-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Tue, 21 Jan 2025 10:54:02 +0100 Source: git-lfs Architecture: source Version: 3.3.0-1+deb12u1 Distribution: bookworm-security Urgency: high Maintainer: Debian Go Packaging Team Changed-By: Andrej Shadura Changes: git-lfs (3.3.0-1+deb12u1) bookworm-security; urgency=high . * Non-maintainer upload by the Security Team. * Apply upstream patch to fix CVE-2024-53263: - Reject LF bytes in credential data Checksums-Sha1: 56d5bfaa33479930d209e6966422afc7ed9d2bf4 2099 git-lfs_3.3.0-1+deb12u1.dsc 255d1474c437684d1fcb59e03ea549c2ec98ac97 656080 git-lfs_3.3.0.orig.tar.gz 386b76af4a349ade0bff272a76b2514e7649efe0 8040 git-lfs_3.3.0-1+deb12u1.debian.tar.xz 7aeac03ffb8eed2dffc3995b9d4a3db766ff868c 8699 git-lfs_3.3.0-1+deb12u1_source.buildinfo Checksums-Sha256: 43d3edadcb2124b3a35bb9343221233935cd7fa51c5fa635c6725e3eb9f804e7 2099 git-lfs_3.3.0-1+deb12u1.dsc d5eeb9ee33188d3dd6a391f8a39b96d271f10295129789e5b3a1ac0e9f5114f5 656080 git-lfs_3.3.0.orig.tar.gz 482cfb76c121d720401f67f262935168287efb30ca48dff8c599336d844740c0 8040 git-lfs_3.3.0-1+deb12u1.debian.tar.xz a264a164b8c5f67151170c8c32e9f7c27e9525f1bbfa20e24dbf9e59953455ea 8699 git-lfs_3.3.0-1+deb12u1_source.buildinfo Files: 9e9757300b29834a006a0b5fe07bae14 2099 vcs optional git-lfs_3.3.0-1+deb12u1.dsc 8cc2526bc455f8185e58cd0380bf9b31 656080 vcs optional git-lfs_3.3.0.orig.tar.gz 5e771c3fa47891859ea2440209a3ac62 8040 vcs optional git-lfs_3.3.0-1+deb12u1.debian.tar.xz b33aad979754f2e729f94d91531c2489 8699 vcs optional git-lfs_3.3.0-1+deb12u1_source.buildinfo -----BEGIN PGP SIGNATURE----- iHUEARYKAB0WIQSD3NF/RLIsyDZW7aHoRGtKyMdyYQUCZ5CjXQAKCRDoRGtKyMdy YbKrAQCGFmqnUClEc5gQtbMoBhyH3PwkfSHO9LltIXrQGgZjIAD8DpqyprfbFjQW qi7wg+OoXm8sFtddyEE/Si2OlVX8tg4= =pD4w -----END PGP SIGNATURE-----