[ALSA-2026:30855] Important: git-lfs security update
Type:
security
Severity:
important
Release date:
2026-06-30
Description:
Git Large File Storage (LFS) replaces large files such as audio samples, videos, datasets, and graphics with text pointers inside Git, while storing the file contents on a remote server. Security Fix(es): * golang.org/x/net/idna: golang: golang.org/x/net/idna: Privilege escalation via incorrect Punycode label processing (CVE-2026-39821) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Updated packages listed below:
Architecture Package Checksum
aarch64 git-lfs-3.7.1-5.el10_2.5.aarch64.rpm c146ff2fcfdaf4ac9b672c89ba837a2ba6a53326bf4867f050db1faae1f1c8a5
ppc64le git-lfs-3.7.1-5.el10_2.5.ppc64le.rpm e4266eb2bf2b16714340aae10bc75bc19eb12190f0dcfd1e2905d7d96f362ff3
s390x git-lfs-3.7.1-5.el10_2.5.s390x.rpm e3f6e603dcad1337f9822355114bdecce67052b5311f5dcad26a8a62efaaca88
x86_64 git-lfs-3.7.1-5.el10_2.5.x86_64.rpm 0da999a3214ac0af02c48dba31d77fec883da58f5b30d9f8bb7a2ef58db2d0ec
x86_64_v2 git-lfs-3.7.1-5.el10_2.5.x86_64_v2.rpm 7a06f8183578a8ac07c3714f55b73bd56afe31eb1174e1cd6f27e2b8af0533c2
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.