I-Git 2.30.2, 2.17.6, 2.18.5, 2.19.6, 2.20.5, 2.21.4, 2.22.5, 2.23.4, 2.24.4, 2.25.5, 2.26.3, 2.2, 2.2, 2.2, 2.2. isiqeshana sokuba sengozini (CVE-2021-21300) esingavumela ukwenziwa kwekhodi okukude lapho kuhlanganisa indawo yokugcina enonya kusetshenziswa umyalo we-"git clone", kukhululiwe. Konke ukukhishwa kwe-Git kusukela kunguqulo 2.15 kusengozini yalobu bungozi.
Inkinga iyabonakala uma kusetshenziswa imisebenzi yokukhokha ebambezelekile, esetshenziswa kwezinye izihlungi zokuhlanza, njengalezo ezilungiselelwe ku-Git LFS. Ukusetshenziswa kobuthakathaka kungenzeka kuphela ezinhlelweni zamafayela ezingazweli kakhulu ezisekela izixhumanisi ezingokomfanekiso, njenge-NTFS, HFS+, kanye ne-APFS (okungukuthi, kumapulatifomu Windows и macOS).
Njengendlela yokusebenza, ungakhubaza ukuphatha kwe-git kwezixhumanisi ezingokomfanekiso ngokusebenzisa okuthi "git config --global core.symlinks false" noma ukhubaze usekelo lwezinqubo zokuhlunga ngokusebenzisa okuthi "git config --show-scope --get-regexp 'filter\..*\.process'". Kubuye kunconywe ukugwema ukuhlanganisa izinqolobane ezingathembekile.
Source: opennet.ru
