7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
0.0004 Low
EPSS
Percentile
15.7%
The remote host is missing an update for the
# SPDX-FileCopyrightText: 2024 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.0.856146");
script_version("2024-06-07T15:38:39+0000");
script_cve_id("CVE-2024-32650");
script_tag(name:"cvss_base", value:"5.0");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:P/I:N/A:N");
script_tag(name:"last_modification", value:"2024-06-07 15:38:39 +0000 (Fri, 07 Jun 2024)");
script_tag(name:"creation_date", value:"2024-05-19 01:00:30 +0000 (Sun, 19 May 2024)");
script_name("openSUSE: Security Advisory for git (openSUSE-SU-2024:0130-1)");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2024 Greenbone AG");
script_family("SuSE Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/suse", "ssh/login/rpms", re:"ssh/login/release=openSUSEBackportsSLE-15-SP5");
script_xref(name:"Advisory-ID", value:"openSUSE-SU-2024:0130-1");
script_xref(name:"URL", value:"https://lists.opensuse.org/archives/list/[email protected]/thread/RLZMKRAPDN7C43S56JAGULAWF4RXGB2S");
script_tag(name:"summary", value:"The remote host is missing an update for the 'git'
package(s) announced via the openSUSE-SU-2024:0130-1 advisory.");
script_tag(name:"vuldetect", value:"Checks if a vulnerable package version is present on the target host.");
script_tag(name:"insight", value:"This update for git-cliff fixes the following issues:
- update to 2.2.2:
* (changelog) Allow adding custom context
* (changelog) Ignore empty lines when using split_commits
* (parser) Allow matching empty commit body
* Documentation updates
- update to 2.2.1:
* Make rendering errors more verbose
* Support detecting config from project manifest
* Make the bump version rules configurable
* bug fixes and documentation updates
- CVE-2024-32650: rust-rustls: Infinite loop with proper client input
fixes (boo#1223218)
- Update to version 2.1.2:
* feat(npm): add programmatic API for TypeScript
* chore(fixtures): enable verbose logging for output
* refactor(clippy): apply clippy suggestions
* refactor(changelog): do not output to stdout when prepend is used
* feat(args): add `--tag-pattern` argument
* fix(config): fix commit parser regex in the default config
* fix(github): sanitize the GitHub token in debug logs
* chore(config): add animation to the header of the changelog
* refactor(clippy): apply clippy suggestions
* docs(security): update security policy
* chore(project): add readme to core package
* chore(embed): do not allow missing docs
* chore(config): skip dependabot commits for dev updates
* docs(readme): mention RustLab 2023 talk
* chore(config): revamp the configuration files
* chore(docker): update versions in Dockerfile
* chore(example): use full links in GitHub templates
* chore(project): bump MSRV to 1.74.1
* revert(config): use postprocessors for checking the typos
* feat(template): support using PR labels in the GitHub template
* docs(configuration): fix typo
* feat(args): add `--no-exec` flag for skipping command execution
* chore(command): explicitly set the directory of command to current dir
* refactor(ci): use hardcoded workspace members for cargo-msrv command
* refactor(ci): simplify cargo-msrv installation
* refactor(clippy): apply clippy suggestions
* refactor(config): use postprocessors for checking the typos
* chore(project): update copyright years
* chore(github): update templates about GitHub integration
* feat(changelog): set the timestamp of the previous release
* feat(template): support using PR title in the GitHub template
* feat(changelog): improve skipping via `.cliffignore` and
`--skip-commit`
* chore(changelog): disable the defa ...
Description truncated. Please see the references for more information.");
script_tag(name:"affected", value:"'git' package(s) on openSUSE Backports SLE-15-SP5.");
script_tag(name:"solution", value:"Please install the updated package(s).");
script_tag(name:"solution_type", value:"VendorFix");
script_tag(name:"qod_type", value:"package");
exit(0);
}
include("revisions-lib.inc");
include("pkg-lib-rpm.inc");
release = rpm_get_ssh_release();
if(!release)
exit(0);
res = "";
report = "";
if(release == "openSUSEBackportsSLE-15-SP5") {
if(!isnull(res = isrpmvuln(pkg:"git-cliff", rpm:"git-cliff~2.2.2~bp155.2.3.1", rls:"openSUSEBackportsSLE-15-SP5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"git-cliff-bash-completion", rpm:"git-cliff-bash-completion~2.2.2~bp155.2.3.1", rls:"openSUSEBackportsSLE-15-SP5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"git-cliff-fish-completion", rpm:"git-cliff-fish-completion~2.2.2~bp155.2.3.1", rls:"openSUSEBackportsSLE-15-SP5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"git-cliff-zsh-completion", rpm:"git-cliff-zsh-completion~2.2.2~bp155.2.3.1", rls:"openSUSEBackportsSLE-15-SP5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"git-cliff", rpm:"git-cliff~2.2.2~bp155.2.3.1", rls:"openSUSEBackportsSLE-15-SP5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"git-cliff-bash-completion", rpm:"git-cliff-bash-completion~2.2.2~bp155.2.3.1", rls:"openSUSEBackportsSLE-15-SP5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"git-cliff-fish-completion", rpm:"git-cliff-fish-completion~2.2.2~bp155.2.3.1", rls:"openSUSEBackportsSLE-15-SP5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"git-cliff-zsh-completion", rpm:"git-cliff-zsh-completion~2.2.2~bp155.2.3.1", rls:"openSUSEBackportsSLE-15-SP5"))) {
report += res;
}
if(report != "") {
security_message(data:report);
} else if(__pkg_match) {
exit(99);
}
exit(0);
}
exit(0);