UbuntuUpdates.org

Package "git"

Name: git

Description:

This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • fast, scalable, distributed revision control system (all subpackages)
  • fast, scalable, distributed revision control system (cvs interoperability)
  • fast, scalable, distributed revision control system (git-daemon service)
  • fast, scalable, distributed revision control system (git-daemon service)
Latest version: 1:2.34.1-1ubuntu1.10
Release: jammy (22.04)
Level: updates
Repository: universe

Links

All versions of this package
Bug fixes

List of files in package
Repository home page

Other versions of "git" in Jammy

Repository Area Version
base main 1:2.34.1-1ubuntu1
base universe 1:2.34.1-1ubuntu1
security universe 1:2.34.1-1ubuntu1.9
security main 1:2.34.1-1ubuntu1.9
updates main 1:2.34.1-1ubuntu1.10

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 1:2.34.1-1ubuntu1.4 2022-07-13 21:07:42 UTC

  git (1:2.34.1-1ubuntu1.4) jammy-security; urgency=medium

  * SECURITY UPDATE: Potential arbitrary code execution
    - debian/patches/CVE-2022-29187-1.patch: adds test to
      regression git needs safe.directory when using sudo in
      t/t0034-root-safe-directory.sh.
    - debian/patches/CVE-2022-29187-2.patch: avoid failing dir ownership
      checks if running privileged in git-compat-util.h,
      t/t0034-root-safe-directory.sh.
    - debian/patches/CVE-2022-29187-3.patch: add negative tests
      and allow git init to mostly work under sudo in
      t/lib-sudo.sh b/t/lib-sudo.sh.
    - debian/patches/CVE-2022-29187-4.patch: allow root
      to access both SUDO_UID and root owned in git-compat-util.h,
      t/t0034-root-safe-directory.sh.
    - debian/patches/CVE-2022-29187-5.patch: add tests for safe.directory
      in t/t0033-safe-directory.sh, setup.c.
    - debian/patches/CVE-2022-29187-6.patch: tighten ownership checks
      post CVE-2022-24765 in setup.c.
    - CVE-2022-29187

 -- Leonidas Da Silva Barbosa <email address hidden> Tue, 05 Jul 2022 10:11:29 -0300
Source diff to previous version
CVE-2022-29187 Git is a distributed revision control system. Git prior to versions 2. ...
CVE-2022-24765 Git for Windows is a fork of Git containing Windows-specific patches. ...

Version: 1:2.34.1-1ubuntu1.2 2022-04-26 16:06:31 UTC

  git (1:2.34.1-1ubuntu1.2) jammy; urgency=medium

  * SECURITY REGRESSION: Previous update was incomplete causing regressions
    and not correctly fixing the issue.
    - debian/patches/CVE-2022-24765-5.patch: fix safe.directory
      key not being checked in setup.c.
    - debian/patches/CVE-2022-24765-6.patch:
      opt-out of check with safe.directory=* in setup.c. (LP: #1970260)

 -- Leonidas Da Silva Barbosa <email address hidden> Mon, 25 Apr 2022 20:14:03 -0300
Source diff to previous version
CVE-2022-24765 Git for Windows is a fork of Git containing Windows-specific patches. ...

Version: 1:2.34.1-1ubuntu1.1 2022-04-25 17:06:18 UTC

  git (1:2.34.1-1ubuntu1.1) jammy-security; urgency=medium

  * SECURITY UPDATE: Run commands in diff users
    - debian/patches/CVE-2022-24765-*.patch: fix GIT_CEILING_DIRECTORIES; add
      an owner check for the top-level-directory; add a function to
      determine whether a path is owned by the current user in patch.c,
      t/t0060-path-utils.sh, setup.c, compat/mingw.c, compat/mingw.h,
      git-compat-util.h.
    - CVE-2022-24765

 -- Leonidas Da Silva Barbosa <email address hidden> Fri, 08 Apr 2022 08:43:25 -0300
CVE-2022-24765 Git for Windows is a fork of Git containing Windows-specific patches. ...


About   -   Send Feedback to @ubuntu_updates