpm gitk-0:2.43.5-1.el9_4.noarch.rpm git-subtree-0:2.43.5-1.el9_4.ppc64le.rpm git-svn-0:2.43.5-1.el9_4.noarch.rpm gitweb-0:2.43.5-1.el9_4.noarch.rpm perl-Git-0:2.43.5-1.el9_4.noarch.rpm perl-Git-SVN-0:2.43.5-1.el9_4.noarch.rpm

Rocky Linux 9 s390x - AppStream

git-0:2.43.5-1.el9_4.s390x.rpm git-0:2.43.5-1.el9_4.src.rpm git-all-0:2.43.5-1.el9_4.noarch.rpm git-core-0:2.43.5-1.el9_4.s390x.rpm git-core-debuginfo-0:2.43.5-1.el9_4.s390x.rpm git-core-doc-0:2.43.5-1.el9_4.noarch.rpm git-credential-libsecret-0:2.43.5-1.el9_4.s390x.rpm git-credential-libsecret-debuginfo-0:2.43.5-1.el9_4.s390x.rpm git-daemon-0:2.43.5-1.el9_4.s390x.rpm git-daemon-debuginfo-0:2.43.5-1.el9_4.s390x.rpm git-debuginfo-0:2.43.5-1.el9_4.s390x.rpm git-debugsource-0:2.43.5-1.el9_4.s390x.rpm git-email-0:2.43.5-1.el9_4.noarch.rpm git-gui-0:2.43.5-1.el9_4.noarch.rpm git-instaweb-0:2.43.5-1.el9_4.noarch.rpm gitk-0:2.43.5-1.el9_4.noarch.rpm git-subtree-0:2.43.5-1.el9_4.s390x.rpm git-svn-0:2.43.5-1.el9_4.noarch.rpm gitweb-0:2.43.5-1.el9_4.noarch.rpm perl-Git-0:2.43.5-1.el9_4.noarch.rpm perl-Git-SVN-0:2.43.5-1.el9_4.noarch.rpm

Rocky Linux 9 x86_64 - AppStream

git-0:2.43.5-1.el9_4.src.rpm git-0:2.43.5-1.el9_4.x86_64.rpm git-all-0:2.43.5-1.el9_4.noarch.rpm git-core-0:2.43.5-1.el9_4.x86_64.rpm git-core-debuginfo-0:2.43.5-1.el9_4.x86_64.rpm git-core-doc-0:2.43.5-1.el9_4.noarch.rpm git-credential-libsecret-0:2.43.5-1.el9_4.x86_64.rpm git-credential-libsecret-debuginfo-0:2.43.5-1.el9_4.x86_64.rpm git-daemon-0:2.43.5-1.el9_4.x86_64.rpm git-daemon-debuginfo-0:2.43.5-1.el9_4.x86_64.rpm git-debuginfo-0:2.43.5-1.el9_4.x86_64.rpm git-debugsource-0:2.43.5-1.el9_4.x86_64.rpm git-email-0:2.43.5-1.el9_4.noarch.rpm git-gui-0:2.43.5-1.el9_4.noarch.rpm git-instaweb-0:2.43.5-1.el9_4.noarch.rpm gitk-0:2.43.5-1.el9_4.noarch.rpm git-subtree-0:2.43.5-1.el9_4.x86_64.rpm git-svn-0:2.43.5-1.el9_4.noarch.rpm gitweb-0:2.43.5-1.el9_4.noarch.rpm perl-Git-0:2.43.5-1.el9_4.noarch.rpm perl-Git-SVN-0:2.43.5-1.el9_4.noarch.rpm