git-1.8.3.1-25.0.4.el7.AXS7
エラータID: AXSA:2025-10662:11
リリース日:
2025/07/31 Thursday - 18:11
題名:
git-1.8.3.1-25.0.4.el7.AXS7
影響のあるチャネル:
Asianux Server 7 for x86_64
Severity:
High
Description:
以下項目について対処しました。
[Security Fix]
- git には、リモートの攻撃者により、任意のコードの実行を可能
とする脆弱性が存在します。(CVE-2025-48384)
解決策:
パッケージをアップデートしてください。
CVE:
CVE-2025-48384
Git is a fast, scalable, distributed revision control system with an unusually rich command set that provides both high-level operations and full access to internals. When reading a config value, Git strips any trailing carriage return and line feed (CRLF). When writing a config entry, values with a trailing CR are not quoted, causing the CR to be lost when the config is later read. When initializing a submodule, if the submodule path contains a trailing CR, the altered path is read resulting in the submodule being checked out to an incorrect location. If a symlink exists that points the altered path to the submodule hooks directory, and the submodule contains an executable post-checkout hook, the script may be unintentionally executed after checkout. This vulnerability is fixed in v2.43.7, v2.44.4, v2.45.4, v2.46.4, v2.47.3, v2.48.2, v2.49.1, and v2.50.1.
Git is a fast, scalable, distributed revision control system with an unusually rich command set that provides both high-level operations and full access to internals. When reading a config value, Git strips any trailing carriage return and line feed (CRLF). When writing a config entry, values with a trailing CR are not quoted, causing the CR to be lost when the config is later read. When initializing a submodule, if the submodule path contains a trailing CR, the altered path is read resulting in the submodule being checked out to an incorrect location. If a symlink exists that points the altered path to the submodule hooks directory, and the submodule contains an executable post-checkout hook, the script may be unintentionally executed after checkout. This vulnerability is fixed in v2.43.7, v2.44.4, v2.45.4, v2.46.4, v2.47.3, v2.48.2, v2.49.1, and v2.50.1.
追加情報:
N/A
ダウンロード:
Asianux Server 7 for x86_64
- git-1.8.3.1-25.0.4.el7.AXS7.x86_64.rpm
MD5: c1393b7ba297426f0310f0b209f1ccd3
SHA-256: 813d69b53cb5a128dc9df6ed3130e0dee2b70652e564cf41e74e4a239e899fb9
Size: 4.41 MB - perl-Git-1.8.3.1-25.0.4.el7.AXS7.noarch.rpm
MD5: c425f854cca9a3d7f6ae100e08f85080
SHA-256: 4c77b80c149989f0cd53116833249ae60bd085f3f0e3680662243f16930f7da2
Size: 55.96 kB
English