From: Simone Weiß <simone.p.weiss@posteo.com>
Date: Sun, 18 Feb 2024 15:42:40 +0000 (+0000)
Subject: libgit2: update 1.7.1 -> 1.7.2
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=7191dcae3853728dbb95c4901c2fdb73f9066a66;p=thirdparty%2Fopenembedded%2Fopenembedded-core-contrib.git

libgit2: update 1.7.1 -> 1.7.2

Update libgit2 to pull in securtiy fixes.

Changelog summary:
- A bug in git_revparse_single is fixed that could cause a Denial of
  Service attack. This fixes CVE-2024-24575

 - A bug in git_index_add is fixed that could lead to arbitrary code execution.
   This fixes CVE-2024-24577

 - A bug in the smart transport negotiation could have caused an out-of-bounds
   read.

Signed-off-by: Simone Weiß <simone.p.weiss@posteo.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---

diff --git a/meta/recipes-support/libgit2/libgit2_1.7.1.bb b/meta/recipes-support/libgit2/libgit2_1.7.2.bb
similarity index 92%
rename from meta/recipes-support/libgit2/libgit2_1.7.1.bb
rename to meta/recipes-support/libgit2/libgit2_1.7.2.bb
index 92af0b84540..d1629c0c0ba 100644
--- a/meta/recipes-support/libgit2/libgit2_1.7.1.bb
+++ b/meta/recipes-support/libgit2/libgit2_1.7.2.bb
@@ -6,7 +6,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=5bdf47bbc9a39dc6ce076d59e322dc17"
 DEPENDS = "curl openssl zlib libssh2 libgcrypt libpcre2"
 
 SRC_URI = "git://github.com/libgit2/libgit2.git;branch=maint/v1.7;protocol=https"
-SRCREV = "a2bde63741977ca0f4ef7db2f609df320be67a08"
+SRCREV = "a418d9d4ab87bae16b87d8f37143a4687ae0e4b2"
 
 S = "${WORKDIR}/git"