[Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2025-26625/git-lfs via unstable
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Tue Nov 25 15:16:03 GMT 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
d451c3a2 by Salvatore Bonaccorso at 2025-11-25T16:15:24+01:00
Track fixed version for CVE-2025-26625/git-lfs via unstable
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -11123,7 +11123,7 @@ CVE-2025-34282 (ThingsBoard versions < 4.2.1 contain a server-side request forge
CVE-2025-34281 (ThingsBoard versions < 4.2.1 contain a stored cross-site scripting (XS ...)
NOT-FOR-US: ThingsBoard
CVE-2025-26625 (Git LFS is a Git extension for versioning large files. In Git LFS vers ...)
- - git-lfs <unfixed> (bug #1118339)
+ - git-lfs 3.7.1-1 (bug #1118339)
NOTE: https://github.com/git-lfs/git-lfs/security/advisories/GHSA-6pvw-g552-53c5
NOTE: https://github.com/git-lfs/git-lfs/commit/0cffe93176b870055c9dadbb3cc9a4a440e98396 (main)
NOTE: https://github.com/git-lfs/git-lfs/commit/5c11ffce9a4f095ff356bc781e2a031abb46c1a8 (main)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d451c3a27793a49dfed890e49553b7bac96456c2
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d451c3a27793a49dfed890e49553b7bac96456c2
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251125/5a331ce2/attachment.htm>
More information about the debian-security-tracker-commits
mailing list