Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[enhancement]: update git version in the agent for security vulnerabilities #5016

Closed
lombardialess opened this issue Oct 16, 2024 · 1 comment
Closed

[enhancement]: update git version in the agent for security vulnerabilities #5016

lombardialess opened this issue Oct 16, 2024 · 1 comment
Labels
Area: Agent enhancement

Comments

@lombardialess
Copy link

Describe your feature request here

Git used on the current devops agent release is version 2.45 that has openssl (3.2.1.0) vulnerabilities (CVE-2024-5535, CVE-2024-4741,
CVE-2024-4603, CVE-2024-2511).
Seems git version 2.47 is not containing this issue because openssl version is 3.2.3.0.
Please upgrade the git version contained in the agent.
@vmapetr
Copy link
Contributor

vmapetr commented Nov 26, 2024

Hi @lombardialess, thank you for the report.
We aware of this issue and updated the git version in scope of this PR - #5026 (Included in agent 3.248.0)
It has been deployed on the last week, so I'm closing this issue. Please feel free to reopen it in case if you have additional questions.

@vmapetr vmapetr closed this as completed Nov 26, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Area: Agent enhancement
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@lombardialess @vmapetr @DenisRumyantsev