This update for git-lfs fixes the following issues:

Update to 3.6.1: (boo#1235876):

  This release introduces a security fix for all platforms, which
  has been assigned CVE-2024-53263.

  When requesting credentials from Git for a remote host, prior
  versions of Git LFS passed portions of the host's URL to the
  git-credential(1) command without checking for embedded
  line-ending control characters, and then sent any credentials
  received back from the Git credential helper to the remote host.
  By inserting URL-encoded control characters such as line feed
  (LF) or carriage return (CR) characters into the URL, an attacker
  might have been able to retrieve a user's Git credentials.
  Git LFS now prevents bare line feed (LF) characters from being
  included in the values sent to the git-credential(1) command, and
  also prevents bare carriage return (CR) characters from being
  included unless the credential.protectProtocol configuration
  option is set to a value equivalent to false.

  * Bugs

    - Reject bare line-ending control characters in Git credential
      requests (@chrisd8088)

update to version 3.6.0:

- https://github.com/git-lfs/git-lfs/releases/tag/v3.6.0

update to 3.5.1:

  * Build release assets with Go 1.21 #5668 (@bk2204)
  * script/packagecloud: instantiate distro map properly #5662
    (@bk2204)
  * Install msgfmt on Windows in CI and release workflows
    #5666 (@chrisd8088)

update to version 3.4.1:

- https://github.com/git-lfs/git-lfs/releases/tag/v3.4.1