Skip to navigation Skip to main content

Utilities

  • Subscriptions
  • Downloads
  • Red Hat Console
  • Get Support
Red Hat Customer Portal
  • Subscriptions
  • Downloads
  • Red Hat Console
  • Get Support
  • Products

    Top Products

    • Red Hat Enterprise Linux
    • Red Hat OpenShift
    • Red Hat Ansible Automation Platform
    All Products

    Downloads and Containers

    • Downloads
    • Packages
    • Containers

    Top Resources

    • Documentation
    • Product Life Cycles
    • Product Compliance
    • Errata
  • Knowledge

    Red Hat Knowledge Center

    • Knowledgebase Solutions
    • Knowledgebase Articles
    • Customer Portal Labs
    • Errata

    Top Product Docs

    • Red Hat Enterprise Linux
    • Red Hat OpenShift
    • Red Hat Ansible Automation Platform
    All Product Docs

    Training and Certification

    • About
    • Course Index
    • Certification Index
    • Skill Assessment
  • Security

    Red Hat Product Security Center

    • Security Updates
    • Security Advisories
    • Red Hat CVE Database
    • Errata

    References

    • Security Bulletins
    • Security Measurement
    • Severity Ratings
    • Security Data

    Top Resources

    • Security Labs
    • Backporting Policies
    • Security Blog
  • Support

    Red Hat Support

    • Support Cases
    • Troubleshoot
    • Get Support
    • Contact Red Hat Support

    Red Hat Community Support

    • Customer Portal Community
    • Community Discussions
    • Red Hat Accelerator Program

    Top Resources

    • Product Life Cycles
    • Customer Portal Labs
    • Red Hat JBoss Supported Configurations
    • Red Hat Insights
Or troubleshoot an issue.

Select Your Language

  • English
  • Français
  • 한국어
  • 日本語
  • 中文 (中国)

Infrastructure and Management

  • Red Hat Enterprise Linux
  • Red Hat Satellite
  • Red Hat Subscription Management
  • Red Hat Insights
  • Red Hat Ansible Automation Platform

Cloud Computing

  • Red Hat OpenShift
  • Red Hat OpenStack Platform
  • Red Hat OpenShift
  • Red Hat OpenShift AI
  • Red Hat OpenShift Dedicated
  • Red Hat Advanced Cluster Security for Kubernetes
  • Red Hat Advanced Cluster Management for Kubernetes
  • Red Hat Quay
  • Red Hat OpenShift Dev Spaces
  • Red Hat OpenShift Service on AWS

Storage

  • Red Hat Gluster Storage
  • Red Hat Hyperconverged Infrastructure
  • Red Hat Ceph Storage
  • Red Hat OpenShift Data Foundation

Runtimes

  • Red Hat Runtimes
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat Data Grid
  • Red Hat JBoss Web Server
  • Red Hat build of Keycloak
  • Red Hat support for Spring Boot
  • Red Hat build of Node.js
  • Red Hat build of Quarkus

Integration and Automation

  • Red Hat Application Foundations
  • Red Hat Fuse
  • Red Hat AMQ
  • Red Hat 3scale API Management
All Products
Red Hat Product Errata RHSA-2023:3192 - Security Advisory
Issued:
2023-05-17
Updated:
2023-05-17

RHSA-2023:3192 - Security Advisory

  • Overview
  • Updated Packages

Synopsis

Important: git security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for git is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

Git is a distributed revision control system with a decentralized architecture. As opposed to centralized version control systems with a client-server model, Git ensures that each working copy of a Git repository is an exact copy with complete revision history. This not only allows the user to work on and contribute to projects without the need to have permission to push the changes to their official repositories, but also makes it possible for the user to work with no network connection.

Security Fix(es):

  • git: by feeding specially crafted input to `git apply --reject`, a path outside the working tree can be overwritten with partially controlled contents (CVE-2023-25652)
  • git: arbitrary configuration injection when renaming or deleting a section from a configuration file (CVE-2023-29007)
  • git: malicious placement of crafted messages when git was compiled with runtime prefix (CVE-2023-25815)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

  • Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.1 ppc64le
  • Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.1 x86_64

Fixes

  • BZ - 2188333 - CVE-2023-25652 git: by feeding specially crafted input to `git apply --reject`, a path outside the working tree can be overwritten with partially controlled contents
  • BZ - 2188337 - CVE-2023-25815 git: malicious placement of crafted messages when git was compiled with runtime prefix
  • BZ - 2188338 - CVE-2023-29007 git: arbitrary configuration injection when renaming or deleting a section from a configuration file

CVEs

  • CVE-2023-25652
  • CVE-2023-25815
  • CVE-2023-29007

References

  • https://access.redhat.com/security/updates/classification/#important
Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.1

SRPM
git-2.18.4-3.el8_1.src.rpm SHA-256: 22f976669be7f68a6c1bd7be486e7f9367ecb2615b6d571dfb9693d5c4de590f
ppc64le
git-2.18.4-3.el8_1.ppc64le.rpm SHA-256: f4dde2d0b1c84b989bcff49d2c9749e1e8ad88bc9c0f71badcfb16754786897d
git-all-2.18.4-3.el8_1.noarch.rpm SHA-256: 2788ee8cdc5976e7aeb963c43c932664cf7c510b4c35f2b1ee64b7d800b29190
git-core-2.18.4-3.el8_1.ppc64le.rpm SHA-256: aa8dd3a09c55797e5b0bfcf334e86be8b0ae1d561e30c65bc20f9e3f9a2dd5eb
git-core-debuginfo-2.18.4-3.el8_1.ppc64le.rpm SHA-256: 799c852071ceef079833dbd04ec41ebb0fc70cfc994638f79cb6e87b427eee78
git-core-doc-2.18.4-3.el8_1.noarch.rpm SHA-256: 13692503fac2a720b9622fe89ffe9978977b6bfacd51fffc39c96e429942e210
git-daemon-2.18.4-3.el8_1.ppc64le.rpm SHA-256: f97fa617c1021cbbb525343c060eb5aae59ec3a51a768daf85278a584e092295
git-daemon-debuginfo-2.18.4-3.el8_1.ppc64le.rpm SHA-256: ef9cf18a0f7897f6be993475a763fbdee1097d31398a78f26cf96fb978cdd4b6
git-debuginfo-2.18.4-3.el8_1.ppc64le.rpm SHA-256: ff6d25563ef31a505271d9e4bc1b6618c7a773edc2b7d2d30133f0dd6aceaee5
git-debugsource-2.18.4-3.el8_1.ppc64le.rpm SHA-256: deb73aaf9aad3060f5603630b6b2614c33777c7531748262ea9ca9b515c1a326
git-email-2.18.4-3.el8_1.noarch.rpm SHA-256: 98ce45e5d91163f4d5adc961d7d303a50fccf05a0251b8f607d1210848fe2735
git-gui-2.18.4-3.el8_1.noarch.rpm SHA-256: da44559ff81533cd675d481ad8da52fc7c74a8c2c1fb7e8c4c298373d96a8d52
git-instaweb-2.18.4-3.el8_1.ppc64le.rpm SHA-256: ca6bfd06ddd87a22aa628d4895aef40c95e0e284b734982b550e2e659f50da57
git-subtree-2.18.4-3.el8_1.ppc64le.rpm SHA-256: 558899726a6ccb5dbf95e8f70bd9ded9192bb7a4d0b331e3ac98947ca1fd3e3d
git-svn-2.18.4-3.el8_1.ppc64le.rpm SHA-256: 6175d5e0588593220ec936ab90a7bf1e0fae1eb2986ced1758c3e6d70e287eeb
git-svn-debuginfo-2.18.4-3.el8_1.ppc64le.rpm SHA-256: c7fd3601c2cba0aa4175d021e2bdbc43186a31ab2171e7ef8a6e1bfa81fe9106
gitk-2.18.4-3.el8_1.noarch.rpm SHA-256: 8a0f122661f6b292784619b420a037b89545bc3d51c0a5608921ea86f9109dcc
gitweb-2.18.4-3.el8_1.noarch.rpm SHA-256: b99fbecce82099126c39006228b5ad715c4cfa9e5868cd68ed4dbda76d418ac6
perl-Git-2.18.4-3.el8_1.noarch.rpm SHA-256: d3723cac79298cb401ce3e6c23a3b57dae25797161efc2ede0a5fed6b5e76276
perl-Git-SVN-2.18.4-3.el8_1.noarch.rpm SHA-256: c748f7b40106abb3f8db126c948fb5527a99b80c2e5a2d35dd10cd65789bd7d0

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.1

SRPM
git-2.18.4-3.el8_1.src.rpm SHA-256: 22f976669be7f68a6c1bd7be486e7f9367ecb2615b6d571dfb9693d5c4de590f
x86_64
git-2.18.4-3.el8_1.x86_64.rpm SHA-256: ad74671dead401dd1e49ac6a4743a2dd9877c750b73342b44037ddacd4265107
git-all-2.18.4-3.el8_1.noarch.rpm SHA-256: 2788ee8cdc5976e7aeb963c43c932664cf7c510b4c35f2b1ee64b7d800b29190
git-core-2.18.4-3.el8_1.x86_64.rpm SHA-256: e238d8609c42fb0dd58f965ec36f1b0877686b9f687b6e4c6d3bd2e95f2eeb77
git-core-debuginfo-2.18.4-3.el8_1.x86_64.rpm SHA-256: 2a4132b7a538db8324f2348fdc232e4ea81690b583b2b82e74358f3919a567f6
git-core-doc-2.18.4-3.el8_1.noarch.rpm SHA-256: 13692503fac2a720b9622fe89ffe9978977b6bfacd51fffc39c96e429942e210
git-daemon-2.18.4-3.el8_1.x86_64.rpm SHA-256: 60f722c0f2437e0af3fcb39ec544c9c4c9492d9bde2ecaed5e76bd4147ce5583
git-daemon-debuginfo-2.18.4-3.el8_1.x86_64.rpm SHA-256: 85b96cda6973af4f06bead9e14da32eb16b2dda7748110da47deb43f745b90dc
git-debuginfo-2.18.4-3.el8_1.x86_64.rpm SHA-256: 02002f65c5f7d064ea8d9c293e7b99e3bdd952e6e725fc692fc74a06ef30b980
git-debugsource-2.18.4-3.el8_1.x86_64.rpm SHA-256: 277d5178673d49675b435faad7748fe8540d74c01bb7889155ac5003891aaaaf
git-email-2.18.4-3.el8_1.noarch.rpm SHA-256: 98ce45e5d91163f4d5adc961d7d303a50fccf05a0251b8f607d1210848fe2735
git-gui-2.18.4-3.el8_1.noarch.rpm SHA-256: da44559ff81533cd675d481ad8da52fc7c74a8c2c1fb7e8c4c298373d96a8d52
git-instaweb-2.18.4-3.el8_1.x86_64.rpm SHA-256: 2e6bbe2f1ba2e119f38c777f52dc086a09aa3969f5a785b602e3b3419ed708a0
git-subtree-2.18.4-3.el8_1.x86_64.rpm SHA-256: 61c2ba4bd6bea7a5f10c34741b326fb8e9b11f5d57902e1b54eb440acff91a01
git-svn-2.18.4-3.el8_1.x86_64.rpm SHA-256: 7b40fafae6029a37adb9b0d80e4e500b875a1bade73f2354010ac273b5730301
git-svn-debuginfo-2.18.4-3.el8_1.x86_64.rpm SHA-256: 1eb93aeddc92d9ba61ff1432362d3c32f9469d055bc80cea2817f6026cd053de
gitk-2.18.4-3.el8_1.noarch.rpm SHA-256: 8a0f122661f6b292784619b420a037b89545bc3d51c0a5608921ea86f9109dcc
gitweb-2.18.4-3.el8_1.noarch.rpm SHA-256: b99fbecce82099126c39006228b5ad715c4cfa9e5868cd68ed4dbda76d418ac6
perl-Git-2.18.4-3.el8_1.noarch.rpm SHA-256: d3723cac79298cb401ce3e6c23a3b57dae25797161efc2ede0a5fed6b5e76276
perl-Git-SVN-2.18.4-3.el8_1.noarch.rpm SHA-256: c748f7b40106abb3f8db126c948fb5527a99b80c2e5a2d35dd10cd65789bd7d0

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Red Hat LinkedIn YouTube Facebook X, formerly Twitter

Quick Links

  • Downloads
  • Subscriptions
  • Support Cases
  • Customer Service
  • Product Documentation

Help

  • Contact Us
  • Customer Portal FAQ
  • Log-in Assistance

Site Info

  • Trust Red Hat
  • Browser Support Policy
  • Accessibility
  • Awards and Recognition
  • Colophon

Related Sites

  • redhat.com
  • developers.redhat.com
  • connect.redhat.com
  • cloud.redhat.com

Red Hat legal and privacy links

  • About Red Hat
  • Jobs
  • Events
  • Locations
  • Contact Red Hat
  • Red Hat Blog
  • Inclusion at Red Hat
  • Cool Stuff Store
  • Red Hat Summit
© 2025 Red Hat, Inc.

Red Hat legal and privacy links

  • Privacy statement
  • Terms of use
  • All policies and guidelines
  • Digital accessibility