git security update

🗓️ 06 Feb 2023 19:25:41Reported by Rockylinux Product ErrataType

rocky

rocky🔗 errata.rockylinux.org👁 46 Views

Git security update affects Rocky Linux 8 with two critical vulnerabilities

Reporter	Title	Published	Views	Family All 256
IBM Security Bulletins	Security Bulletin: Multiple Vulnerabilities in CloudPak for Watson AIOPs	30 Mar 202315:19	–	ibm
IBM Security Bulletins	Security Bulletin: IBM QRadar SIEM includes components with known vulnerabilities	6 Jul 202318:48	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Cloud Pak for Security includes components with multiple known vulnerabilities	7 Jun 202316:53	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to arbitrary code execution in Git [CVE-2022-41903]	6 Apr 202319:28	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to arbitrary code execution in Git [CVE-2022-23521]	6 Apr 202319:24	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Cloud Pak for Network Automation 2.4.5 addresses multiple security vulnerabilities	17 Apr 202313:48	–	ibm
FreeBSD	git -- Heap overflow in `git archive`, `git log --format` leading to RCE	17 Jan 202300:00	–	freebsd
FreeBSD	git -- gitattributes parsing integer overflow	17 Jan 202300:00	–	freebsd
Tenable Nessus	Amazon Linux 2023 : git, git-all, git-core (ALAS2023-2023-065)	21 Mar 202300:00	–	nessus
Tenable Nessus	Amazon Linux 2 : git, git-all, git-core (ALAS-2023-1923)	6 Feb 202300:00	–	nessus

OS	OS Version	Architecture	Package	Package Version	Filename
Rocky Linux	8	aarch64	git	0:2.31.1-3.el8_7	git-0:2.31.1-3.el8_7.aarch64.rpm
Rocky Linux	8	x86_64	git	0:2.31.1-3.el8_7	git-0:2.31.1-3.el8_7.x86_64.rpm
Rocky Linux	8	any	git-all	0:2.31.1-3.el8_7	git-all-0:2.31.1-3.el8_7.noarch.rpm
Rocky Linux	8	aarch64	git-core	0:2.31.1-3.el8_7	git-core-0:2.31.1-3.el8_7.aarch64.rpm
Rocky Linux	8	x86_64	git-core	0:2.31.1-3.el8_7	git-core-0:2.31.1-3.el8_7.x86_64.rpm
Rocky Linux	8	aarch64	git-core-debuginfo	0:2.31.1-3.el8_7	git-core-debuginfo-0:2.31.1-3.el8_7.aarch64.rpm
Rocky Linux	8	x86_64	git-core-debuginfo	0:2.31.1-3.el8_7	git-core-debuginfo-0:2.31.1-3.el8_7.x86_64.rpm
Rocky Linux	8	any	git-core-doc	0:2.31.1-3.el8_7	git-core-doc-0:2.31.1-3.el8_7.noarch.rpm
Rocky Linux	8	aarch64	git-credential-libsecret	0:2.31.1-3.el8_7	git-credential-libsecret-0:2.31.1-3.el8_7.aarch64.rpm
Rocky Linux	8	x86_64	git-credential-libsecret	0:2.31.1-3.el8_7	git-credential-libsecret-0:2.31.1-3.el8_7.x86_64.rpm

06 Feb 2023 19:25Current

9.4High risk

Vulners AI Score9.4

CVSS 3.19.8

EPSS0.56334

SSVC

git security update rocky linux 8 vulnerability cvss integer overflow heap overflow rce cve unix