CommandLineTools

Developer Tools & Services General
DLeazenby OP
Created Oct ’24
Replies 1
Boosts 0
Views 181
Participants 2

Install CommandLineTools below macOS Sequoia installs the VULNERABLE version of Git, 2.39.3 while macOS Sequoia installs a non-vulnerable version 2.39.5. How to get the non vulnerable version installed on macOS Sonoma?

CVE-2024-32002 - Prior to versions 2.45.1, 2.44.1, 2.43.4, 2.42.2, 2.41.1, 2.40.2, and 2.39.4, repositories with submodules can be crafted in a way that exploits a bug in Git whereby it can be fooled into writing files not into the submodule's worktree but into a .git/ directory.

Replies  1
Boosts  0
Views  181
Participants  2
DTS Engineer OP
Apple
Oct ’24

while macOS Sequoia installs a non-vulnerable version 2.39.5. How to get the non vulnerable version installed on macOS Sonoma?

macOS doesn't ship with git. To install git, you need to install Xcode or the Command Line Tools package.

How to get the non vulnerable version installed on macOS Sonoma?

What workflow did you use to install git?

0
CommandLineTools
First post date Last post date
 
 
Q