[ALSA-2024:2079] Important: git-lfs security update
Type:
security
Severity:
important
Release date:
2024-04-29
Description:
Git Large File Storage (LFS) replaces large files such as audio samples, videos, datasets, and graphics with text pointers inside Git, while storing the file contents on a remote server. Security Fix(es): * golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS (CVE-2023-45288,VU#421644.3) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
References:
Updated packages listed below:
Architecture Package Checksum
aarch64 git-lfs-3.2.0-2.el9_3.aarch64.rpm 5bedef363b36a709d9943f1df7b9d5889e6ec149af326e916a23de35027c151a
ppc64le git-lfs-3.2.0-2.el9_3.ppc64le.rpm 9b0d46c38fa295b24198eb479cfc2cdc360028fccab476be47fa796e9115c171
s390x git-lfs-3.2.0-2.el9_3.s390x.rpm caddf353a32918639b640e100a43eaa089d6cf57b6f1696b748bd4084b7a8d5c
x86_64 git-lfs-3.2.0-2.el9_3.x86_64.rpm aff750975a1a1da2602cfa8f3c55386a08f71d57882967d08b075e606770b70c
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.