Name of the Vulnerable Software and Affected Versions git-annex versions prior to 6.20160419

Description A bug in git-annex exposed the checksum of annexed files to encrypted special remotes, which should not have access to this information. This issue occurred when resuming uploads to the encrypted special remote and is considered a low-severity security hole.

Recommendations For versions prior to 6.20160419, update to git-annex version 6.20160419 to resolve the issue. As a temporary workaround, consider avoiding resuming uploads to encrypted special remotes until the update is applied.