ALSA-2025:9060

[ALSA-2025:9060] Moderate: git-lfs security update

Type:

security

Severity:

moderate

Release date:

2025-07-02

Description:

Git Large File Storage (LFS) replaces large files such as audio samples, videos, datasets, and graphics with text pointers inside Git, while storing the file contents on a remote server.  

Security Fix(es):  

  * net/[http:](http:) Request smuggling due to acceptance of invalid chunked data in net/http (CVE-2025-22871)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	git-lfs-3.4.1-5.el8_10.aarch64.rpm	bcaf887dc2a8aa44881e718722ff462f251733516c265b0d53f13d95be67403a
ppc64le	git-lfs-3.4.1-5.el8_10.ppc64le.rpm	80f7d19c3afa75ce36e3687e0b31a042ae72c43000da340e2a11089ee8b30c3e
s390x	git-lfs-3.4.1-5.el8_10.s390x.rpm	cc0d97b6a5a4f07df8e63d20a1eac8e9b8606be7aa778093f9acdd5b52f755ec
x86_64	git-lfs-3.4.1-5.el8_10.x86_64.rpm	609cf51d829afa97f5bade75e8f322376dcab8ca5775aef0b744df85e122f751

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.