FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-03-27 18:04:16 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
9548d6ed-b1da-11ed-b0f4-002590f2a714git -- Local clone-based data exfiltration with non-local transports

git team reports:

Using a specially-crafted repository, Git can be tricked into using its local clone optimization even when using a non-local transport. Though Git will abort local clones whose source $GIT_DIR/objects directory contains symbolic links (c.f., CVE-2022-39253), the objects directory itself may still be a symbolic link.

These two may be combined to include arbitrary files based on known paths on the victim's filesystem within the malicious repository's working copy, allowing for data exfiltration in a similar manner as CVE-2022-39253.


Discovery 2023-02-14
Entry 2023-02-21
git
< 2.39.2

CVE-2023-22490
https://github.blog/2023-02-14-git-security-vulnerabilities-announced-3/#cve-2023-22490
2fcca7e4-b1d7-11ed-b0f4-002590f2a714git -- Heap overflow in `git archive`, `git log --format` leading to RCE

The git team reports:

git log has the ability to display commits using an arbitrary format with its --format specifiers. This functionality is also exposed to git archive via the export-subst gitattribute.

When processing the padding operators (e.g., %<(, %<|(, %>(, %>>(, or %><( ), an integer overflow can occur in pretty.c::format_and_pad_commit() where a size_t is improperly stored as an int, and then added as an offset to a subsequent memcpy() call.

This overflow can be triggered directly by a user running a command which invokes the commit formatting machinery (e.g., git log --format=...). It may also be triggered indirectly through git archive via the export-subst mechanism, which expands format specifiers inside of files within the repository during a git archive.

This integer overflow can result in arbitrary heap writes, which may result in remote code execution.


Discovery 2023-01-17
Entry 2023-02-21
git
< 2.39.1

CVE-2022-41903
https://github.blog/2023-01-17-git-security-vulnerabilities-announced-2/#cve-2022-41903
21f12de8-b1db-11ed-b0f4-002590f2a714git -- "git apply" overwriting paths outside the working tree

git team reports:

By feeding a crafted input to "git apply", a path outside the working tree can be overwritten as the user who is running "git apply".


Discovery 2023-02-14
Entry 2023-02-21
git
< 2.39.2

CVE-2023-23946
https://github.blog/2023-02-14-git-security-vulnerabilities-announced-3/#cve-2023-23946
d2c6173f-e43b-11ed-a1d7-002590f2a714git -- Multiple vulnerabilities

git developers reports:

This update includes 2 security fixes:

  • CVE-2023-25652: By feeding specially crafted input to `git apply --reject`, a path outside the working tree can be overwritten with partially controlled contents (corresponding to the rejected hunk(s) from the given patch)
  • CVE-2023-29007: A specially crafted `.gitmodules` file with submodule URLs that are longer than 1024 characters can used to exploit a bug that can be used to inject arbitrary configuration into user's git config. This can result in arbitrary execution of code, by inserting values for core.pager, core.editor and so on

Discovery 2023-04-25
Entry 2023-04-26
git
< 2.40.1

git-lite
< 2.40.1

git-tiny
< 2.40.1

CVE-2023-25652
https://github.com/git/git/security/advisories/GHSA-2hvf-7c8p-28fx
CVE-2023-29007
https://github.com/git/git/security/advisories/GHSA-v48j-4xgg-4844
8fafbef4-b1d9-11ed-b0f4-002590f2a714git -- gitattributes parsing integer overflow

git team reports:

gitattributes are used to define unique attributes corresponding to paths in your repository. These attributes are defined by .gitattributes file(s) within your repository.

The parser used to read these files has multiple integer overflows, which can occur when parsing either a large number of patterns, a large number of attributes, or attributes with overly-long names.

These overflows may be triggered via a malicious .gitattributes file. However, Git automatically splits lines at 2KB when reading .gitattributes from a file, but not when parsing it from the index. Successfully exploiting this vulnerability depends on the location of the .gitattributes file in question.

This integer overflow can result in arbitrary heap reads and writes, which may result in remote code execution.


Discovery 2023-01-17
Entry 2023-02-21
git
< 2.39.1

CVE-2022-23521
https://github.blog/2023-01-17-git-security-vulnerabilities-announced-2/#cve-2022-23521