ALAS-2022-1623

A vulnerability was found in Git. This flaw occurs due to Git not checking the ownership of directories in a local multi-user system when running commands specified in the local repository configuration. This issue allows the owner of the repository to cause arbitrary commands to be executed by other users who access the repository. (CVE-2022-29187)

i686:
    git-instaweb-2.37.1-1.76.amzn1.i686
    git-svn-2.37.1-1.76.amzn1.i686
    git-subtree-2.37.1-1.76.amzn1.i686
    git-2.37.1-1.76.amzn1.i686
    git-core-2.37.1-1.76.amzn1.i686
    git-daemon-2.37.1-1.76.amzn1.i686
    git-debuginfo-2.37.1-1.76.amzn1.i686

noarch:
    git-hg-2.37.1-1.76.amzn1.noarch
    git-email-2.37.1-1.76.amzn1.noarch
    git-core-doc-2.37.1-1.76.amzn1.noarch
    perl-Git-SVN-2.37.1-1.76.amzn1.noarch
    git-all-2.37.1-1.76.amzn1.noarch
    git-bzr-2.37.1-1.76.amzn1.noarch
    perl-Git-2.37.1-1.76.amzn1.noarch
    git-cvs-2.37.1-1.76.amzn1.noarch
    emacs-git-2.37.1-1.76.amzn1.noarch
    gitweb-2.37.1-1.76.amzn1.noarch
    git-p4-2.37.1-1.76.amzn1.noarch
    emacs-git-el-2.37.1-1.76.amzn1.noarch

src:
    git-2.37.1-1.76.amzn1.src

x86_64:
    git-debuginfo-2.37.1-1.76.amzn1.x86_64
    git-2.37.1-1.76.amzn1.x86_64
    git-subtree-2.37.1-1.76.amzn1.x86_64
    git-core-2.37.1-1.76.amzn1.x86_64
    git-instaweb-2.37.1-1.76.amzn1.x86_64
    git-daemon-2.37.1-1.76.amzn1.x86_64
    git-svn-2.37.1-1.76.amzn1.x86_64