Lucene search

UbuntuUSN-5871-2

HistoryMar 02, 2023 - 12:00 a.m.

Git regression

2023-03-0200:00:00

ubuntu.com

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

7 High

AI Score

Confidence

High

1.9 Low

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:M/Au:N/C:P/I:N/A:N

0.001 Low

EPSS

Percentile

22.7%

JSON

Releases

Ubuntu 18.04 ESM

Packages

git - fast, scalable, distributed revision control system

Details

USN-5871-1 fixed vulnerabilities in Git. A backport fixing
part of the vulnerability in CVE-2023-22490 was required.
This update fix this for Ubuntu 18.04 LTS.

Original advisory details:

It was discovered that Git incorrectly handled certain repositories.
An attacker could use this issue to make Git uses its local
clone optimization even when using a non-local transport.
(CVE-2023-22490)

OSVersionArchitecturePackageVersionFilename
Ubuntu18.04noarchgit< 1:2.17.1-1ubuntu0.17UNKNOWN
Ubuntu18.04noarchgit-all< 1:2.17.1-1ubuntu0.17UNKNOWN
Ubuntu18.04noarchgit-cvs< 1:2.17.1-1ubuntu0.17UNKNOWN
Ubuntu18.04noarchgit-daemon-run< 1:2.17.1-1ubuntu0.17UNKNOWN
Ubuntu18.04noarchgit-daemon-sysvinit< 1:2.17.1-1ubuntu0.17UNKNOWN
Ubuntu18.04noarchgit-dbgsym< 1:2.17.1-1ubuntu0.17UNKNOWN
Ubuntu18.04noarchgit-doc< 1:2.17.1-1ubuntu0.17UNKNOWN
Ubuntu18.04noarchgit-el< 1:2.17.1-1ubuntu0.17UNKNOWN
Ubuntu18.04noarchgit-email< 1:2.17.1-1ubuntu0.17UNKNOWN
Ubuntu18.04noarchgit-gui< 1:2.17.1-1ubuntu0.17UNKNOWN

OS	Version	Architecture	Package	Version	Filename
Ubuntu	18.04	noarch	git	< 1:2.17.1-1ubuntu0.17	UNKNOWN
Ubuntu	18.04	noarch	git-all	< 1:2.17.1-1ubuntu0.17	UNKNOWN
Ubuntu	18.04	noarch	git-cvs	< 1:2.17.1-1ubuntu0.17	UNKNOWN
Ubuntu	18.04	noarch	git-daemon-run	< 1:2.17.1-1ubuntu0.17	UNKNOWN
Ubuntu	18.04	noarch	git-daemon-sysvinit	< 1:2.17.1-1ubuntu0.17	UNKNOWN
Ubuntu	18.04	noarch	git-dbgsym	< 1:2.17.1-1ubuntu0.17	UNKNOWN
Ubuntu	18.04	noarch	git-doc	< 1:2.17.1-1ubuntu0.17	UNKNOWN
Ubuntu	18.04	noarch	git-el	< 1:2.17.1-1ubuntu0.17	UNKNOWN
Ubuntu	18.04	noarch	git-email	< 1:2.17.1-1ubuntu0.17	UNKNOWN
Ubuntu	18.04	noarch	git-gui	< 1:2.17.1-1ubuntu0.17	UNKNOWN