[Git][security-tracker-team/security-tracker][master] CVE-2025-48386/git does not affect the binaries in Debian
Adrian Bunk (@bunk)
bunk at debian.org
Mon Jul 28 20:48:27 BST 2025
Adrian Bunk pushed to branch master at Debian Security Tracker / security-tracker
Commits:
ab05dcf1 by Adrian Bunk at 2025-07-28T22:44:57+03:00
CVE-2025-48386/git does not affect the binaries in Debian
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -6047,7 +6047,7 @@ CVE-2023-52236 (A vulnerability has been identified in RUGGEDCOM i800 (All versi
CVE-2023-43039 (IBM OpenPages with Watson 9.0 is vulnerable to cross-site scripting. T ...)
NOT-FOR-US: IBM
CVE-2025-48386 (Git is a fast, scalable, distributed revision control system with an u ...)
- - git <unfixed> (bug #1108983)
+ - git <not-affected> (Only affects the wincred helper for Windows)
NOTE: https://github.com/git/git/security/advisories/GHSA-4v56-3xvj-xvfr
NOTE: https://lore.kernel.org/git/xmqq5xg2wrd1.fsf@gitster.g/
NOTE: Fixed by: https://github.com/git/git/commit/9de345cb273cc7faaeda279c7e07149d8a15a319 (v2.43.7)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ab05dcf141ae1dc84e9dcd3a7eb016b53f6c2841
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ab05dcf141ae1dc84e9dcd3a7eb016b53f6c2841
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250728/3fc38801/attachment.htm>
More information about the debian-security-tracker-commits
mailing list