Amazon Linux 2023 Security Advisory: ALAS-2023-180
Advisory Release Date: 2023-05-11 17:49 Pacific
Advisory Updated Date: 2023-05-24 18:56 Pacific
Git is a revision control system. Prior to versions 2.30.9, 2.31.8, 2.32.7, 2.33.8, 2.34.8, 2.35.8, 2.36.6, 2.37.7, 2.38.5, 2.39.3, and 2.40.1, by feeding specially crafted input to `git apply --reject`, a path outside the working tree can be overwritten with partially controlled contents (corresponding to the rejected hunk(s) from the given patch). A fix is available in versions 2.30.9, 2.31.8, 2.32.7, 2.33.8, 2.34.8, 2.35.8, 2.36.6, 2.37.7, 2.38.5, 2.39.3, and 2.40.1. As a workaround, avoid using `git apply` with `--reject` when applying patches from an untrusted source. Use `git apply --stat` to inspect a patch before applying; avoid applying one that create a conflict where a link corresponding to the `*.rej` file exists. (CVE-2023-25652)
Git is a revision control system. Prior to versions 2.30.9, 2.31.8, 2.32.7, 2.33.8, 2.34.8, 2.35.8, 2.36.6, 2.37.7, 2.38.5, 2.39.3, and 2.40.1, a specially crafted `.gitmodules` file with submodule URLs that are longer than 1024 characters can used to exploit a bug in `config.c::git_config_copy_or_rename_section_in_file()`. This bug can be used to inject arbitrary configuration into a user's `$GIT_DIR/config` when attempting to remove the configuration section associated with that submodule. When the attacker injects configuration values which specify executables to run (such as `core.pager`, `core.editor`, `core.sshCommand`, etc.) this can lead to a remote code execution. A fix A fix is available in versions 2.30.9, 2.31.8, 2.32.7, 2.33.8, 2.34.8, 2.35.8, 2.36.6, 2.37.7, 2.38.5, 2.39.3, and 2.40.1. As a workaround, avoid running `git submodule deinit` on untrusted repositories or without prior inspection of any submodule sections in `$GIT_DIR/config`. (CVE-2023-29007)
Affected Packages:
git
Issue Correction:
Run dnf update git --releasever 2023.0.20230517 to update your system.
aarch64:
git-daemon-debuginfo-2.40.1-1.amzn2023.0.1.aarch64
git-core-debuginfo-2.40.1-1.amzn2023.0.1.aarch64
git-core-2.40.1-1.amzn2023.0.1.aarch64
git-2.40.1-1.amzn2023.0.1.aarch64
git-debuginfo-2.40.1-1.amzn2023.0.1.aarch64
git-credential-libsecret-2.40.1-1.amzn2023.0.1.aarch64
git-daemon-2.40.1-1.amzn2023.0.1.aarch64
git-credential-libsecret-debuginfo-2.40.1-1.amzn2023.0.1.aarch64
git-debugsource-2.40.1-1.amzn2023.0.1.aarch64
noarch:
git-subtree-2.40.1-1.amzn2023.0.1.noarch
gitk-2.40.1-1.amzn2023.0.1.noarch
git-all-2.40.1-1.amzn2023.0.1.noarch
git-cvs-2.40.1-1.amzn2023.0.1.noarch
git-instaweb-2.40.1-1.amzn2023.0.1.noarch
git-gui-2.40.1-1.amzn2023.0.1.noarch
gitweb-2.40.1-1.amzn2023.0.1.noarch
git-p4-2.40.1-1.amzn2023.0.1.noarch
git-svn-2.40.1-1.amzn2023.0.1.noarch
perl-Git-2.40.1-1.amzn2023.0.1.noarch
perl-Git-SVN-2.40.1-1.amzn2023.0.1.noarch
git-core-doc-2.40.1-1.amzn2023.0.1.noarch
git-email-2.40.1-1.amzn2023.0.1.noarch
src:
git-2.40.1-1.amzn2023.0.1.src
x86_64:
git-core-debuginfo-2.40.1-1.amzn2023.0.1.x86_64
git-daemon-2.40.1-1.amzn2023.0.1.x86_64
git-debuginfo-2.40.1-1.amzn2023.0.1.x86_64
git-credential-libsecret-debuginfo-2.40.1-1.amzn2023.0.1.x86_64
git-core-2.40.1-1.amzn2023.0.1.x86_64
git-daemon-debuginfo-2.40.1-1.amzn2023.0.1.x86_64
git-credential-libsecret-2.40.1-1.amzn2023.0.1.x86_64
git-2.40.1-1.amzn2023.0.1.x86_64
git-debugsource-2.40.1-1.amzn2023.0.1.x86_64