------------------------------------------------------------------------- Debian LTS Advisory DLA-3939-1 debian-lts@lists.debian.org https://www.debian.org/lts/security/ Daniel Leidert October 29, 2024 https://wiki.debian.org/LTS ------------------------------------------------------------------------- Package : python-git Version : 3.1.14-1+deb11u1 CVE ID : CVE-2022-24439 CVE-2023-40267 CVE-2023-41040 Debian Bug : 1027163 1043503 GitPython provides object model access to a Git repository. CVE-2022-24439, CVE-2023-40267 (follow-up) Remote Code Execution (RCE) is possible due to improper user input validation, which makes it possible to inject a maliciously crafted remote URL into the clone command. Exploiting this vulnerability is possible because the library makes external calls to git without sufficient sanitization of input arguments. CVE-2023-41040 GitPython reads files from the `.git` directory, in some places the name of the file being read is provided by the user, GitPython doesn't check if this file is located outside the `.git` directory. This allows an attacker to make GitPython read any file from the system. For Debian 11 bullseye, these problems have been fixed in version 3.1.14-1+deb11u1. We recommend that you upgrade your python-git packages. For the detailed security status of python-git please refer to its security tracker page at: https://security-tracker.debian.org/tracker/python-git Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS
Attachment:
signature.asc
Description: This is a digitally signed message part