git-lfs-3.4.1-5.el8_10
エラータID: AXSA:2025-10027:03
Release date:
Tuesday, June 17, 2025 - 21:09
Subject:
git-lfs-3.4.1-5.el8_10
Affected Channels:
Asianux Server 8 for x86_64
Severity:
Moderate
Description:
Git Large File Storage (LFS) replaces large files such as audio samples, videos,
datasets, and graphics with text pointers inside Git, while storing the file
contents on a remote server.
Security Fix(es):
net/http: Request smuggling due to acceptance of invalid chunked data in
net/http (CVE-2025-22871)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE page(s)
listed in the References section.
CVE(s):
CVE-2025-22871
Solution:
Update packages.
CVEs:
CVE-2025-22871
The net/http package improperly accepts a bare LF as a line terminator in chunked data chunk-size lines. This can permit request smuggling if a net/http server is used in conjunction with a server that incorrectly accepts a bare LF as part of a chunk-ext.
The net/http package improperly accepts a bare LF as a line terminator in chunked data chunk-size lines. This can permit request smuggling if a net/http server is used in conjunction with a server that incorrectly accepts a bare LF as part of a chunk-ext.
Additional Info:
N/A
Download:
SRPMS
- git-lfs-3.4.1-5.el8_10.src.rpm
MD5: c59944f989046210cb690a09ef1909b3
SHA-256: db70fd03f7eccc3fb31ca6e41c02c96f5e6258c5921e161fd0829af509acf3bf
Size: 3.38 MB
Asianux Server 8 for x86_64
- git-lfs-3.4.1-5.el8_10.x86_64.rpm
MD5: 38038db184b79789651f64ddb7130f86
SHA-256: cfe7ca593a59280273e9f337af3b9aa5d43cba3ed01b10931a077691a0757bde
Size: 4.49 MB
日本語