Git: Multiple vulnerabilities

Git: Multiple vulnerabilities Multiple vulnerabilities have been found in Git, the worst of which could result in the arbitrary execution of code. git 2020-03-15 2020-03-20 702296 local, remote 2.21.1 2.23.1-r1 2.24.1 2.24.1

Git is a free and open source distributed version control system designed to handle everything from small to very large projects with speed and efficiency.

Multiple vulnerabilities have been discovered in Git. Please review the CVE identifiers referenced below for details.

An attacker could possibly overwrite arbitrary paths, execute arbitrary code, and overwrite files in the .git directory.

There is no known workaround at this time.

All Git 2.21.x users should upgrade to the latest version:


      # emerge --sync
      # emerge --ask --oneshot --verbose ">=dev-vcs/git-2.21.1"

All Git 2.23.x users should upgrade to the latest version:


      # emerge --sync
      # emerge --ask --oneshot --verbose ">=dev-vcs/git-2.23.1-r1"

All Git 2.24.x users should upgrade to the latest version:


      # emerge --sync
      # emerge --ask --oneshot --verbose ">=dev-vcs/git-2.24.1"

CVE-2019-1348 CVE-2019-1349 CVE-2019-1350 CVE-2019-1351 CVE-2019-1352 CVE-2019-1353 CVE-2019-1354 CVE-2019-1387 CVE-2019-19604 whissi whissi