Red Hat Product Errata RHSA-2026:20584 - Security Advisory Issued: 2026-05-26 Updated: 2026-05-26 RHSA-2026:20584 - Security Advisory Overview Updated Packages Synopsis Important: git-lfs security update Type/Severity Security Advisory: Important Red Hat Lightspeed patch analysis Identify and remediate systems affected by this advisory. View affected systems Topic An update for git-lfs is now available for Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions and Red Hat Enterprise Linux 8.8 Telecommunications Update Service. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Description Git Large File Storage (LFS) replaces large files such as audio samples, videos, datasets, and graphics with text pointers inside Git, while storing the file contents on a remote server. Security Fix(es): net/url: Incorrect parsing of IPv6 host literals in net/url (CVE-2026-25679) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Solution For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 Affected Products Red Hat Enterprise Linux for x86_64 - Extended Update Support Extension 8.8 x86_64 Red Hat Enterprise Linux Server - TUS 8.8 x86_64 Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.8 ppc64le Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.8 x86_64 Fixes BZ - 2445356 - CVE-2026-25679 net/url: Incorrect parsing of IPv6 host literals in net/url CVEs CVE-2026-25679 References https://access.redhat.com/security/updates/classification/#important Note: More recent versions of these packages may be available. Click a package name for more details. Red Hat Enterprise Linux for x86_64 - Extended Update Support Extension 8.8 SRPM git-lfs-3.2.0-2.el8_8.7.src.rpm SHA-256: bb80ce50bb96d92806dce684dc76e709a87d39c4f7642ae292aab7504b304abe x86_64 git-lfs-3.2.0-2.el8_8.7.x86_64.rpm SHA-256: c88b302bf0527615ca46435da87e47554b9a8224ff7d4aed76865deb75fed54a git-lfs-debuginfo-3.2.0-2.el8_8.7.x86_64.rpm SHA-256: 4400831be6794477a33f4542d979e20347aa00c483b4287bd00ff1afb2700afd git-lfs-debugsource-3.2.0-2.el8_8.7.x86_64.rpm SHA-256: c3fd50abd49dd3a87457565d3cc66d5cd7c0353daf629e9c1cedb76d704dd799 Red Hat Enterprise Linux Server - TUS 8.8 SRPM git-lfs-3.2.0-2.el8_8.7.src.rpm SHA-256: bb80ce50bb96d92806dce684dc76e709a87d39c4f7642ae292aab7504b304abe x86_64 git-lfs-3.2.0-2.el8_8.7.x86_64.rpm SHA-256: c88b302bf0527615ca46435da87e47554b9a8224ff7d4aed76865deb75fed54a git-lfs-debuginfo-3.2.0-2.el8_8.7.x86_64.rpm SHA-256: 4400831be6794477a33f4542d979e20347aa00c483b4287bd00ff1afb2700afd git-lfs-debugsource-3.2.0-2.el8_8.7.x86_64.rpm SHA-256: c3fd50abd49dd3a87457565d3cc66d5cd7c0353daf629e9c1cedb76d704dd799 Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.8 SRPM git-lfs-3.2.0-2.el8_8.7.src.rpm SHA-256: bb80ce50bb96d92806dce684dc76e709a87d39c4f7642ae292aab7504b304abe ppc64le git-lfs-3.2.0-2.el8_8.7.ppc64le.rpm SHA-256: d6b860aac90d0f21f0d690e3d58e2cad1c3ea2547a10b7c72374ff57fffd133c git-lfs-debuginfo-3.2.0-2.el8_8.7.ppc64le.rpm SHA-256: a7fe7e802003774eb9a9cb50ff4982fda9de338b34ab6902aab9ac0a3c42e729 git-lfs-debugsource-3.2.0-2.el8_8.7.ppc64le.rpm SHA-256: bce09226017a3f4b2c9241054c3f62797879169dfdadab1f5f487765d78566b9 Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.8 SRPM git-lfs-3.2.0-2.el8_8.7.src.rpm SHA-256: bb80ce50bb96d92806dce684dc76e709a87d39c4f7642ae292aab7504b304abe x86_64 git-lfs-3.2.0-2.el8_8.7.x86_64.rpm SHA-256: c88b302bf0527615ca46435da87e47554b9a8224ff7d4aed76865deb75fed54a git-lfs-debuginfo-3.2.0-2.el8_8.7.x86_64.rpm SHA-256: 4400831be6794477a33f4542d979e20347aa00c483b4287bd00ff1afb2700afd git-lfs-debugsource-3.2.0-2.el8_8.7.x86_64.rpm SHA-256: c3fd50abd49dd3a87457565d3cc66d5cd7c0353daf629e9c1cedb76d704dd799 The Red Hat security contact is secalert@redhat.com . More contact details at https://access.redhat.com/security/team/contact/ .