CLSA-2023-1681137249

See a problem?

Import Source

https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2023-1681137249.json

JSON Data

https://api.osv.dev/v1/vulns/CLSA-2023-1681137249

Upstream

CVE-2022-39253

Published

2023-04-10T15:10:14Z

Modified

2026-06-04T09:46:07.122558854Z

Summary

Fix CVE(s): CVE-2022-39253

Details

SECURITY UPDATE: When cloning a repository with --local, Git relies on either making a hardlink or copy to every file in the "objects" directory of the source repository. As a result, malformed repository containing symbolic links pointing at the sensitive information on the victim's machine could be copied
- debian/patches/CVE-2022-39253.patch: prevent copying symbolic links
- debian/patches/tests-for-CVE-2022-39253.patch: tests
- CVE-2022-39253

References

https://errata.cloudlinux.com/ubuntu16_04-els/CLSA-2023-1681137249

Affected packages

TuxCare:Ubuntu:16.04

git

Package

Name: git
Purl: pkg:deb/tuxcare/git?distro=ubuntu-16.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:2.7.4-0ubuntu1.10+tuxcare.els2

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2023-1681137249.json"

git-all

Package

Name: git-all
Purl: pkg:deb/tuxcare/git-all?distro=ubuntu-16.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:2.7.4-0ubuntu1.10+tuxcare.els2

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2023-1681137249.json"

git-arch

Package

Name: git-arch
Purl: pkg:deb/tuxcare/git-arch?distro=ubuntu-16.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:2.7.4-0ubuntu1.10+tuxcare.els2

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2023-1681137249.json"

git-core

Package

Name: git-core
Purl: pkg:deb/tuxcare/git-core?distro=ubuntu-16.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:2.7.4-0ubuntu1.10+tuxcare.els2

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2023-1681137249.json"

git-cvs

Package

Name: git-cvs
Purl: pkg:deb/tuxcare/git-cvs?distro=ubuntu-16.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:2.7.4-0ubuntu1.10+tuxcare.els2

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2023-1681137249.json"

git-daemon-run

Package

Name: git-daemon-run
Purl: pkg:deb/tuxcare/git-daemon-run?distro=ubuntu-16.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:2.7.4-0ubuntu1.10+tuxcare.els2

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2023-1681137249.json"

git-daemon-sysvinit

Package

Name: git-daemon-sysvinit
Purl: pkg:deb/tuxcare/git-daemon-sysvinit?distro=ubuntu-16.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:2.7.4-0ubuntu1.10+tuxcare.els2

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2023-1681137249.json"

git-doc

Package

Name: git-doc
Purl: pkg:deb/tuxcare/git-doc?distro=ubuntu-16.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:2.7.4-0ubuntu1.10+tuxcare.els2

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2023-1681137249.json"

git-el

Package

Name: git-el
Purl: pkg:deb/tuxcare/git-el?distro=ubuntu-16.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:2.7.4-0ubuntu1.10+tuxcare.els2

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2023-1681137249.json"

git-email

Package

Name: git-email
Purl: pkg:deb/tuxcare/git-email?distro=ubuntu-16.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:2.7.4-0ubuntu1.10+tuxcare.els2

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2023-1681137249.json"

git-gui

Package

Name: git-gui
Purl: pkg:deb/tuxcare/git-gui?distro=ubuntu-16.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:2.7.4-0ubuntu1.10+tuxcare.els2

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2023-1681137249.json"

git-man

Package

Name: git-man
Purl: pkg:deb/tuxcare/git-man?distro=ubuntu-16.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:2.7.4-0ubuntu1.10+tuxcare.els2

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2023-1681137249.json"

git-mediawiki

Package

Name: git-mediawiki
Purl: pkg:deb/tuxcare/git-mediawiki?distro=ubuntu-16.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:2.7.4-0ubuntu1.10+tuxcare.els2

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2023-1681137249.json"

git-svn

Package

Name: git-svn
Purl: pkg:deb/tuxcare/git-svn?distro=ubuntu-16.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:2.7.4-0ubuntu1.10+tuxcare.els2

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2023-1681137249.json"

gitk

Package

Name: gitk
Purl: pkg:deb/tuxcare/gitk?distro=ubuntu-16.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:2.7.4-0ubuntu1.10+tuxcare.els2

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2023-1681137249.json"

gitweb

Package

Name: gitweb
Purl: pkg:deb/tuxcare/gitweb?distro=ubuntu-16.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:2.7.4-0ubuntu1.10+tuxcare.els2

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2023-1681137249.json"