红帽产品勘误 RHSA-2026:14200 - Security Advisory
发布:
2026-05-06
已更新:
2026-05-06

RHSA-2026:14200 - Security Advisory

概述

Important: git-lfs security update

类型/严重性

Security Advisory: Important

Red Hat Insights 补丁分析

识别并修复受此公告影响的系统。

查看受影响的系统

标题

An update for git-lfs is now available for Red Hat Enterprise Linux 9.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

描述

Git Large File Storage (LFS) replaces large files such as audio samples, videos, datasets, and graphics with text pointers inside Git, while storing the file contents on a remote server.

Security Fix(es):

  • golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root (CVE-2026-32282)
  • crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages (CVE-2026-32283)
  • crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building (CVE-2026-32280)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

解决方案

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

受影响的产品

  • Red Hat Enterprise Linux for x86_64 9 x86_64
  • Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.8 x86_64
  • Red Hat Enterprise Linux for IBM z Systems 9 s390x
  • Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.8 s390x
  • Red Hat Enterprise Linux for Power, little endian 9 ppc64le
  • Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.8 ppc64le
  • Red Hat Enterprise Linux for ARM 64 9 aarch64
  • Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.8 aarch64
  • Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.8 ppc64le
  • Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.8 x86_64
  • Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.8 aarch64
  • Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.8 s390x
  • Red Hat Enterprise Linux for x86_64 - Extended Life Cycle 9.8 x86_64
  • Red Hat Enterprise Linux for ARM 64 - Extended Life Cycle 9.8 aarch64
  • Red Hat Enterprise Linux for Power, little endian - Extended Life Cycle 9.8 ppc64le
  • Red Hat Enterprise Linux for IBM z Systems - Extended Life Cycle 9.8 s390x

修复

  • BZ - 2456336 - CVE-2026-32282 golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root
  • BZ - 2456338 - CVE-2026-32283 crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages
  • BZ - 2456339 - CVE-2026-32280 crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building

Red Hat Enterprise Linux for x86_64 9

SRPM
git-lfs-3.6.1-8.el9_7.1.src.rpm SHA-256: 6fd0634f3d7343031d07196deb746d9f0550d01a03dadc543a840fcb83be08da
x86_64
git-lfs-3.6.1-8.el9_7.1.x86_64.rpm SHA-256: b378209fce43e61bd10a9e2ee7b32992169e1e9afff3f3d940a427481cec52f8
git-lfs-debuginfo-3.6.1-8.el9_7.1.x86_64.rpm SHA-256: c43e8825ea67e015414da04262c8ab66d649409d7c3add1084be106d2a4884e0
git-lfs-debugsource-3.6.1-8.el9_7.1.x86_64.rpm SHA-256: a60c3cac8dd9fef18010b0cbeecbd9c0396f600fe5c3962f849ef057c61fd7b6

Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.8

SRPM
git-lfs-3.6.1-8.el9_7.1.src.rpm SHA-256: 6fd0634f3d7343031d07196deb746d9f0550d01a03dadc543a840fcb83be08da
x86_64
git-lfs-3.6.1-8.el9_7.1.x86_64.rpm SHA-256: b378209fce43e61bd10a9e2ee7b32992169e1e9afff3f3d940a427481cec52f8
git-lfs-debuginfo-3.6.1-8.el9_7.1.x86_64.rpm SHA-256: c43e8825ea67e015414da04262c8ab66d649409d7c3add1084be106d2a4884e0
git-lfs-debugsource-3.6.1-8.el9_7.1.x86_64.rpm SHA-256: a60c3cac8dd9fef18010b0cbeecbd9c0396f600fe5c3962f849ef057c61fd7b6

Red Hat Enterprise Linux for IBM z Systems 9

SRPM
git-lfs-3.6.1-8.el9_7.1.src.rpm SHA-256: 6fd0634f3d7343031d07196deb746d9f0550d01a03dadc543a840fcb83be08da
s390x
git-lfs-3.6.1-8.el9_7.1.s390x.rpm SHA-256: 0b0d9d94ca63344adc2b2d4c010a04b54b38842eabfca27b395d7905dddc55c2
git-lfs-debuginfo-3.6.1-8.el9_7.1.s390x.rpm SHA-256: bf92b046a81438beff5f24200261e3e077ba637da02a1362864e495f8cc89df9
git-lfs-debugsource-3.6.1-8.el9_7.1.s390x.rpm SHA-256: d123fa08dbc88f7533f918b81d772f5e1b2c12b5bace963505dbb5f44df81350

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.8

SRPM
git-lfs-3.6.1-8.el9_7.1.src.rpm SHA-256: 6fd0634f3d7343031d07196deb746d9f0550d01a03dadc543a840fcb83be08da
s390x
git-lfs-3.6.1-8.el9_7.1.s390x.rpm SHA-256: 0b0d9d94ca63344adc2b2d4c010a04b54b38842eabfca27b395d7905dddc55c2
git-lfs-debuginfo-3.6.1-8.el9_7.1.s390x.rpm SHA-256: bf92b046a81438beff5f24200261e3e077ba637da02a1362864e495f8cc89df9
git-lfs-debugsource-3.6.1-8.el9_7.1.s390x.rpm SHA-256: d123fa08dbc88f7533f918b81d772f5e1b2c12b5bace963505dbb5f44df81350

Red Hat Enterprise Linux for Power, little endian 9

SRPM
git-lfs-3.6.1-8.el9_7.1.src.rpm SHA-256: 6fd0634f3d7343031d07196deb746d9f0550d01a03dadc543a840fcb83be08da
ppc64le
git-lfs-3.6.1-8.el9_7.1.ppc64le.rpm SHA-256: 8f1f57c1b395a7827f5f177ad1de45ef4c9859be93c5552976111b563ced1c95
git-lfs-debuginfo-3.6.1-8.el9_7.1.ppc64le.rpm SHA-256: b00fbbda320d7b19af6cbd48a1a71961f5f59eea02395676a5a597b6815dbfb3
git-lfs-debugsource-3.6.1-8.el9_7.1.ppc64le.rpm SHA-256: 0d54ef6aaea5c46a58cb59d4f66543743f3f5c5848b071ddaf3caa4cf460c397

Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.8

SRPM
git-lfs-3.6.1-8.el9_7.1.src.rpm SHA-256: 6fd0634f3d7343031d07196deb746d9f0550d01a03dadc543a840fcb83be08da
ppc64le
git-lfs-3.6.1-8.el9_7.1.ppc64le.rpm SHA-256: 8f1f57c1b395a7827f5f177ad1de45ef4c9859be93c5552976111b563ced1c95
git-lfs-debuginfo-3.6.1-8.el9_7.1.ppc64le.rpm SHA-256: b00fbbda320d7b19af6cbd48a1a71961f5f59eea02395676a5a597b6815dbfb3
git-lfs-debugsource-3.6.1-8.el9_7.1.ppc64le.rpm SHA-256: 0d54ef6aaea5c46a58cb59d4f66543743f3f5c5848b071ddaf3caa4cf460c397

Red Hat Enterprise Linux for ARM 64 9

SRPM
git-lfs-3.6.1-8.el9_7.1.src.rpm SHA-256: 6fd0634f3d7343031d07196deb746d9f0550d01a03dadc543a840fcb83be08da
aarch64
git-lfs-3.6.1-8.el9_7.1.aarch64.rpm SHA-256: ff8e1a9a4811d4cae7c871b35c17b99b2d5e3b7bbfe552cd5f74e09dad409082
git-lfs-debuginfo-3.6.1-8.el9_7.1.aarch64.rpm SHA-256: 75b304ef21e402a6e2e302bcb9454caf08269684ec80b765828599e9fbd21d08
git-lfs-debugsource-3.6.1-8.el9_7.1.aarch64.rpm SHA-256: 927302cea77ef1de8c28dab483b5ccc450231e891b776411926ac13bb3d90e49

Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.8

SRPM
git-lfs-3.6.1-8.el9_7.1.src.rpm SHA-256: 6fd0634f3d7343031d07196deb746d9f0550d01a03dadc543a840fcb83be08da
aarch64
git-lfs-3.6.1-8.el9_7.1.aarch64.rpm SHA-256: ff8e1a9a4811d4cae7c871b35c17b99b2d5e3b7bbfe552cd5f74e09dad409082
git-lfs-debuginfo-3.6.1-8.el9_7.1.aarch64.rpm SHA-256: 75b304ef21e402a6e2e302bcb9454caf08269684ec80b765828599e9fbd21d08
git-lfs-debugsource-3.6.1-8.el9_7.1.aarch64.rpm SHA-256: 927302cea77ef1de8c28dab483b5ccc450231e891b776411926ac13bb3d90e49

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.8

SRPM
git-lfs-3.6.1-8.el9_7.1.src.rpm SHA-256: 6fd0634f3d7343031d07196deb746d9f0550d01a03dadc543a840fcb83be08da
ppc64le
git-lfs-3.6.1-8.el9_7.1.ppc64le.rpm SHA-256: 8f1f57c1b395a7827f5f177ad1de45ef4c9859be93c5552976111b563ced1c95
git-lfs-debuginfo-3.6.1-8.el9_7.1.ppc64le.rpm SHA-256: b00fbbda320d7b19af6cbd48a1a71961f5f59eea02395676a5a597b6815dbfb3
git-lfs-debugsource-3.6.1-8.el9_7.1.ppc64le.rpm SHA-256: 0d54ef6aaea5c46a58cb59d4f66543743f3f5c5848b071ddaf3caa4cf460c397

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.8

SRPM
git-lfs-3.6.1-8.el9_7.1.src.rpm SHA-256: 6fd0634f3d7343031d07196deb746d9f0550d01a03dadc543a840fcb83be08da
x86_64
git-lfs-3.6.1-8.el9_7.1.x86_64.rpm SHA-256: b378209fce43e61bd10a9e2ee7b32992169e1e9afff3f3d940a427481cec52f8
git-lfs-debuginfo-3.6.1-8.el9_7.1.x86_64.rpm SHA-256: c43e8825ea67e015414da04262c8ab66d649409d7c3add1084be106d2a4884e0
git-lfs-debugsource-3.6.1-8.el9_7.1.x86_64.rpm SHA-256: a60c3cac8dd9fef18010b0cbeecbd9c0396f600fe5c3962f849ef057c61fd7b6

Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.8

SRPM
git-lfs-3.6.1-8.el9_7.1.src.rpm SHA-256: 6fd0634f3d7343031d07196deb746d9f0550d01a03dadc543a840fcb83be08da
aarch64
git-lfs-3.6.1-8.el9_7.1.aarch64.rpm SHA-256: ff8e1a9a4811d4cae7c871b35c17b99b2d5e3b7bbfe552cd5f74e09dad409082
git-lfs-debuginfo-3.6.1-8.el9_7.1.aarch64.rpm SHA-256: 75b304ef21e402a6e2e302bcb9454caf08269684ec80b765828599e9fbd21d08
git-lfs-debugsource-3.6.1-8.el9_7.1.aarch64.rpm SHA-256: 927302cea77ef1de8c28dab483b5ccc450231e891b776411926ac13bb3d90e49

Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.8

SRPM
git-lfs-3.6.1-8.el9_7.1.src.rpm SHA-256: 6fd0634f3d7343031d07196deb746d9f0550d01a03dadc543a840fcb83be08da
s390x
git-lfs-3.6.1-8.el9_7.1.s390x.rpm SHA-256: 0b0d9d94ca63344adc2b2d4c010a04b54b38842eabfca27b395d7905dddc55c2
git-lfs-debuginfo-3.6.1-8.el9_7.1.s390x.rpm SHA-256: bf92b046a81438beff5f24200261e3e077ba637da02a1362864e495f8cc89df9
git-lfs-debugsource-3.6.1-8.el9_7.1.s390x.rpm SHA-256: d123fa08dbc88f7533f918b81d772f5e1b2c12b5bace963505dbb5f44df81350

Red Hat Enterprise Linux for x86_64 - Extended Life Cycle 9.8

SRPM
git-lfs-3.6.1-8.el9_7.1.src.rpm SHA-256: 6fd0634f3d7343031d07196deb746d9f0550d01a03dadc543a840fcb83be08da
x86_64
git-lfs-3.6.1-8.el9_7.1.x86_64.rpm SHA-256: b378209fce43e61bd10a9e2ee7b32992169e1e9afff3f3d940a427481cec52f8
git-lfs-debuginfo-3.6.1-8.el9_7.1.x86_64.rpm SHA-256: c43e8825ea67e015414da04262c8ab66d649409d7c3add1084be106d2a4884e0
git-lfs-debugsource-3.6.1-8.el9_7.1.x86_64.rpm SHA-256: a60c3cac8dd9fef18010b0cbeecbd9c0396f600fe5c3962f849ef057c61fd7b6

Red Hat Enterprise Linux for ARM 64 - Extended Life Cycle 9.8

SRPM
git-lfs-3.6.1-8.el9_7.1.src.rpm SHA-256: 6fd0634f3d7343031d07196deb746d9f0550d01a03dadc543a840fcb83be08da
aarch64
git-lfs-3.6.1-8.el9_7.1.aarch64.rpm SHA-256: ff8e1a9a4811d4cae7c871b35c17b99b2d5e3b7bbfe552cd5f74e09dad409082
git-lfs-debuginfo-3.6.1-8.el9_7.1.aarch64.rpm SHA-256: 75b304ef21e402a6e2e302bcb9454caf08269684ec80b765828599e9fbd21d08
git-lfs-debugsource-3.6.1-8.el9_7.1.aarch64.rpm SHA-256: 927302cea77ef1de8c28dab483b5ccc450231e891b776411926ac13bb3d90e49

Red Hat Enterprise Linux for Power, little endian - Extended Life Cycle 9.8

SRPM
git-lfs-3.6.1-8.el9_7.1.src.rpm SHA-256: 6fd0634f3d7343031d07196deb746d9f0550d01a03dadc543a840fcb83be08da
ppc64le
git-lfs-3.6.1-8.el9_7.1.ppc64le.rpm SHA-256: 8f1f57c1b395a7827f5f177ad1de45ef4c9859be93c5552976111b563ced1c95
git-lfs-debuginfo-3.6.1-8.el9_7.1.ppc64le.rpm SHA-256: b00fbbda320d7b19af6cbd48a1a71961f5f59eea02395676a5a597b6815dbfb3
git-lfs-debugsource-3.6.1-8.el9_7.1.ppc64le.rpm SHA-256: 0d54ef6aaea5c46a58cb59d4f66543743f3f5c5848b071ddaf3caa4cf460c397

Red Hat Enterprise Linux for IBM z Systems - Extended Life Cycle 9.8

SRPM
git-lfs-3.6.1-8.el9_7.1.src.rpm SHA-256: 6fd0634f3d7343031d07196deb746d9f0550d01a03dadc543a840fcb83be08da
s390x
git-lfs-3.6.1-8.el9_7.1.s390x.rpm SHA-256: 0b0d9d94ca63344adc2b2d4c010a04b54b38842eabfca27b395d7905dddc55c2
git-lfs-debuginfo-3.6.1-8.el9_7.1.s390x.rpm SHA-256: bf92b046a81438beff5f24200261e3e077ba637da02a1362864e495f8cc89df9
git-lfs-debugsource-3.6.1-8.el9_7.1.s390x.rpm SHA-256: d123fa08dbc88f7533f918b81d772f5e1b2c12b5bace963505dbb5f44df81350

Red Hat 安全团队联络方式为 secalert@redhat.com。 更多联络细节请参考 https://access.redhat.com/security/team/contact/