A security issue affecting Git has been identified in Ubuntu 22.04 LTS and 20.04 LTS. The problem arose from a regression introduced by USN-5376-4, which incorrectly handled certain repository paths in platforms with multiple users support. An attacker could potentially exploit this vulnerability to run arbitrary commands. To correct the issue, update your system to the latest package versions: Ubuntu 22.04 LTS should have git version 1:2.34.1-1ubuntu1.17 and Ubuntu 20.04 LTS should have git version 1:2.25.1-1ubuntu3.14+esm5.

[USN-5376-4] Git regression
[USN-5376-5] Git regression

[USN-5376-4] Git regression

==========================================================================
Ubuntu Security Notice USN-5376-4
February 25, 2026

git regression
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 22.04 LTS
- Ubuntu 20.04 LTS

Summary:

USN-5376-1 introduced a regression in Git

Software Description:
- git: fast, scalable, distributed revision control system

Details:

USN-5376-1 fixed a vulnerability in Git. It was discovered that the safety
checks introduced in the update were not able to be set using the command
line, contrary to expectations. This update fixes the problem.

We apologize for the inconvenience.

Original advisory details:

俞晨东 discovered that Git incorrectly handled certain repository paths in
platforms with multiple users support. An attacker could possibly use
this issue to run arbitrary commands.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 22.04 LTS
git 1:2.34.1-1ubuntu1.16

Ubuntu 20.04 LTS
git 1:2.25.1-1ubuntu3.14+esm4
Available with Ubuntu Pro

In general, a standard system update will make all the necessary changes.

References:
https://ubuntu.com/security/notices/USN-5376-4
https://ubuntu.com/security/notices/USN-5376-3
https://ubuntu.com/security/notices/USN-5376-2
https://ubuntu.com/security/notices/USN-5376-1
https://launchpad.net/bugs/2142239

Package Information:
https://launchpad.net/ubuntu/+source/git/1:2.34.1-1ubuntu1.16

[USN-5376-5] Git regression

==========================================================================
Ubuntu Security Notice USN-5376-5
February 27, 2026

git regression
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 22.04 LTS
- Ubuntu 20.04 LTS

Summary:

USN-5376-4 introduced a regression in Git

Software Description:
- git: fast, scalable, distributed revision control system

Details:

USN-5376-4 fixed a regression in Git. The update introduced a regression
when specifying configuration includes due to additional restrictions. This
update fixes the problem.

We apologize for the inconvenience.

Original advisory details:

俞晨东 discovered that Git incorrectly handled certain repository paths
in platforms with multiple users support. An attacker could possibly use
this issue to run arbitrary commands.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 22.04 LTS
git 1:2.34.1-1ubuntu1.17

Ubuntu 20.04 LTS
git 1:2.25.1-1ubuntu3.14+esm5
Available with Ubuntu Pro

In general, a standard system update will make all the necessary changes.

References:
https://ubuntu.com/security/notices/USN-5376-5
https://ubuntu.com/security/notices/USN-5376-4
https://ubuntu.com/security/notices/USN-5376-3
https://ubuntu.com/security/notices/USN-5376-2
https://ubuntu.com/security/notices/USN-5376-1
https://launchpad.net/bugs/2142790

Package Information:
https://launchpad.net/ubuntu/+source/git/1:2.34.1-1ubuntu1.17