[ALSA-2025:23667] Important: git-lfs security update
Type:
security
Severity:
important
Release date:
2025-12-22
Description:
Git Large File Storage (LFS) replaces large files such as audio samples, videos, datasets, and graphics with text pointers inside Git, while storing the file contents on a remote server. Security Fix(es): * git-lfs: Git LFS may write to arbitrary files via crafted symlinks (CVE-2025-26625) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
References:
Updated packages listed below:
Architecture Package Checksum
aarch64 git-lfs-3.6.1-4.el10_1.aarch64.rpm 0be6e212dad5987b2263c0dea5eabb0fda04f85d1548d329f3407559aad3fc55
ppc64le git-lfs-3.6.1-4.el10_1.ppc64le.rpm 7ddabfc481f936a6bd418fa426c4c28821e552891ba9f7c10a49bc60c89eebf0
s390x git-lfs-3.6.1-4.el10_1.s390x.rpm b17dfad152b0f55f7680f151ef08a1766449154036b3272690d4a2e9033d0bf2
x86_64 git-lfs-3.6.1-4.el10_1.x86_64.rpm 4ef948972314a4d8cc32916d0b547fb9a86ba4df281bb551a2ebbd62bc3fc6bb
x86_64_v2 git-lfs-3.6.1-4.el10_1.x86_64_v2.rpm db6cd6df9e713f61e6e2d67ed2ae65a871fde58d0fc793fa45b106d2cd155835
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.