Recursive clones are currently affected by a vulnerability that is caused by too-lax validation of submodule names, allowing very targeted attacks via remote code execution in recursive clones.
Tag: Git
ASA-2019-00667 – Git: Git does not refuse to write out tracked files with backlashes in filenames
Filenames on Linux/Unix can contain backslashes. On Windows, backslashes are directory separators. Git did not use to refuse to write out tracked files with such filenames.
ASA-2019-00666 – Git: NTFS protections inactive when running Git in the Windows Subsystem for Linux
When running Git in the Windows Subsystem for Linux (also known as "WSL") while accessing a working directory on a regular Windows drive, none of the NTFS protections were active.
ASA-2019-00665 – Git: Files inside the .git directory may be overwritten during cloning via NTFS Alternate Data Streams
Git was unaware of NTFS Alternate Data Streams, allowing files inside the .git/ directory to be overwritten during a clone.
ASA-2019-00664 – Git: Git mistakes some paths for relative paths allowing writing outside of the worktree while cloning
While the only permitted drive letters for physical drives on Windows are letters of the US-English alphabet, this restriction does not apply to virtual drives assigned via subst : . Git mistook such paths for relative paths, allowing writing outside of the worktree while cloning.
ASA-2019-00663 – Git: Incorrect quoting of command-line arguments allowed remote code execution during a recursive clone
Incorrect quoting of command-line arguments allowed remote code execution during a recursive clone in conjunction with SSH URLs.
ASA-2019-00661 – Git: Arbitrary path overwriting via export-marks command option
The --export-marks option of git fast-import is exposed also via the in-stream command feature export-marks=... and it allows overwriting arbitrary paths.
ASA-2019-00660 – Git: Submodule update command execution
Arbitrary command execution is possible in Git because a "git submodule update" operation can run commands found in the .gitmodules file of a malicious repository.