GitPython before 3.1.32 does not block insecure non-multi options in clone and clone_from. NOTE: this issue exists because of an incomplete fix for CVE-2022-24439. References: https://github.com/gitpython-developers/GitPython/commit/ca965ecc81853bca7675261729143f54e5bf4cdd https://github.com/gitpython-developers/GitPython/pull/1609
Created GitPython tracking bugs for this issue: Affects: epel-all [bug 2231476] Affects: fedora-all [bug 2231475] Affects: openstack-rdo [bug 2231477]
This issue has been addressed in the following products: Red Hat Ansible Automation Platform 2.4 for RHEL 9 Red Hat Ansible Automation Platform 2.4 for RHEL 8 Via RHSA-2023:4971 https://access.redhat.com/errata/RHSA-2023:4971
This issue has been addressed in the following products: Red Hat Ansible Automation Platform 2.3 for RHEL 9 Red Hat Ansible Automation Platform 2.3 for RHEL 8 Via RHSA-2023:4991 https://access.redhat.com/errata/RHSA-2023:4991
This issue has been addressed in the following products: Red Hat Satellite 6.13 for RHEL 8 Via RHSA-2023:5931 https://access.redhat.com/errata/RHSA-2023:5931
This issue has been addressed in the following products: Red Hat Satellite 6.14 for RHEL 8 Via RHSA-2023:6818 https://access.redhat.com/errata/RHSA-2023:6818