CommandLineTools

Install CommandLineTools below macOS Sequoia installs the VULNERABLE version of Git, 2.39.3 while macOS Sequoia installs a non-vulnerable version 2.39.5. How to get the non vulnerable version installed on macOS Sonoma?

CVE-2024-32002 - Prior to versions 2.45.1, 2.44.1, 2.43.4, 2.42.2, 2.41.1, 2.40.2, and 2.39.4, repositories with submodules can be crafted in a way that exploits a bug in Git whereby it can be fooled into writing files not into the submodule's worktree but into a .git/ directory.

while macOS Sequoia installs a non-vulnerable version 2.39.5. How to get the non vulnerable version installed on macOS Sonoma?

macOS doesn't ship with git. To install git, you need to install Xcode or the Command Line Tools package.

How to get the non vulnerable version installed on macOS Sonoma?

What workflow did you use to install git?

CommandLineTools
 
 
Q