[ALSA-2025:9063] Moderate: git-lfs security update
Type:
security
Severity:
moderate
Release date:
2025-07-28
Description:
Git Large File Storage (LFS) replaces large files such as audio samples, videos, datasets, and graphics with text pointers inside Git, while storing the file contents on a remote server. Security Fix(es): * net/[http:](http:) Request smuggling due to acceptance of invalid chunked data in net/http (CVE-2025-22871) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
References:
Updated packages listed below:
Architecture Package Checksum
aarch64 git-lfs-3.6.1-2.el10_0.aarch64.rpm 5d864d44c6d2a5709e8b60fb68313760904187fa6b407fdf48b78887d43ff34f
ppc64le git-lfs-3.6.1-2.el10_0.ppc64le.rpm 1c3fa4ff3fe7ebd0cb622755b0a3bf7ab4f7d0682f25fa7eddf30da652922159
s390x git-lfs-3.6.1-2.el10_0.s390x.rpm f1114c6710bd5ae5e27b4dffe4d0e7165643f932100ba6bee60c360517e87ad0
x86_64 git-lfs-3.6.1-2.el10_0.x86_64.rpm 04c0de78250f864a556331cd622c13477723547bd384be6c6a957d20185a5a80
x86_64_v2 git-lfs-3.6.1-2.el10_0.x86_64_v2.rpm 0ddc4048140681e92918b5c2013902f0aee004ccc17e21817794281d7a44921e
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.