-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-5850-1                   security@debian.org
https://www.debian.org/security/                     Salvatore Bonaccorso
January 26, 2025                      https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : git
CVE ID         : CVE-2024-50349 CVE-2024-52006
Debian Bug     : 1093042

Multiple issues were found in Git, a fast, scalable, distributed
revision control system, which may result in leaking credential
information to an unintended host.

For the stable distribution (bookworm), these problems have been fixed in
version 1:2.39.5-0+deb12u2.

We recommend that you upgrade your git packages.

For the detailed security status of git please refer to its security
tracker page at:
https://security-tracker.debian.org/tracker/git

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmeWXQRfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND
z0Sz8RAAoFEKonzQ7GircU2YJUAx0A0sEs6+KGJIQpSKYQGk8IVZUCr+l9SWChWY
fkQA07NFqT6wXSm3DBdpqXnxs1e/7/5jEey2nTTdcz3lc+9iueuOCmG4yCNustqN
fPHKtMBe7evHYdbgmKXM/HMtmvN18VaIt+AnuP6cpC21Y7NLHRUuwvhlFzF4P3mm
/5jp33XdtI4m+ne2ar2hXkO/UTVn7ckaoKtPnj8RTqGGPW0hTU7FVeop7LTd8sp1
cMbVZ06ZKYuM5xyyqEVlqbd1knjzkWn+Rjl/npmMP4LYXaF0LQdauX1IUJV/rr7J
M6Ic/NCG+XYQdOYP/7JPPeCV7aCXdWRsVvILPQOR8scBvdcnLp/e/o9JoHBgEi1M
G6d74URXR5H7BVX5I0DqQlxHFvXauiIsQ3g/OWI4CDxsps70YUdvCBjrzIKARUoz
AVMhMcZZ8ykoZ6niiNv6WTFU5ZJsqbLTXWM2cFI3vUuCzZFJTyzFGVJzosNguR39
KkC+1yUZAlHVv1BgtuncYsNxF6QoyoDrKpn74SxIQ7mmUbrppINDT5IcZr2kwDbu
KnLta478PJZXEKc+JiH8bMZymi3Yl5TO8KNfVYRtV0s6MfFGFysdc2hBgq5rPIkj
FL7uqK53Rg6QdfNjOm/zCtUA70EXG93FphReuOjoPoVs/m4G99Q=
=KjZH
-----END PGP SIGNATURE-----