[Bug 2003204] Re: Update git because of CVE-2022-23521
Jan Bauer
2003204 at bugs.launchpad.net
Thu Feb 23 14:07:23 UTC 2023
It appears that Canonical does not want to provide a fixed version.
So I decided to change the git source repo, and get a fresh git with:
sudo add-apt-repository ppa:git-core/ppa
sudo apt update
sudo apt install git -y
now check the version with: git --version
and it has 2.39.2, works on Ubuntu 18.04 without issues.
Conclusion: there is no reason to stick at the old git 2.17.1 on that
distro.
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to git in Ubuntu.
https://bugs.launchpad.net/bugs/2003204
Title:
Update git because of CVE-2022-23521
Status in git package in Ubuntu:
Confirmed
Bug description:
Please provide the latest git for Ubuntu LTS (18, 20 and 22)
The current version appears to be 2.39.1. The versions available from
apt seem to be pretty old. We still have some systems with Ubuntu 18
LTS, and I see 2.17.1 there after running sudo apt update && sudo apt
upgrade -y
See also:
https://github.com/git/git/security/advisories/GHSA-c738-c5qq-xg89
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/git/+bug/2003204/+subscriptions
More information about the foundations-bugs
mailing list