Home / mailings [USN-5376-5] Git regression
Posted on 27 February 2026
Ubuntu Security==========================================================================Ubuntu Security Notice USN-5376-5
February 27, 2026
git regression
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 22.04 LTS
- Ubuntu 20.04 LTS
Summary:
USN-5376-4 introduced a regression in Git
Software Description:
- git: fast, scalable, distributed revision control system
Details:
USN-5376-4 fixed a regression in Git. The update introduced a regression
when specifying configuration includes due to additional restrictions. This
update fixes the problem.
We apologize for the inconvenience.
Original advisory details:
俞晨东 discovered that Git incorrectly handled certain repository paths
in platforms with multiple users support. An attacker could possibly use
this issue to run arbitrary commands.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 22.04 LTS
git 1:2.34.1-1ubuntu1.17
Ubuntu 20.04 LTS
git 1:2.25.1-1ubuntu3.14+esm5
Available with Ubuntu Pro
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-5376-5
https://ubuntu.com/security/notices/USN-5376-4
https://ubuntu.com/security/notices/USN-5376-3
https://ubuntu.com/security/notices/USN-5376-2
https://ubuntu.com/security/notices/USN-5376-1
https://launchpad.net/bugs/2142790
Package Information:
https://launchpad.net/ubuntu/+source/git/1:2.34.1-1ubuntu1.17
--===============6960131570281303148==Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
