安全公告详情

NS-SA-2025-0052

2025-03-07 15:38:31

简介

important: git security update

严重级别

important

主题

An update for git is now available for NewStart CGSL MAIN 7.02.
NewStart Security has rated this update as having a security impact of important. A Common Vunlnerability Scoring System(CVSS)base score, which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section.

详细描述

git:


Security Fix(es):
git: A vulnerability was found in Git. This vulnerability allows the malicious manipulation of repositories containing submodules, exploiting a bug that enables the writing of files into the .git/ directory instead of the submodule's intended worktree. This manipulation facilitates the execution of arbitrary code during the cloning process, bypassing user inspection and control.(CVE-2024-32002)
git: bugfix


Solution:
For details on how to apply this update, which includes the changes described in this advisory, refer to:
http://security.gd-linux.com/how_to_apply_patch.html
Remember the build tag is 7.02.01B6.

影响组件

  • git

影响产品

  • CGSL MAIN 7.02

更新包

{"fix":[{"product":"CGSL MAIN 7.02","pkgs":[{"binary":["git-2.41.0-1.zncgsl7.2.x86_64","git-core-2.41.0-1.zncgsl7.2.x86_64","git-core-doc-2.41.0-1.zncgsl7.2.noarch","perl-Git-2.41.0-1.zncgsl7.2.noarch"],"source":"git-2.41.0-1.zncgsl7.2.src.rpm"}]}]}
CGSL MAIN 7.02
  • git-2.41.0-1.zncgsl7.2.src.rpm
    • git-2.41.0-1.zncgsl7.2.x86_64
    • git-core-2.41.0-1.zncgsl7.2.x86_64
    • git-core-doc-2.41.0-1.zncgsl7.2.noarch
    • perl-Git-2.41.0-1.zncgsl7.2.noarch

CVE

参考

© 2004-2023 广东中兴新支点技术有限公司 版权所有 (www.gd-linux.com) 粤ICP备15061780号-2

全国服务热线:400-033-0108