This should get handled as part of normal patching, but RHEL ships with a 1.8.x branch of Git. We aren’t cloning from public repos for most things, but I can’t be 100% about it, and workstations are probably vulnerable as well. We should all update our workstations, but it doesn’t appear to be that simple for Linux servers:
(2.19.1 is the version to upgrade to.)
Mac: brew upgrade git didn’t seem to update the cli git, still on 18.104.22.168, have to download and install from https://sourceforge.net/projects/git-osx-installer/files/git-2.19.0-intel-universal-mavericks.dmg/download?use_mirror=autoselect
Linux: Looks like git does not have an rpm for a 2.x, it’s a clone and compile, which makes long term sustainability a pain.
CVE says version 2.18 is the oldest affected version, and the newest available from the yum repos is 22.214.171.124-14.
https://git-scm.com/download/linux says to download and compile.
# update git to 2.19.1
cp /usr/bin/git /usr/bin/git-126.96.36.199
yum -y install curl-devel expat-devel gettext-devel openssl-devel zlib-devel
yum -y install gcc perl-ExtUtils-MakeMaker
tar xzf git-2.19.1.tar.gz
make prefix=/usr/local/git all
make prefix=/usr/local/git install
rm -f /bin/git
ln -s /usr/local/git/bin/git /bin/git