[ALSA-2025:0845] Important: git-lfs security update
Type:
security
Severity:
important
Release date:
2025-01-31
Description:
Git Large File Storage (LFS) replaces large files such as audio samples, videos, datasets, and graphics with text pointers inside Git, while storing the file contents on a remote server. Security Fix(es): * git-lfs: Git LFS permits exfiltration of credentials via crafted HTTP URLs (CVE-2024-53263) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
References:
Updated packages listed below:
Architecture Package Checksum
aarch64 git-lfs-3.4.1-4.el8_10.aarch64.rpm 3f2bcb494bddcb12ffc2169a3664ac72205ca92b5907e37b91e299625deb2467
ppc64le git-lfs-3.4.1-4.el8_10.ppc64le.rpm f0dfc649c9c1fd47c7a8e9cf47e2e2aabe814d2b233f65474a0fbd58d2249e47
s390x git-lfs-3.4.1-4.el8_10.s390x.rpm bf4adde215f5119c9407241a4b8d445f3e27784140e5fbb814e766e589f3c940
x86_64 git-lfs-3.4.1-4.el8_10.x86_64.rpm 270a4c992ead639d81aa80c9d2c29ee2ab67218df9598c063853b8ff23f91016
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.