NetCube-Systems-Austria/kumquat-buildroot
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

package/libgit2: security bump to version 1.7.2

Browse Source 
Fixes the following security issues:

- CVE-2024-24575 (infinite loop DoS on revision lookup) and
- CVE-2024-24577 (heap out of bound write on index update)

https://github.com/libgit2/libgit2/releases/tag/v1.7.2

Signed-off-by: Nicolas Cavallari <nicolas.cavallari@green-communications.fr>
[Peter: mark as security bump]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit b7eb1dcbb6)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This commit is contained in:
Nicolas Cavallari 2024-03-14 13:27:34 +01:00 committed by Peter Korsgaard
parent b0444f7e3b
commit d8b3d4bf26
2 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
package/libgit2/libgit2.hash
View File

@ -1,3 +1,3 @@
# Locally calculated
sha256 17d2b292f21be3892b704dddff29327b3564f96099a1c53b00edc23160c71327 libgit2-1.7.1.tar.gz
sha256 de384e29d7efc9330c6cdb126ebf88342b5025d920dcb7c645defad85195ea7f libgit2-1.7.2.tar.gz
sha256 6f3c2cd59b057e366c1acc073b038135c52d77892bb33bd4d931c5369d3f062b COPYING

2
package/libgit2/libgit2.mk
View File

@ -4,7 +4,7 @@
#
################################################################################
LIBGIT2_VERSION = 1.7.1
LIBGIT2_VERSION = 1.7.2
LIBGIT2_SITE = $(call github,libgit2,libgit2,v$(LIBGIT2_VERSION))
LIBGIT2_LICENSE = \
GPL-2.0 with linking exception, \