{"id":"CLSA-2023-1677231280","summary":"git: Fix of 4 CVEs","details":"- CVE-2022-41903: fix out-of-bounds write caused by integer overflow\n- CVE-2021-40330: forbid newlines in host and path\n- CVE-2022-39260: reject too long command line strings\n- CVE-2023-23946: prevent git-apply from writing behind newly created symbolic links","modified":"2026-05-27T11:33:16.466062896Z","published":"2023-02-24T09:34:40Z","upstream":["CVE-2021-40330","CVE-2022-39260","CVE-2022-41903","CVE-2023-23946"],"references":[{"type":"ADVISORY","url":"https://errata.cloudlinux.com/els6/CLSA-2023-1677231280.html"}],"affected":[{"package":{"name":"emacs-git","ecosystem":"TuxCare:CentOS:6","purl":"pkg:rpm/tuxcare/emacs-git?distro=centos-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.7.1-10.el6_10.tuxcare.els1"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos6els/CLSA-2023-1677231280.json"}},{"package":{"name":"emacs-git-el","ecosystem":"TuxCare:CentOS:6","purl":"pkg:rpm/tuxcare/emacs-git-el?distro=centos-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.7.1-10.el6_10.tuxcare.els1"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos6els/CLSA-2023-1677231280.json"}},{"package":{"name":"git","ecosystem":"TuxCare:CentOS:6","purl":"pkg:rpm/tuxcare/git?distro=centos-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.7.1-10.el6_10.tuxcare.els1"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos6els/CLSA-2023-1677231280.json"}},{"package":{"name":"git-all","ecosystem":"TuxCare:CentOS:6","purl":"pkg:rpm/tuxcare/git-all?distro=centos-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.7.1-10.el6_10.tuxcare.els1"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos6els/CLSA-2023-1677231280.json"}},{"package":{"name":"git-cvs","ecosystem":"TuxCare:CentOS:6","purl":"pkg:rpm/tuxcare/git-cvs?distro=centos-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.7.1-10.el6_10.tuxcare.els1"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos6els/CLSA-2023-1677231280.json"}},{"package":{"name":"git-daemon","ecosystem":"TuxCare:CentOS:6","purl":"pkg:rpm/tuxcare/git-daemon?distro=centos-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.7.1-10.el6_10.tuxcare.els1"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos6els/CLSA-2023-1677231280.json"}},{"package":{"name":"git-email","ecosystem":"TuxCare:CentOS:6","purl":"pkg:rpm/tuxcare/git-email?distro=centos-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.7.1-10.el6_10.tuxcare.els1"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos6els/CLSA-2023-1677231280.json"}},{"package":{"name":"git-gui","ecosystem":"TuxCare:CentOS:6","purl":"pkg:rpm/tuxcare/git-gui?distro=centos-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.7.1-10.el6_10.tuxcare.els1"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos6els/CLSA-2023-1677231280.json"}},{"package":{"name":"git-svn","ecosystem":"TuxCare:CentOS:6","purl":"pkg:rpm/tuxcare/git-svn?distro=centos-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.7.1-10.el6_10.tuxcare.els1"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos6els/CLSA-2023-1677231280.json"}},{"package":{"name":"gitk","ecosystem":"TuxCare:CentOS:6","purl":"pkg:rpm/tuxcare/gitk?distro=centos-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.7.1-10.el6_10.tuxcare.els1"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos6els/CLSA-2023-1677231280.json"}},{"package":{"name":"gitweb","ecosystem":"TuxCare:CentOS:6","purl":"pkg:rpm/tuxcare/gitweb?distro=centos-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.7.1-10.el6_10.tuxcare.els1"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos6els/CLSA-2023-1677231280.json"}},{"package":{"name":"perl-Git","ecosystem":"TuxCare:CentOS:6","purl":"pkg:rpm/tuxcare/perl-Git?distro=centos-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.7.1-10.el6_10.tuxcare.els1"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos6els/CLSA-2023-1677231280.json"}}],"schema_version":"1.7.5"}