-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 - ----------------------------------------------------------------------- Debian LTS Advisory DLA-4406-1 [email protected] https://www.debian.org/lts/security/ Utkarsh Gupta December 15, 2025 https://wiki.debian.org/LTS - -----------------------------------------------------------------------
Package : ruby-git Version : 1.7.0-1+deb11u1 CVE ID : CVE-2022-25648 CVE-2022-46648 CVE-2022-47318 Debian Bug : 1009926 A couple of vulnerabilities were reported against ruby-git, a Ruby interface to the Git revision control system, that could lead to a command injection and execution of an arbitrary ruby code by having a user to load a repository containing a specially crafted filename to the product. For Debian 11 bullseye, these problems have been fixed in version 1.7.0-1+deb11u1. We recommend that you upgrade your ruby-git packages. For the detailed security status of ruby-git please refer to its security tracker page at: https://security-tracker.debian.org/tracker/ruby-git Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEbJ0QSEqa5Mw4X3xxgj6WdgbDS5YFAmk/DLYACgkQgj6WdgbD S5bchxAAg8g1kB54wLaRgoOdxPuq+bOZxv54WDys0oLjdRQn1Iax404FF5lI0zGF qGHZxO/6C4TrlMtlQJn3afjR9i8ocZHv4jjS3B9msIiW4Wz4RDFUYKRByrwMvQLn XMVnEPVnSgVIlXalEWuGPezasYvPnSCut16H9Z9vbOOD6kPEsGkDqGkvUjt5ZF/Q yb/S517Dh2CFNbkNxc0InyF99GO1RGazFblfnMOuer6tIcdlL1jFeci/DOppThVX vGM4Ylnh//lqMlio3vzaDG6Sh4yFV1ufctaZKkGt/g2ERYrH2Rqa8QKTbVJMju3K 5vZ79iBps3bVg6HGGPTRghhDt4fdt90GSm89rn6fd2S+NmYbSG3t6eMDNm1UMqSI DfxMsPJKdL92oNxw7+VqYwkIhFemIfS0rALAuOrARHa2bk99wK7uVMcd1xLQ27Mr 5YUbJ7Q0n/ZHx3z1ejM8zWHGiM7V9fFo+CQ2vGPFOKkaXZ6h5hs8KHAHO1rvXF9R acefGeYKjGn0/lX5uBchZe8XWgKs8u1xouLmlNCHblt4oHfnketVeG//r5g96vfq uRd71Gqku6fS6B8JKedHngNU1TB/Dbzgi9Z9pYvsU7qx5HxRRbmjLedZTv8PKXKQ UWQ0XZwxkBoIxrV0JnY+DgaTvSuGlOAroKWvB8QZc6GTinkxr4M= =qKnT -----END PGP SIGNATURE-----
