Ubuntu
git package

[Security][Jammy] Please update Git to v2.34.2 (CVE-2022-24765)

Bug #1969805 reported by Matthieu Baerts
258
This bug affects 1 person
Affects Status Importance Assigned to Milestone
git (Ubuntu)
Fix Released
Critical
Leonidas S. Barbosa
Ubuntu jammy-updates

Bug Description

Hello,

This is not new, Git developers have been recently published a few maintenance releases to address the security issues described in CVE-2022-24765.

https://<email address hidden>/

The fix annoyed me because it broke a few CI jobs but that's not the point here: I noticed earlier this week there was no update for Ubuntu 22.04 Jammy. Is it possible to also add this security update in Jammy?

Just to know, I'm a bit surprised all other supported Ubuntu versions have been updated with a fix but not this one. Is it normal? :)

CVE References

Revision history for this message
Marc Deslauriers (mdeslaur) wrote :

Yes, we plan on releasing a git security update for Jammy once it is released, it was too late to make the final release.

Revision history for this message
Matthieu Baerts (matttbe) wrote :

Hi Marc,

Thank you for the quick reply!

OK, it was then just a technical/admin issue: it was not forgotten :)
All good then!

Feel free to change the Importance. I marked it as Critical as it is a security issue but I see it is categorised as "Medium": https://ubuntu.com/security/CVE-2022-24765

Adolfo Jayme Barrientos (fitojb)
Changed in git (Ubuntu):
status: New → Triaged
Revision history for this message
Matthieu Baerts (matttbe) wrote :

Recently released in Ubuntu Jammy Security: https://launchpad.net/ubuntu/+source/git/1:2.34.1-1ubuntu1.1

Changed in git (Ubuntu):
assignee: nobody → Leonidas S. Barbosa (leosilvab)
status: Triaged → Fix Released
To post a comment you must log in.
This report contains Public Security information  
Everyone can see this security related information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.