Mwepụta mmezi nke sistemụ njikwa isi iyi ekesa Git 2.38.4, 2.37.6, 2.36.5, 2.35.7, 2.34.7, 2.33.7, 2.32.6, 2.31.7 na 2.30.8 ka ebipụtara, nke edoziri. adịghị ike abụọ, na-emetụta njikarịcha maka cloning mpaghara yana iwu "git apply". Ị nwere ike soro ntọhapụ nke mmelite ngwugwu na nkesa na ibe Debian, Ubuntu, RHEL, SUSE/openSUSE, Fedora, Arch, FreeBSD. Ọ bụrụ na ọ gaghị ekwe omume ịwụnye mmelite ahụ, a na-atụ aro ya ka ọ bụrụ ihe mgbakwasị ụkwụ iji zere ịrụ ọrụ "git clone" na nhọrọ "--recurse-submodules" na ebe nchekwa ndị na-enweghị ntụkwasị obi, na izere iji "git apply" na " git am" na-enye iwu na ebe nchekwa enweghị ntụkwasị obi. koodu.
- Ọdịmma CVE-2023-22490 na-enye ohere onye mwakpo na-achịkwa ọdịnaya nke ebe nchekwa cloned iji nweta data nwere mmetụta na sistemụ onye ọrụ. Mmejọ abụọ na-enye aka na mpụta adịghị ike:
Mmejọ nke mbụ na-enye ohere, mgbe ị na-arụ ọrụ na ebe nchekwa ahaziri ahazi, iji nweta ojiji nke njikarịcha cloning mpaghara ọbụlagodi mgbe ị na-eji ụgbọ njem na-emekọrịta ihe na sistemụ mpụga.
Mmejọ nke abụọ na-enye ohere itinye njikọ ihe atụ kama ịdebe akwụkwọ ndekọ aha $ GIT_DIR/ihe, dị ka adịghị ike CVE-2022-39253, ndozi nke gbochiri ntinye njikọ ihe atụ na akwụkwọ ndekọ aha $ GIT_DIR/ihe, mana o meghị. lelee eziokwu ahụ na ndekọ ndekọ $GIT_DIR/ihe n'onwe ya nwere ike ịbụ njikọ ihe atụ.
N'ụdị cloning mpaghara, git na-ebufe $GIT_DIR/ihe gaa na ndekọ aha ya site n'iwepụ symlinks, nke na-eme ka e depụtaghachi faịlụ ndị etinyere aka na ndekọ ndekọ aha. Ịgbanwe iji njikarịcha cloning mpaghara maka njem ndị na-abụghị mpaghara na-enye ohere irigbu adịghị ike mgbe ị na-arụ ọrụ na ebe nchekwa mpụga (dịka ọmụmaatụ, ugboro ugboro gụnyere submodules nwere iwu "git clone -recurse-submodules" nwere ike iduga cloning nke ebe nchekwa obi ọjọọ ekpokọtara dị ka obere modul. n'akụkụ nke ọzọ).
- Ihe ọghọm CVE-2023-23946 na-enye ohere ka edegharịa ọdịnaya nke faịlụ na-abụghị akwụkwọ ndekọ aha ọrụ site na ịnyefe ntinye ahaziri ahazi na iwu “git apply”. Dịka ọmụmaatụ, enwere ike ịme mwakpo n'oge nhazi patches nke onye na-awakpo kwadebere na "git apply". Iji gbochie patches ịmepụta faịlụ na-abụghị akwụkwọ na-arụ ọrụ, "git apply" na-egbochi nhazi nke patches na-anwa iji symlinks dee faịlụ. Ma ọ na-apụta na nchebe a nwere ike ịgafe site na ịmepụta njikọ ihe atụ na mbụ.
isi: opennet.ru