Security News

Cybersecurity news aggregator

🔄
HIGH Updates Red Hat Errata

RHSA-2026:19350: Important: git-lfs security update

cve-2026-25679red-hatcve-2026-32282cve-2026-32283cve-2026-32280
This update addresses multiple vulnerabilities in git-lfs for RHEL 9, including a high-severity denial-of-service flaw in Go's TLS 1.3 implementation (CVE-2026-32283, CVSS 7.5) triggered by multiple key update messages, and an incorrect IPv6 host parsing issue (CVE-2026-25679, CVSS 7.5). The underlying Go runtime fixes are included in versions 1.25.8 and 1.25.9, or 1.26.2. Red Hat Product Security has rated this update as Important.
Read Full Article →

Red Hat Product Errata RHSA-2026:19350 - Security Advisory Issued: 2026-05-19 Updated: 2026-05-19 RHSA-2026:19350 - Security Advisory Overview Updated Packages Synopsis Important: git-lfs security update Type/Severity Security Advisory: Important Red Hat Lightspeed patch analysis Identify and remediate systems affected by this advisory. View affected systems Topic An update for git-lfs is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Description Git Large File Storage (LFS) replaces large files such as audio samples, videos, datasets, and graphics with text pointers inside Git, while storing the file contents on a remote server. Security Fix(es): net/url: Incorrect parsing of IPv6 host literals in net/url (CVE-2026-25679) golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root (CVE-2026-32282) crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages (CVE-2026-32283) crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building (CVE-2026-32280) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Solution For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 Affected Products Red Hat Enterprise Linux for x86_64 9 x86_64 Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.8 x86_64 Red Hat Enterprise Linux for IBM z Systems 9 s390x Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.8 s390x Red Hat Enterprise Linux for Power, little endian 9 ppc64le Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.8 ppc64le Red Hat Enterprise Linux for ARM 64 9 aarch64 Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.8 aarch64 Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.8 ppc64le Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.8 x86_64 Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.8 aarch64 Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.8 s390x Red Hat Enterprise Linux for x86_64 - Extended Life Cycle 9.8 x86_64 Red Hat Enterprise Linux for ARM 64 - Extended Life Cycle 9.8 aarch64 Red Hat Enterprise Linux for Power, little endian - Extended Life Cycle 9.8 ppc64le Red Hat Enterprise Linux for IBM z Systems - Extended Life Cycle 9.8 s390x Fixes BZ - 2445356 - CVE-2026-25679 net/url: Incorrect parsing of IPv6 host literals in net/url BZ - 2456336 - CVE-2026-32282 golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root BZ - 2456338 - CVE-2026-32283 crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages BZ - 2456339 - CVE-2026-32280 crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building CVEs CVE-2026-25679 CVE-2026-32280 CVE-2026-32282 CVE-2026-32283 References https://access.redhat.com/security/updates/classification/#important Note: More recent versions of these packages may be available. Click a package name for more details. Red Hat Enterprise Linux for x86_64 9 SRPM git-lfs-3.7.1-4.el9_8.src.rpm SHA-256: 00858120eb360bdfa16b1d6dac25eeff010c861afb0f713996b809fd81a663e0 x86_64 git-lfs-3.7.1-4.el9_8.x86_64.rpm SHA-256: f14b714da9234ad6a4fc52b681e1174904610af80656c98d635f3d05d03c4029 git-lfs-debuginfo-3.7.1-4.el9_8.x86_64.rpm SHA-256: 41be0795b5da41add0965ad8742b8eb091c25a45755ddc23368f802dfc3772aa git-lfs-debugsource-3.7.1-4.el9_8.x86_64.rpm SHA-256: 928cb5c5442c88a8de5e2b69562ccb33d4719251ed5711d0fdf73073b91dfce5 Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.8 SRPM git-lfs-3.7.1-4.el9_8.src.rpm SHA-256: 00858120eb360bdfa16b1d6dac25eeff010c861afb0f713996b809fd81a663e0 x86_64 git-lfs-3.7.1-4.el9_8.x86_64.rpm SHA-256: f14b714da9234ad6a4fc52b681e1174904610af80656c98d635f3d05d03c4029 git-lfs-debuginfo-3.7.1-4.el9_8.x86_64.rpm SHA-256: 41be0795b5da41add0965ad8742b8eb091c25a45755ddc23368f802dfc3772aa git-lfs-debugsource-3.7.1-4.el9_8.x86_64.rpm SHA-256: 928cb5c5442c88a8de5e2b69562ccb33d4719251ed5711d0fdf73073b91dfce5 Red Hat Enterprise Linux for IBM z Systems 9 SRPM git-lfs-3.7.1-4.el9_8.src.rpm SHA-256: 00858120eb360bdfa16b1d6dac25eeff010c861afb0f713996b809fd81a663e0 s390x git-lfs-3.7.1-4.el9_8.s390x.rpm SHA-256: 68e0de0b2f0294b61e6e5616994ae24e5244d3581832d98aefb2963d2cea6389 git-lfs-debuginfo-3.7.1-4.el9_8.s390x.rpm SHA-256: 6311ca60aee3d993deefbbefa4d2afdfe211f7ed3b57c1566a3712b982ff09b9 git-lfs-debugsource-3.7.1-4.el9_8.s390x.rpm SHA-256: 5a523ae8513e90627642c39de39d23800a7c91b5d86d9746f246e7f664a36cb7 Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.8 SRPM git-lfs-3.7.1-4.el9_8.src.rpm SHA-256: 00858120eb360bdfa16b1d6dac25eeff010c861afb0f713996b809fd81a663e0 s390x git-lfs-3.7.1-4.el9_8.s390x.rpm SHA-256: 68e0de0b2f0294b61e6e5616994ae24e5244d3581832d98aefb2963d2cea6389 git-lfs-debuginfo-3.7.1-4.el9_8.s390x.rpm SHA-256: 6311ca60aee3d993deefbbefa4d2afdfe211f7ed3b57c1566a3712b982ff09b9 git-lfs-debugsource-3.7.1-4.el9_8.s390x.rpm SHA-256: 5a523ae8513e90627642c39de39d23800a7c91b5d86d9746f246e7f664a36cb7 Red Hat Enterprise Linux for Power, little endian 9 SRPM git-lfs-3.7.1-4.el9_8.src.rpm SHA-256: 00858120eb360bdfa16b1d6dac25eeff010c861afb0f713996b809fd81a663e0 ppc64le git-lfs-3.7.1-4.el9_8.ppc64le.rpm SHA-256: 2b2d03428690e00479bc500aebf9e2c86eb4fe3bae8053cfbd9dded3b00b202d git-lfs-debuginfo-3.7.1-4.el9_8.ppc64le.rpm SHA-256: c3e0fa291766bd7ad48f24634caba5775206c52211c5d929d9cad7e9a7d1d3e4 git-lfs-debugsource-3.7.1-4.el9_8.ppc64le.rpm SHA-256: a6fbec8aca3c03b341ba152aa3941768289f195a5181e662b2b68655b01ae4ef Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.8 SRPM git-lfs-3.7.1-4.el9_8.src.rpm SHA-256: 00858120eb360bdfa16b1d6dac25eeff010c861afb0f713996b809fd81a663e0 ppc64le git-lfs-3.7.1-4.el9_8.ppc64le.rpm SHA-256: 2b2d03428690e00479bc500aebf9e2c86eb4fe3bae8053cfbd9dded3b00b202d git-lfs-debuginfo-3.7.1-4.el9_8.ppc64le.rpm SHA-256: c3e0fa291766bd7ad48f24634caba5775206c52211c5d929d9cad7e9a7d1d3e4 git-lfs-debugsource-3.7.1-4.el9_8.ppc64le.rpm SHA-256: a6fbec8aca3c03b341ba152aa3941768289f195a5181e662b2b68655b01ae4ef Red Hat Enterprise Linux for ARM 64 9 SRPM git-lfs-3.7.1-4.el9_8.src.rpm SHA-256: 00858120eb360bdfa16b1d6dac25eeff010c861afb0f713996b809fd81a663e0 aarch64 git-lfs-3.7.1-4.el9_8.aarch64.rpm SHA-256: bbe80766502e3d06906ef6d44b0eb919759fd42d8a13a7d9dc58acff7cdefb41 git-lfs-debuginfo-3.7.1-4.el9_8.aarch64.rpm SHA-256: 578dff976e3a48a0f5e7b52d591bec4a4e5095ff6d0d290678d89e7f9d14e5bc git-lfs-debugsource-3.7.1-4.el9_8.aarch64.rpm SHA-256: c7204e4472f504e746135ae8675f38f4335fc81d9cd379ba71edd59ed5a874c5 Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.8 SRPM git-lfs-3.7.1-4.el9_8.src.rpm SHA-256: 00858120eb360bdfa16b1d6dac25eeff010c861afb0f713996b809fd81a663e0 aarch64 git-lfs-3.7.1-4.el9_8.aarch64.rpm SHA-256: bbe80766502e3d06906ef6d44b0eb919759fd42d8a13a7d9dc58acff7cdefb41 git-lfs-debuginfo-3.7.1-4.el9_8.aarch64.rpm SHA-256: 578dff976e3a48a0f5e7b52d591bec4a4e5095ff6d0d290678d89e7f9d14e5bc git-lfs-debugsource-3.7.1-4.el9_8.aarch64.rpm SHA-256: c7204e4472f504e746135ae8675f38f4335fc81d9cd379ba71edd59ed5a874c5 Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.8 SRPM git-lfs-3.7.1-4.el9_8.src.rpm SHA-256: 00858120eb360bdfa16b1d6dac25eeff010c861afb0f713996b809fd81a663e0 ppc64le git-lfs-3.7.1-4.el9_8.ppc64le.rpm SHA-256: 2b2d03428690e00479bc500aebf9e2c86eb4fe3bae8053cfbd9dded3b00b202d git-lfs-debuginfo-3.7.1-4.el9_8.ppc64le.rpm SHA-256: c3e0fa291766bd7ad48f24634caba5775206c52211c5d929d9cad7e9a7d1d3e4 git-lfs-debugsource-3.7.1-4.el9_8.ppc64le.rpm SHA-256: a6fbec8aca3c03b341ba152aa3941768289f195a5181e662b2b68655b01ae4ef Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.8 SRPM git-lfs-3.7.1-4.el9_8.src.rpm SHA-256: 00858120eb360bdfa16b1d6dac25eeff010c861afb0f713996b809fd81a663e0 x86_64 git-lfs-3.7.1-4.el9_8.x86_64.rpm SHA-256: f14b714da9234ad6a4fc52b681e1174904610af80656c98d635f3d05d03c4029 git-lfs-debuginfo-3.7.1-4.el9_8.x86_64.rpm SHA-256: 41be0795b5da41add0965ad8742b8eb091c25a45755ddc23368f802dfc3772aa git-lfs-debugsource-3.7.1-4.el9_8.x86_64.rpm SHA-256: 928cb5c5442c88a8de5e2b69562ccb33d4719251ed5711d0fdf73073b91dfce5 Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.8 SRPM git-lfs-3.7.1-4.el9_8.src.rpm SHA-256: 00858120eb360bdfa16b1d6dac25eeff010c861afb0f713996b809fd81a663e0 aarch64 git-lfs-3.7.1-4.el9_8.aarch64.rpm SHA-256: bbe80766502e3d06906ef6d44b0eb919759fd42d8a13a7d9dc58acff7cdefb41 git-lfs-debuginfo-3.7.1-4.el9_8.aarch64.rpm SHA-256: 578dff976e3a48a0f5e7b52d591bec4a4e5095ff6d0d290678d89e7f9d14e5bc git-lfs-debugsource-3.7.1-4.el9_8.aarch64.rpm SHA-256: c7204e4472f504e746135ae8675f38f4335fc81d9cd379ba71edd59ed5a874c5 Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.8 SRPM git-lfs-3.7.1-4.el9_8.src.rpm SHA-256: 00858120eb360bdfa16b1d6dac25eeff010c861afb0f713996b809fd81a663e0 s390x git-lfs-3.7.1-4.el9_8.s390x.rpm SHA-256: 68e0de0b2f0294b61e6e5616994ae24e5244d3581832d98aefb2963d2cea6389 git-lfs-debuginfo-3.7.1-4.el9_8.s390x.rpm SHA-256: 6311ca60aee3d993deefbbefa4d2afdfe211f7ed3b57c1566a3712b982ff09b9 git-lfs-debugsource-3.7.1-4.el9_8.s390x.rpm SHA-256: 5a523ae8513e90627642c39de39d23800a7c91b5d86d9746f246e7f664a36cb7 Red Hat Enterprise Linux for x86_64 - Extended Life Cycle 9.8 SRPM git-lfs-3.7.1-4.el9_8.src.rpm SHA-256: 00858120eb360bdfa16b1d6dac25eeff010c861afb0f713996b809fd81a663e0 x86_64 git-lfs-3.7.1-4.el9_8.x86_64.r

Related Articles

HIGH RHSA-2026:16875: Important: git-lfs security update Red Hat Errata HIGH RHSA-2026:19135: Important: opentelemetry-collector security update Red Hat Errata MEDIUM Multiples vulnérabilités dans Zabbix Agent2 (27 avril 2026) CERT-FR (ANSSI) HIGH RHSA-2026:17084: Important: gvisor-tap-vsock security update Red Hat Errata
Read Full Article → ← Back to News

Share this article

Twitter Facebook LinkedIn