{"id":"CLSA-2023-1677096181","summary":"git: Fix of 4 CVEs","details":"- CVE-2022-41903: fix out-of-bounds write caused by integer overflow\n- CVE-2021-40330: forbid newlines in host and path\n- CVE-2022-39260: reject too long command line strings\n- CVE-2023-23946: prevent git-apply from writing behind newly created symbolic links","modified":"2026-05-27T11:35:35.933062340Z","published":"2023-02-22T20:03:01Z","upstream":["CVE-2021-40330","CVE-2022-39260","CVE-2022-41903","CVE-2023-23946"],"references":[{"type":"ADVISORY","url":"https://errata.cloudlinux.com/ol6/CLSA-2023-1677096181.html"}],"affected":[{"package":{"name":"emacs-git","ecosystem":"TuxCare:OracleLinux:6","purl":"pkg:rpm/tuxcare/emacs-git?distro=oraclelinux-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.7.1-10.el6_10.tuxcare.els1"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux6els/CLSA-2023-1677096181.json"}},{"package":{"name":"emacs-git-el","ecosystem":"TuxCare:OracleLinux:6","purl":"pkg:rpm/tuxcare/emacs-git-el?distro=oraclelinux-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.7.1-10.el6_10.tuxcare.els1"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux6els/CLSA-2023-1677096181.json"}},{"package":{"name":"git","ecosystem":"TuxCare:OracleLinux:6","purl":"pkg:rpm/tuxcare/git?distro=oraclelinux-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.7.1-10.el6_10.tuxcare.els1"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux6els/CLSA-2023-1677096181.json"}},{"package":{"name":"git-all","ecosystem":"TuxCare:OracleLinux:6","purl":"pkg:rpm/tuxcare/git-all?distro=oraclelinux-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.7.1-10.el6_10.tuxcare.els1"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux6els/CLSA-2023-1677096181.json"}},{"package":{"name":"git-cvs","ecosystem":"TuxCare:OracleLinux:6","purl":"pkg:rpm/tuxcare/git-cvs?distro=oraclelinux-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.7.1-10.el6_10.tuxcare.els1"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux6els/CLSA-2023-1677096181.json"}},{"package":{"name":"git-daemon","ecosystem":"TuxCare:OracleLinux:6","purl":"pkg:rpm/tuxcare/git-daemon?distro=oraclelinux-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.7.1-10.el6_10.tuxcare.els1"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux6els/CLSA-2023-1677096181.json"}},{"package":{"name":"git-email","ecosystem":"TuxCare:OracleLinux:6","purl":"pkg:rpm/tuxcare/git-email?distro=oraclelinux-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.7.1-10.el6_10.tuxcare.els1"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux6els/CLSA-2023-1677096181.json"}},{"package":{"name":"git-gui","ecosystem":"TuxCare:OracleLinux:6","purl":"pkg:rpm/tuxcare/git-gui?distro=oraclelinux-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.7.1-10.el6_10.tuxcare.els1"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux6els/CLSA-2023-1677096181.json"}},{"package":{"name":"git-svn","ecosystem":"TuxCare:OracleLinux:6","purl":"pkg:rpm/tuxcare/git-svn?distro=oraclelinux-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.7.1-10.el6_10.tuxcare.els1"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux6els/CLSA-2023-1677096181.json"}},{"package":{"name":"gitk","ecosystem":"TuxCare:OracleLinux:6","purl":"pkg:rpm/tuxcare/gitk?distro=oraclelinux-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.7.1-10.el6_10.tuxcare.els1"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux6els/CLSA-2023-1677096181.json"}},{"package":{"name":"gitweb","ecosystem":"TuxCare:OracleLinux:6","purl":"pkg:rpm/tuxcare/gitweb?distro=oraclelinux-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.7.1-10.el6_10.tuxcare.els1"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux6els/CLSA-2023-1677096181.json"}},{"package":{"name":"perl-Git","ecosystem":"TuxCare:OracleLinux:6","purl":"pkg:rpm/tuxcare/perl-Git?distro=oraclelinux-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.7.1-10.el6_10.tuxcare.els1"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux6els/CLSA-2023-1677096181.json"}}],"schema_version":"1.7.5"}