Univention Bugzilla – Bug 50624
git: Multiple issues (4.3)
Last modified: 2019-12-11 17:06:32 CET
New Debian git 1:2.11.0-3+deb9u5 fixes: This update addresses the following issues: * Arbitrary path overwriting via export-marks command option (CVE-2019-1348) * recursive submodule cloning allows using git directory twice with synonymous directory name written in .git/ (CVE-2019-1349) * Files inside the .git directory may be overwritten during cloning via NTFS Alternate Data Streams (CVE-2019-1352) * NTFS protections inactive when running Git in the Windows Subsystem for Linux (CVE-2019-1353) * remote code execution in recursive clones (CVE-2019-1387)
--- mirror/ftp/4.3/unmaintained/4.3-3/source/git_2.11.0-3+deb9u4.dsc +++ apt/ucs_4.3-0-errata4.3-5/source/git_2.11.0-3+deb9u5.dsc @@ -1,3 +1,26 @@ +1:2.11.0-3+deb9u5 [Tue, 10 Dec 2019 08:14:58 +0000] Jonathan Nieder <jrnieder@gmail.com>: + + * Apply patches addressing the security issues CVE-2019-1348, + CVE-2019-1349, CVE-2019-1352, CVE-2019-1353, and CVE-2019-1387. + + Credit for finding these vulnerabilities goes to Microsoft + Security Response Center, in particular to Nicolas Joly. Fixes + were provided by Jeff King and Johannes Schindelin with help + from Garima Singh. + + * Reject setting "update = !command" in .gitmodules. This makes + the behavior better match Git 2.24.1 which made the same change + to address the arbitrary code execution issue CVE-2019-19604 + (which does not affect Git versions before 2.20.0). + + Also reject "update = !command" in fsck. This ensures that if + Git is run as a server with "transfer.fsckObjects" enabled, + it cannot be used to attack clients vulnerable to + CVE-2019-19604. + + Credit for finding this vulnerability goes to Joern + Schneeweisz from GitLab. + 1:2.11.0-3+deb9u4 [Thu, 27 Sep 2018 19:35:44 -0700] Jonathan Nieder <jrnieder@gmail.com>: * Fix CVE-2018-17456, arbitrary code execution via submodule URLs <http://10.200.17.11/4.3-5/#748036788752600083>
OK: yaml OK: announce_errata OK: patch OK: piuparts [4.3-5] e75b9625a6 Bug #50624: git 1:2.11.0-3+deb9u5 doc/errata/staging/git.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) [4.3-5] dfb6826dbf Bug #50624: git 1:2.11.0-3+deb9u5 doc/errata/staging/git.yaml | 23 +++++++++++++++++++++++ 1 file changed, 23 insertions(+)
<http://errata.software-univention.de/ucs/4.3/621.html>