]> git.ipfire.org Git - thirdparty/openembedded/openembedded-core.git/commit
projects / thirdparty / openembedded / openembedded-core.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 40cd768) | patch
libgit2: update 1.7.1 -> 1.7.2
authorSimone Weiß <simone.p.weiss@posteo.com>
Sun, 18 Feb 2024 15:42:40 +0000 (15:42 +0000)
committerRichard Purdie <richard.purdie@linuxfoundation.org>
Sun, 18 Feb 2024 22:02:23 +0000 (22:02 +0000)
commit7191dcae3853728dbb95c4901c2fdb73f9066a66
tree90835cb778998ca651e1828573b32f4b711e6c92tree
parent40cd768368167f81de5bb55e9ff0584035f4c1b4commit | diff
libgit2: update 1.7.1 -> 1.7.2

Update libgit2 to pull in securtiy fixes.

Changelog summary:
- A bug in git_revparse_single is fixed that could cause a Denial of
  Service attack. This fixes CVE-2024-24575

 - A bug in git_index_add is fixed that could lead to arbitrary code execution.
   This fixes CVE-2024-24577

 - A bug in the smart transport negotiation could have caused an out-of-bounds
   read.

Signed-off-by: Simone Weiß <simone.p.weiss@posteo.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
meta/recipes-support/libgit2/libgit2_1.7.2.bb [moved from meta/recipes-support/libgit2/libgit2_1.7.1.bb with 92% similarity] diff | blob | blame | history
Mirror of git://git.openembedded.org/openembedded-core