[ALSA-2025:0673] Important: git-lfs security update
Type:
security
Severity:
important
Release date:
2025-01-24
Description:
Git Large File Storage (LFS) replaces large files such as audio samples, videos, datasets, and graphics with text pointers inside Git, while storing the file contents on a remote server. Security Fix(es): * git-lfs: Git LFS permits exfiltration of credentials via crafted HTTP URLs (CVE-2024-53263) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Updated packages listed below:
Architecture Package Checksum
aarch64 git-lfs-3.4.1-4.el9_5.aarch64.rpm 54408b326c5b943bffa1c31c7b37f986dd10187481e5cc5df8214cf40fe6229a
ppc64le git-lfs-3.4.1-4.el9_5.ppc64le.rpm 32b0ef9becbb0bb6b5e4688a2c31d9cc07340579ae803a24411ab81cbfbf17b6
s390x git-lfs-3.4.1-4.el9_5.s390x.rpm c622a750909e25dc8534945fbc8004f7cefe5a3a05e51988d0d9efc88996536a
x86_64 git-lfs-3.4.1-4.el9_5.x86_64.rpm 4bcc8e9a5fb31b492ec2ba09cb413146a306566e92dd6c87ac50c5c4b3958e76
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.