Git is a free and open source distributed version control system designed to handle everything from small to very large projects with speed and efficiency.
Multiple vulnerabilities have been discovered in Git. Please review the CVE identifiers referenced below for details.
A remote attacker, by providing a specially crafted URL, could possibly trick Git into returning credential information for a wrong host.
Disabling credential helpers will prevent this vulnerability.
All Git 2.23.x users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-vcs/git-2.23.3"
All Git 2.24.x users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-vcs/git-2.24.3"
All Git 2.25.x users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-vcs/git-2.25.4"
All Git 2.26.x users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-vcs/git-2.26.2"