USN-5686-1 fixed several vulnerabilities in Git. This update provides the corresponding fix for CVE-2022-39260 on Ubuntu 16.04 ESM.
Original advisory details:
Kevin Backhouse discovered that Git incorrectly handled certain command strings. An attacker could possibly use this issue to cause a crash or arbitrary code execution.
{ "binaries": [ { "binary_name": "git", "binary_version": "1:2.7.4-0ubuntu1.10+esm3" }, { "binary_name": "git-all", "binary_version": "1:2.7.4-0ubuntu1.10+esm3" }, { "binary_name": "git-arch", "binary_version": "1:2.7.4-0ubuntu1.10+esm3" }, { "binary_name": "git-core", "binary_version": "1:2.7.4-0ubuntu1.10+esm3" }, { "binary_name": "git-cvs", "binary_version": "1:2.7.4-0ubuntu1.10+esm3" }, { "binary_name": "git-daemon-run", "binary_version": "1:2.7.4-0ubuntu1.10+esm3" }, { "binary_name": "git-daemon-sysvinit", "binary_version": "1:2.7.4-0ubuntu1.10+esm3" }, { "binary_name": "git-doc", "binary_version": "1:2.7.4-0ubuntu1.10+esm3" }, { "binary_name": "git-el", "binary_version": "1:2.7.4-0ubuntu1.10+esm3" }, { "binary_name": "git-email", "binary_version": "1:2.7.4-0ubuntu1.10+esm3" }, { "binary_name": "git-gui", "binary_version": "1:2.7.4-0ubuntu1.10+esm3" }, { "binary_name": "git-man", "binary_version": "1:2.7.4-0ubuntu1.10+esm3" }, { "binary_name": "git-mediawiki", "binary_version": "1:2.7.4-0ubuntu1.10+esm3" }, { "binary_name": "git-svn", "binary_version": "1:2.7.4-0ubuntu1.10+esm3" }, { "binary_name": "gitk", "binary_version": "1:2.7.4-0ubuntu1.10+esm3" }, { "binary_name": "gitweb", "binary_version": "1:2.7.4-0ubuntu1.10+esm3" } ], "availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro" }