[ALSA-2026:30854] Important: git-lfs security update
Type:
security
Severity:
important
Release date:
2026-06-30
Description:
Git Large File Storage (LFS) replaces large files such as audio samples, videos, datasets, and graphics with text pointers inside Git, while storing the file contents on a remote server. Security Fix(es): * golang.org/x/net/idna: golang: golang.org/x/net/idna: Privilege escalation via incorrect Punycode label processing (CVE-2026-39821) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Updated packages listed below:
Architecture Package Checksum
aarch64 git-lfs-3.7.1-4.el9_8.1.aarch64.rpm 4ab766e2007ed091b2f866057d7f91c07bcee2b560e2e494e2cd08ed28e870a0
ppc64le git-lfs-3.7.1-4.el9_8.1.ppc64le.rpm 7bc5d05896c29d8ccc77c73d1b15ad6bcf8e35899d050645073131696197b198
s390x git-lfs-3.7.1-4.el9_8.1.s390x.rpm 0b6e4d3f3281d3f7d7ec44f85531172e04496132d4f29049e16467addad7adc3
x86_64 git-lfs-3.7.1-4.el9_8.1.x86_64.rpm 75818e15cef231380790f73839935315dde237c3ffa302f545df00e761fee870
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.