package/libgit2: security bump to version 1.7.2
Fixes the following security issues:
- CVE-2024-24575 (infinite loop DoS on revision lookup) and
- CVE-2024-24577 (heap out of bound write on index update)
https://github.com/libgit2/libgit2/releases/tag/v1.7.2
Signed-off-by: Nicolas Cavallari <nicolas.cavallari@green-communications.fr>
[Peter: mark as security bump]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit b7eb1dcbb6
)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This commit is contained in:
parent
b0444f7e3b
commit
d8b3d4bf26
@ -1,3 +1,3 @@
|
|||||||
# Locally calculated
|
# Locally calculated
|
||||||
sha256 17d2b292f21be3892b704dddff29327b3564f96099a1c53b00edc23160c71327 libgit2-1.7.1.tar.gz
|
sha256 de384e29d7efc9330c6cdb126ebf88342b5025d920dcb7c645defad85195ea7f libgit2-1.7.2.tar.gz
|
||||||
sha256 6f3c2cd59b057e366c1acc073b038135c52d77892bb33bd4d931c5369d3f062b COPYING
|
sha256 6f3c2cd59b057e366c1acc073b038135c52d77892bb33bd4d931c5369d3f062b COPYING
|
||||||
|
@ -4,7 +4,7 @@
|
|||||||
#
|
#
|
||||||
################################################################################
|
################################################################################
|
||||||
|
|
||||||
LIBGIT2_VERSION = 1.7.1
|
LIBGIT2_VERSION = 1.7.2
|
||||||
LIBGIT2_SITE = $(call github,libgit2,libgit2,v$(LIBGIT2_VERSION))
|
LIBGIT2_SITE = $(call github,libgit2,libgit2,v$(LIBGIT2_VERSION))
|
||||||
LIBGIT2_LICENSE = \
|
LIBGIT2_LICENSE = \
|
||||||
GPL-2.0 with linking exception, \
|
GPL-2.0 with linking exception, \
|
||||||
|
Loading…
Reference in New Issue
Block a user