[ALSA-2025:23744] Important: git-lfs security update
Type:
security
Severity:
important
Release date:
2025-12-22
Description:
Git Large File Storage (LFS) replaces large files such as audio samples, videos, datasets, and graphics with text pointers inside Git, while storing the file contents on a remote server. Security Fix(es): * git-lfs: Git LFS may write to arbitrary files via crafted symlinks (CVE-2025-26625) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
References:
Updated packages listed below:
Architecture Package Checksum
aarch64 git-lfs-3.6.1-4.el9_7.aarch64.rpm d97289c7dae5ae318a443248fb3033aae16b2b749bb6aa3377465bbbb40e2f48
ppc64le git-lfs-3.6.1-4.el9_7.ppc64le.rpm 91d6ae0323248e5c09998a178eb2989cc206c3e15178cc10fa05f451f96e71f8
s390x git-lfs-3.6.1-4.el9_7.s390x.rpm 4f8b70c9215326cd3130866fa2105ed6adad87ec7d0f6129a0a1d4378123defd
x86_64 git-lfs-3.6.1-4.el9_7.x86_64.rpm 75f1b25a8d336671eb7a6af78ad6622ad686da7fa2b01da463ad123c0129258f
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.