[ELSA-2023-2866] git-lfs security and bug fix update

Severity Moderate

Affected Packages 1

CVEs 3

[3.2.0-2]
- Rebuild with Golang-1.19.4
- Resolves: #2163744

[3.2.0-1]
- Update to version 3.2.0
- Resolves: #2139382

[2.13.3-2]
- Define %gobuild macro with proper ldflags
- Related: rhbz#2021549

[2.13.3-1]
- Update to version 2.13.3
- Fixed round brackets in Provides
- Moved manpages.tgz to look-a-side cache
- Resolves: rhbz#2021549, rhbz#1870080, rhbz#1866441

[2.11.0-2]
- Removed mangen source file
- Cleaned docs/man folder
- Resolves: rhbz#1852842

[2.11.0-1]
- Update to version 2.11.0
- Resolves: rhbz#1783391

[2.4.1-3]
- Add pregenerated manpages, due to missing dependency 'ronn' in rhel7.

[2.4.1-2]
- Initial build for rh-git218-git-lfs-2.4.1

[2.4.1-2]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild

[2.4.1-1]
- Update to latest release

[2.4.0-3]
- Fix %preun to correctly remove the lfs filter on uninstall (rhbz#1580357)

[2.4.0-2]
- Add %go_arches fallback to work around Koji issues

[2.4.0-1]
- Update to latest release.

[2.3.4-6]
- Add patches to build with Go 1.10.

[2.3.4-5]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild

[2.3.4-4]
- Use vendored libraries on RHEL
- Skip test on RHEL
- Don't build man pages on RHEL due to missing ronn
- Don't build html versions of man pages

[2.3.4-3]
- Require git-core instead of git.

[2.3.4-2]
- Patch tests to work on slow systems like arm and aarch builders.
- Fix 'git lfs help' command.

[2.3.4-1]
- Update to latest release.
- Run all tests during build.

[2.2.1-3]
- Remove redundant doc tag on manpages.
- Use path macros in %post/%postun.

[2.2.1-2]
- Disable unnecessary subpackages.

[2.2.1-1]
- Update to latest version.

[2.0.2-2]
- Patch up to build with Go 1.7

[2.0.2-1]
- Update to latest release
- Add some requested macros

[2.0.1-1]
- Update to latest release
- Don't disable git-lfs globally during upgrade

[2.0.0-1]
- Update to latest release

[1.5.5-1]
- Update to latest release
- Add -devel and -unit-test-devel subpackages
- Add post/preun scriptlets for global enablement

[1.2.0-1]
- Initial package

Package	Affected Version
pkg:rpm/oraclelinux/git-lfs?distro=oraclelinux-8	< 3.2.0-2.el8

ID

ELSA-2023-2866

Severity

moderate

URL

https://linux.oracle.com/errata/ELSA-2023-2866.html

Published

2023-05-24T00:00:00
(16 months ago)

Modified

2023-05-24T00:00:00
(16 months ago)

Rights

Other Advisories

Source	# ID	URL
elsa	ELSA-2023-2866	https://linux.oracle.com/errata/ELSA-2023-2866.html
CVE	CVE-2022-2880	https://linux.oracle.com/cve/CVE-2022-2880.html
CVE	CVE-2022-41717	https://linux.oracle.com/cve/CVE-2022-41717.html
CVE	CVE-2022-41715	https://linux.oracle.com/cve/CVE-2022-41715.html

Type	Package URL	Namespace	Name / Product	Version	Distribution / Platform	Arch	Patch / Fix
Affected	pkg:rpm/oraclelinux/git-lfs?distro=oraclelinux-8	oraclelinux	git-lfs	< 3.2.0-2.el8	oraclelinux-8

# CVE	Description	CVSS	EPSS	EPSS Trend (30 days)	Affected Products	Weaknesses	Security Advisories	Exploits	PoC	Pubblication Date	Modification Date
# CVE	Description	CVSS	EPSS	EPSS Trend (30 days)	Affected Products	Weaknesses	Security Advisories	PoC	Pubblication Date	Modification Date