-------------------------------------------------------------------------
Debian LTS Advisory DLA-3939-1                debian-lts@lists.debian.org
https://www.debian.org/lts/security/                       Daniel Leidert
October 29, 2024                              https://wiki.debian.org/LTS
-------------------------------------------------------------------------

Package        : python-git
Version        : 3.1.14-1+deb11u1
CVE ID         : CVE-2022-24439 CVE-2023-40267 CVE-2023-41040
Debian Bug     : 1027163 1043503

GitPython provides object model access to a Git repository.

CVE-2022-24439, CVE-2023-40267 (follow-up)

    Remote Code Execution (RCE) is possible due to improper user input
    validation, which makes it possible to inject a maliciously crafted
    remote URL into the clone command. Exploiting this vulnerability is
    possible because the library makes external calls to git without
    sufficient sanitization of input arguments.

CVE-2023-41040

    GitPython reads files from the `.git` directory, in some places the
    name of the file being read is provided by the user, GitPython
    doesn't check if this file is located outside the `.git` directory.
    This allows an attacker to make GitPython read any file from the
    system.

For Debian 11 bullseye, these problems have been fixed in version
3.1.14-1+deb11u1.

We recommend that you upgrade your python-git packages.

For the detailed security status of python-git please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/python-git

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS

Debian LTS: DLA-3939-1: python-git Security Advisory Updates

October 29, 2024
GitPython provides object model access to a Git repository

Summary

CVE-2022-24439, CVE-2023-40267 (follow-up)

Remote Code Execution (RCE) is possible due to improper user input
validation, which makes it possible to inject a maliciously crafted
remote URL into the clone command. Exploiting this vulnerability is
possible because the library makes external calls to git without
sufficient sanitization of input arguments.

CVE-2023-41040

GitPython reads files from the `.git` directory, in some places the
name of the file being read is provided by the user, GitPython
doesn't check if this file is located outside the `.git` directory.
This allows an attacker to make GitPython read any file from the
system.

For Debian 11 bullseye, these problems have been fixed in version
3.1.14-1+deb11u1.

We recommend that you upgrade your python-git packages.

For the detailed security status of python-git please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/python-git

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS





Severity
Package : python-git
Version : 3.1.14-1+deb11u1
CVE ID : CVE-2022-24439 CVE-2023-40267 CVE-2023-41040
Debian Bug : 1027163 1043503

Related News

Google Releases Chrome 130 with Critical Security Fixes for 17 Flaws
3 - 5 min read
Google recently unveiled Chrome 130 , an update that addresses several security vulnerabilities to ensure the web browser's safety and reliability.
U.S. Investigation into China-Backed Telecom Companies Hack: The Role & Risks of Encryption Backdoors
3 - 5 min read
U.S. authorities are on high alert as they investigate an alleged Chinese state-sponsored hack targeting major U.S. telecommunications companies.
FASTCash Linux Malware: A New Cybercrime Menace Targeting Payment Switch Systems
3 - 5 min read
As malware threats evolve to increasingly target Linux systems, admins and organizations must stay up-to-date on the latest Linux malware variants
Optimizing CWPP on Linux Servers: Best Practices and Configurations
3 - 6 min read
Cloud Workload Protection Platforms are now essential for securing virtual environments. These provide a robust security layer vital for addressing
The Infiltration of Supply Chain Attacks in Open-Source Software Management
3 - 6 min read
Open-source projects are renowned for their collaborative nature and widespread adoption, yet more sophisticated supply chain attacks target them
Strengthen Your Linux Software Development Pipeline with Code Security Scanners
3 - 6 min read
Developers recognize the critical nature of protecting software systems as cyberattacks grow more sophisticated, thus necessitating robust security
Everything You Need to Know About Cloud Security Posture Management
3 - 5 min read
Many companies are transitioning from physical servers to cloud operations, but this transformation brings new challenges. Cloud Security Posture
Understanding the Critical Oath-Toolkit Vulnerability and Its Implications for Admins
3 - 5 min read
As Linux security threats advance and evolve, vulnerabilities often surface unexpectedly, exposing systems to potential exploitation. SUSE

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved