File _patchinfo of Package patchinfo.37096

<patchinfo incident="37096">
  <issue tracker="cve" id="2025-48384"/>
  <issue tracker="cve" id="2024-52006"/>
  <issue tracker="cve" id="2025-46835"/>
  <issue tracker="cve" id="2025-27613"/>
  <issue tracker="cve" id="2024-50349"/>
  <issue tracker="bnc" id="1245942">VUL-0: CVE-2025-46835: git: untrusted repository cloning can lead to arbitrary writable file creation in Git GUI</issue>
  <issue tracker="bnc" id="1245938">VUL-0: CVE-2025-27613: git: arbitrary writable file creation and truncation in Gitk</issue>
  <issue tracker="bnc" id="1245943">VUL-0: CVE-2025-48384: git: script may be unintentionally executed after checkout due to CRLF transforming</issue>
  <issue tracker="bnc" id="1235600">VUL-0: CVE-2024-50349: git: passwords for trusted sites could be sent to untrusted sites</issue>
  <issue tracker="bnc" id="1235601">VUL-0: CVE-2024-52006: git: Carriage Returns via the credential protocol to credential helpers</issue>
  <packager>ateixeira</packager>
  <rating>important</rating>
  <category>security</category>
  <summary>Security update for git</summary>
  <description>This update for git fixes the following issues:

- CVE-2024-50349: Passwords for trusted sites could be sent to untrusted sites (bsc#1235600).
- CVE-2024-52006: Carriage Returns via the credential protocol to credential helpers (bsc#1235601).
- CVE-2025-27613: Fixed arbitrary writable file creation and truncation in Gitk (bsc#1245938)
- CVE-2025-46835: Fixed arbitrary writable file creation via untrusted repository clonation in Git GUI (bsc#1245942)
- CVE-2025-48384: Fixed arbitrary writable file creation when cloning untrusted repositories with submodules
  using the --recursive flag (bsc#1245943)   
</description>
</patchinfo>