Siidaynta saxda ah ee nidaamka xakamaynta isha qaybsan Git 2.30.2, 2.17.6, 2.18.5, 2.19.6, 2.20.5, 2.21.4, 2.22.5, 2.23.4, 2.24.4, 2.25.5, 2.26.3 ayaa la daabacay .2.27.1, 2.28.1, 2.29.3 iyo 2021, kuwaas oo go'aamiyay dayacanka (CVE-21300-2.15) kaas oo u oggolaanaya fulinta code fog marka la xirayo kaydka weerarka iyadoo la adeegsanayo amarka "git clone". Dhammaan sii deynta Git ilaa nooca XNUMX waa la saameeyay.
Dhibaatadu waxay dhacdaa marka la isticmaalayo hawlgallada hubinta ee dib loo dhigay, kuwaas oo loo isticmaalo qaar ka mid ah filtarrada nadiifinta, sida kuwa lagu habeeyey Git LFS. Nuglaanta waxa kaliya oo looga faa'iidaysan karaa nidaamyada faylalka aan dareenka lahayn ee taageera isku xidhka calaamada ah, sida NTFS, HFS+ iyo APFS (tusaale ahaan Windows iyo macOS aaladaha).
Ilaalinta amniga ahaan, waxaad baabi'in kartaa habaynta symlink gudaha git adiga oo ordaya βgit config βglobal core.symlinks falseβ, ama joojiso taageerada shaandhaynta nidaamka adoo isticmaalaya amarka βgit config βshow-scope βget-regexp 'filter\.. * \.process'". Waxa kale oo lagu talinayaa in laga fogaado xayndaabka kaydka aan la xaqiijin.
Source: opennet.ru