{"affected":[{"ecosystem_specific":{"binaries":[{"git-core":"2.51.0-150600.3.12.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Module for Basesystem 15 SP6","name":"git","purl":"pkg:rpm/suse/git&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP6"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"2.51.0-150600.3.12.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"git-core":"2.51.0-150600.3.12.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Module for Basesystem 15 SP7","name":"git","purl":"pkg:rpm/suse/git&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP7"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"2.51.0-150600.3.12.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"git":"2.51.0-150600.3.12.1","git-arch":"2.51.0-150600.3.12.1","git-cvs":"2.51.0-150600.3.12.1","git-daemon":"2.51.0-150600.3.12.1","git-doc":"2.51.0-150600.3.12.1","git-email":"2.51.0-150600.3.12.1","git-gui":"2.51.0-150600.3.12.1","git-lfs":"3.7.0-150600.13.3.1","git-svn":"2.51.0-150600.3.12.1","git-web":"2.51.0-150600.3.12.1","gitk":"2.51.0-150600.3.12.1","obs-scm-bridge":"0.7.4-150600.14.4.1","perl-Git":"2.51.0-150600.3.12.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Module for Development Tools 15 SP6","name":"git","purl":"pkg:rpm/suse/git&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP6"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"2.51.0-150600.3.12.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"git":"2.51.0-150600.3.12.1","git-arch":"2.51.0-150600.3.12.1","git-cvs":"2.51.0-150600.3.12.1","git-daemon":"2.51.0-150600.3.12.1","git-doc":"2.51.0-150600.3.12.1","git-email":"2.51.0-150600.3.12.1","git-gui":"2.51.0-150600.3.12.1","git-lfs":"3.7.0-150600.13.3.1","git-svn":"2.51.0-150600.3.12.1","git-web":"2.51.0-150600.3.12.1","gitk":"2.51.0-150600.3.12.1","obs-scm-bridge":"0.7.4-150600.14.4.1","perl-Git":"2.51.0-150600.3.12.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Module for Development Tools 15 SP6","name":"git-lfs","purl":"pkg:rpm/suse/git-lfs&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP6"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"3.7.0-150600.13.3.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"git":"2.51.0-150600.3.12.1","git-arch":"2.51.0-150600.3.12.1","git-cvs":"2.51.0-150600.3.12.1","git-daemon":"2.51.0-150600.3.12.1","git-doc":"2.51.0-150600.3.12.1","git-email":"2.51.0-150600.3.12.1","git-gui":"2.51.0-150600.3.12.1","git-lfs":"3.7.0-150600.13.3.1","git-svn":"2.51.0-150600.3.12.1","git-web":"2.51.0-150600.3.12.1","gitk":"2.51.0-150600.3.12.1","obs-scm-bridge":"0.7.4-150600.14.4.1","perl-Git":"2.51.0-150600.3.12.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Module for Development Tools 15 SP6","name":"obs-scm-bridge","purl":"pkg:rpm/suse/obs-scm-bridge&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP6"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"0.7.4-150600.14.4.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"git":"2.51.0-150600.3.12.1","git-arch":"2.51.0-150600.3.12.1","git-cvs":"2.51.0-150600.3.12.1","git-daemon":"2.51.0-150600.3.12.1","git-doc":"2.51.0-150600.3.12.1","git-email":"2.51.0-150600.3.12.1","git-gui":"2.51.0-150600.3.12.1","git-lfs":"3.7.0-150600.13.3.1","git-svn":"2.51.0-150600.3.12.1","git-web":"2.51.0-150600.3.12.1","gitk":"2.51.0-150600.3.12.1","obs-scm-bridge":"0.7.4-150600.14.4.1","perl-Git":"2.51.0-150600.3.12.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Module for Development Tools 15 SP7","name":"git","purl":"pkg:rpm/suse/git&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP7"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"2.51.0-150600.3.12.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"git":"2.51.0-150600.3.12.1","git-arch":"2.51.0-150600.3.12.1","git-cvs":"2.51.0-150600.3.12.1","git-daemon":"2.51.0-150600.3.12.1","git-doc":"2.51.0-150600.3.12.1","git-email":"2.51.0-150600.3.12.1","git-gui":"2.51.0-150600.3.12.1","git-lfs":"3.7.0-150600.13.3.1","git-svn":"2.51.0-150600.3.12.1","git-web":"2.51.0-150600.3.12.1","gitk":"2.51.0-150600.3.12.1","obs-scm-bridge":"0.7.4-150600.14.4.1","perl-Git":"2.51.0-150600.3.12.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Module for Development Tools 15 SP7","name":"git-lfs","purl":"pkg:rpm/suse/git-lfs&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP7"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"3.7.0-150600.13.3.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"git":"2.51.0-150600.3.12.1","git-arch":"2.51.0-150600.3.12.1","git-cvs":"2.51.0-150600.3.12.1","git-daemon":"2.51.0-150600.3.12.1","git-doc":"2.51.0-150600.3.12.1","git-email":"2.51.0-150600.3.12.1","git-gui":"2.51.0-150600.3.12.1","git-lfs":"3.7.0-150600.13.3.1","git-svn":"2.51.0-150600.3.12.1","git-web":"2.51.0-150600.3.12.1","gitk":"2.51.0-150600.3.12.1","obs-scm-bridge":"0.7.4-150600.14.4.1","perl-Git":"2.51.0-150600.3.12.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Module for Development Tools 15 SP7","name":"obs-scm-bridge","purl":"pkg:rpm/suse/obs-scm-bridge&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP7"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"0.7.4-150600.14.4.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"python311-PyYAML":"6.0.2-150600.10.3.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Module for Python 3 15 SP6","name":"python-PyYAML","purl":"pkg:rpm/suse/python-PyYAML&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Python%203%2015%20SP6"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"6.0.2-150600.10.3.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"python311-PyYAML":"6.0.2-150600.10.3.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Module for Python 3 15 SP7","name":"python-PyYAML","purl":"pkg:rpm/suse/python-PyYAML&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Python%203%2015%20SP7"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"6.0.2-150600.10.3.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"git":"2.51.0-150600.3.12.1","git-arch":"2.51.0-150600.3.12.1","git-core":"2.51.0-150600.3.12.1","git-credential-libsecret":"2.51.0-150600.3.12.1","git-cvs":"2.51.0-150600.3.12.1","git-daemon":"2.51.0-150600.3.12.1","git-doc":"2.51.0-150600.3.12.1","git-email":"2.51.0-150600.3.12.1","git-gui":"2.51.0-150600.3.12.1","git-lfs":"3.7.0-150600.13.3.1","git-p4":"2.51.0-150600.3.12.1","git-svn":"2.51.0-150600.3.12.1","git-web":"2.51.0-150600.3.12.1","gitk":"2.51.0-150600.3.12.1","obs-scm-bridge":"0.7.4-150600.14.4.1","perl-Git":"2.51.0-150600.3.12.1","python311-PyYAML":"6.0.2-150600.10.3.1"}]},"package":{"ecosystem":"openSUSE:Leap 15.6","name":"git","purl":"pkg:rpm/opensuse/git&distro=openSUSE%20Leap%2015.6"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"2.51.0-150600.3.12.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"git":"2.51.0-150600.3.12.1","git-arch":"2.51.0-150600.3.12.1","git-core":"2.51.0-150600.3.12.1","git-credential-libsecret":"2.51.0-150600.3.12.1","git-cvs":"2.51.0-150600.3.12.1","git-daemon":"2.51.0-150600.3.12.1","git-doc":"2.51.0-150600.3.12.1","git-email":"2.51.0-150600.3.12.1","git-gui":"2.51.0-150600.3.12.1","git-lfs":"3.7.0-150600.13.3.1","git-p4":"2.51.0-150600.3.12.1","git-svn":"2.51.0-150600.3.12.1","git-web":"2.51.0-150600.3.12.1","gitk":"2.51.0-150600.3.12.1","obs-scm-bridge":"0.7.4-150600.14.4.1","perl-Git":"2.51.0-150600.3.12.1","python311-PyYAML":"6.0.2-150600.10.3.1"}]},"package":{"ecosystem":"openSUSE:Leap 15.6","name":"git-lfs","purl":"pkg:rpm/opensuse/git-lfs&distro=openSUSE%20Leap%2015.6"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"3.7.0-150600.13.3.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"git":"2.51.0-150600.3.12.1","git-arch":"2.51.0-150600.3.12.1","git-core":"2.51.0-150600.3.12.1","git-credential-libsecret":"2.51.0-150600.3.12.1","git-cvs":"2.51.0-150600.3.12.1","git-daemon":"2.51.0-150600.3.12.1","git-doc":"2.51.0-150600.3.12.1","git-email":"2.51.0-150600.3.12.1","git-gui":"2.51.0-150600.3.12.1","git-lfs":"3.7.0-150600.13.3.1","git-p4":"2.51.0-150600.3.12.1","git-svn":"2.51.0-150600.3.12.1","git-web":"2.51.0-150600.3.12.1","gitk":"2.51.0-150600.3.12.1","obs-scm-bridge":"0.7.4-150600.14.4.1","perl-Git":"2.51.0-150600.3.12.1","python311-PyYAML":"6.0.2-150600.10.3.1"}]},"package":{"ecosystem":"openSUSE:Leap 15.6","name":"obs-scm-bridge","purl":"pkg:rpm/opensuse/obs-scm-bridge&distro=openSUSE%20Leap%2015.6"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"0.7.4-150600.14.4.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"git":"2.51.0-150600.3.12.1","git-arch":"2.51.0-150600.3.12.1","git-core":"2.51.0-150600.3.12.1","git-credential-libsecret":"2.51.0-150600.3.12.1","git-cvs":"2.51.0-150600.3.12.1","git-daemon":"2.51.0-150600.3.12.1","git-doc":"2.51.0-150600.3.12.1","git-email":"2.51.0-150600.3.12.1","git-gui":"2.51.0-150600.3.12.1","git-lfs":"3.7.0-150600.13.3.1","git-p4":"2.51.0-150600.3.12.1","git-svn":"2.51.0-150600.3.12.1","git-web":"2.51.0-150600.3.12.1","gitk":"2.51.0-150600.3.12.1","obs-scm-bridge":"0.7.4-150600.14.4.1","perl-Git":"2.51.0-150600.3.12.1","python311-PyYAML":"6.0.2-150600.10.3.1"}]},"package":{"ecosystem":"openSUSE:Leap 15.6","name":"python-PyYAML","purl":"pkg:rpm/opensuse/python-PyYAML&distro=openSUSE%20Leap%2015.6"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"6.0.2-150600.10.3.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for git, git-lfs, obs-scm-bridge, python-PyYAML fixes the following issues:\n\ngit was updated from version 2.43.0 to 2.51.0 (bsc#1243197):\n\n- Security issues fixed:\n\n  * CVE-2025-27613 Fixed arbitrary writable file creation and truncation in Gitk(bsc#1245938)\n  * CVE-2025-27614 Fixed arbitrary script execution via repository clonation in gitk(bsc#1245939)\n  * CVE-2025-46835 Fixed arbitrary writable file creation in Git GUI when untrusted repository is cloned (bsc#1245942)\n  * CVE-2025-48384 Fixed the unintentional execution of a script after checkout due to CRLF transforming (bsc#1245943)\n  * CVE-2025-48385 Fixed arbitrary code execution due to protocol injection via fetching advertised bundle(bsc#1245946)\n\n- Other changes and bugs fixed:\n    \n- Other changes and bugs fixed:\n    \n  * Added SHA256 support (bsc#1243197)\n  * Git moved to /usr/libexec/git/git and updated AppArmor profile\n    accordingly (bsc#1218588)\n  * gitweb AppArmor profile: allow reading etc/gitweb-common.conf (bsc#1218664)\n  * Do not replace apparmor configuration  (bsc#1216545)\n  * Fixed the Python version required (bsc#1212476)\n    \n- Version Updates Release Notes:\n\n  * https://raw.githubusercontent.com/git/git/master/Documentation/RelNotes/2.51.0.adoc\n  * https://raw.githubusercontent.com/git/git/master/Documentation/RelNotes/2.50.1.adoc\n  * https://raw.githubusercontent.com/git/git/master/Documentation/RelNotes/2.50.0.adoc\n  * https://raw.githubusercontent.com/git/git/master/Documentation/RelNotes/2.49.0.adoc\n  * https://raw.githubusercontent.com/git/git/master/Documentation/RelNotes/2.48.1.adoc\n  * https://raw.githubusercontent.com/git/git/master/Documentation/RelNotes/2.48.0.adoc\n  * https://raw.githubusercontent.com/git/git/master/Documentation/RelNotes/2.47.1.adoc\n  * https://raw.githubusercontent.com/git/git/master/Documentation/RelNotes/2.47.0.adoc\n  * https://raw.githubusercontent.com/git/git/master/Documentation/RelNotes/2.46.2.adoc\n  * https://raw.githubusercontent.com/git/git/master/Documentation/RelNotes/2.46.1.adoc\n  * https://raw.githubusercontent.com/git/git/master/Documentation/RelNotes/2.46.0.adoc\n  * https://raw.githubusercontent.com/git/git/master/Documentation/RelNotes/2.45.3.adoc\n  * https://raw.githubusercontent.com/git/git/master/Documentation/RelNotes/2.45.2.adoc\n  * https://raw.githubusercontent.com/git/git/master/Documentation/RelNotes/2.45.1.adoc\n  * https://raw.githubusercontent.com/git/git/master/Documentation/RelNotes/2.45.0.adoc\n  * https://raw.githubusercontent.com/git/git/master/Documentation/RelNotes/2.44.0.adoc\n  * https://raw.githubusercontent.com/git/git/master/Documentation/RelNotes/2.43.3.adoc\n  * https://raw.githubusercontent.com/git/git/master/Documentation/RelNotes/2.43.2.adoc\n  * https://raw.githubusercontent.com/git/git/master/Documentation/RelNotes/2.43.1.adoc\n\ngit-lfs is included in version 3.7.0.\n\npython-PyYAML was updated from version 6.0.1 to 6.0.2:\n\n- Added support for Cython 3.x and Python 3.13\n\nobs-scm-bridge was updated from version 0.5.4 to 0.7.4:\n\n- New Features and Improvements:\n\n  * Manifest File Support: Support has been added for a `_manifest file`, which serves as a successor to the `_subdirs`\n    file.\n  * Control Over Git Information: A new noobsinfo query parameter was added to hide git information in source and binary\n    files.\n  * Enhanced Submodule Handling: The system now records the configured branch of submodules and stays on that branch\n    during checkout.\n  * Git SHA Tracking: In project mode, the tool now uses git SHA sums instead of md5sum to track package sources.\n  * SSH URL Support: ssh:// SCM URLs can now be used.\n  * Improved Error Messages: Error reporting for invalid files within package subdirectories has been improved.\n  * Standardized Config Location: In project mode, the _config file is now always located in the top-level directory,\n    even when using subdirs.\n  * Reduced Unnecessary Changes: In project mode, unnecessary modifications to the package meta URL are now avoided.\n  * Limit Asset Handling: A new mechanism has been introduced to limit how assets are handled.\n  * Branch Information Export: The trackingbranch is now exported to scmsync.obsinfo.\n\n- Bugs fixed:\n\n  * Syntax Fix: A syntax issue was corrected.\n  * Git Submodule Parsing: The .gitsubmodule parser was fixed to correctly handle files that contain a mix of spaces and\n    tabs.\n","id":"SUSE-SU-2025:03012-1","modified":"2025-08-29T00:07:40Z","published":"2025-08-29T00:07:40Z","references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/2025/suse-su-202503012-1/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1212476"},{"type":"REPORT","url":"https://bugzilla.suse.com/1216545"},{"type":"REPORT","url":"https://bugzilla.suse.com/1218588"},{"type":"REPORT","url":"https://bugzilla.suse.com/1218664"},{"type":"REPORT","url":"https://bugzilla.suse.com/1243197"},{"type":"REPORT","url":"https://bugzilla.suse.com/1245938"},{"type":"REPORT","url":"https://bugzilla.suse.com/1245939"},{"type":"REPORT","url":"https://bugzilla.suse.com/1245942"},{"type":"REPORT","url":"https://bugzilla.suse.com/1245943"},{"type":"REPORT","url":"https://bugzilla.suse.com/1245946"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-27613"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-27614"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-46835"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-48384"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-48385"}],"related":["CVE-2025-27613","CVE-2025-27614","CVE-2025-46835","CVE-2025-48384","CVE-2025-48385"],"summary":"security update for git, git-lfs, obs-scm-bridge, python-PyYAML","upstream":["CVE-2025-27613","CVE-2025-27614","CVE-2025-46835","CVE-2025-48384","CVE-2025-48385"]}