Source: git Version: 1:2.30.2-1 Severity: grave Tags: security upstream Justification: user security hole X-Debbugs-Cc: car...@debian.org, Debian Security Team <t...@security.debian.org> Control: found -1 1:2.39.0-1
Hi, The following vulnerabilities were published for git. CVE-2022-23521[0]: | gitattributes parsing integer overflow CVE-2022-41903[1]: | heap overflow in `git archive` and `git log --format` If you fix the vulnerabilities please also make sure to include the CVE (Common Vulnerabilities & Exposures) ids in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2022-23521 https://www.cve.org/CVERecord?id=CVE-2022-23521 [1] https://security-tracker.debian.org/tracker/CVE-2022-41903 https://www.cve.org/CVERecord?id=CVE-2022-41903 Please adjust the affected versions in the BTS as needed. Regards, Salvatore
