openwrt/packages
1
0
Fork 0
mirror of https://github.com/openwrt/packages.git synced 2026-05-31 06:51:51 +08:00
Code Issues Packages Projects Releases Wiki Activity

git-lfs: update to 3.7.1

Browse Source 
Fixes symlink traversal vulnerability (CVE-2025-26625) that allowed
writing files outside the repository on checkout/pull.

Other changes since 3.5.1:
- Add --refetch option to force re-download of LFS objects
- Add --json and --dry-run options for fetch operations
- Improve .netrc handling on Windows and macOS root CA support
- Upgrade to Go 1.25 (requires Linux kernel 3.2+)

Signed-off-by: Alexandru Ardelean <alex@shruggie.ro>
This commit is contained in:
Alexandru Ardelean
2026-04-22 12:12:17 +03:00
committed by Alexandru Ardelean
parent 5b4edd1277
commit f662de1b96
2 changed files with 14 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files
net/git-lfs/Makefile
+2 -2
View File
@@ -8,12 +8,12 @@
include $(TOPDIR)/rules.mk
PKG_NAME:=git-lfs
PKG_VERSION:=3.5.1
PKG_VERSION:=3.7.1
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-v$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://github.com/git-lfs/git-lfs/releases/download/v$(PKG_VERSION)
PKG_HASH:=fc19c7316e80a6ef674aa4e1863561c1263cd4ce0588b9989e4be9461664d752
PKG_HASH:=8f56058622edfea1d111e50e9844ef2f5ce670b2dbe4d55d48e765c943af4351
PKG_MAINTAINER:=Alexandru Ardelean <ardeleanalex@gmail.com>
PKG_LICENSE:=MIT
net/git-lfs/test.sh
+12 -1
View File
@@ -1,3 +1,14 @@
#!/bin/sh
git-lfs --version|grep "$2"
[ "$1" = "git-lfs" ] || exit 0
# Verify git-lfs registers itself as a git extension and core commands work
git lfs help 2>&1 | grep -q "track"
# Verify git-lfs env shows it is wired into git
git lfs env 2>&1 | grep -qi "git\|lfs\|endpoint"
# Verify key subcommands are available
git lfs help track 2>&1 | grep -qi "track"
git lfs help push 2>&1 | grep -qi "push"
git lfs help pull 2>&1 | grep -qi "pull"