mirrors/poky
1
0
Fork 0
mirror of https://git.yoctoproject.org/poky synced 2026-01-29 21:08:42 +01:00
Code Issues Packages Projects Releases Wiki Activity

libgit2: update 1.7.1 -> 1.7.2

Browse Source 
Update libgit2 to pull in securtiy fixes.

Changelog summary:
- A bug in git_revparse_single is fixed that could cause a Denial of
  Service attack. This fixes CVE-2024-24575

 - A bug in git_index_add is fixed that could lead to arbitrary code execution.
   This fixes CVE-2024-24577

 - A bug in the smart transport negotiation could have caused an out-of-bounds
   read.

(From OE-Core rev: 7191dcae3853728dbb95c4901c2fdb73f9066a66)

Signed-off-by: Simone Weiß <simone.p.weiss@posteo.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This commit is contained in:
Simone Weiß
2024-02-18 15:42:40 +00:00
committed by Richard Purdie
parent dc87dcffd3
commit 591406e756
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
meta/recipes-support/libgit2/libgit2_1.7.1.bb → meta/recipes-support/libgit2/libgit2_1.7.2.bb
View File

@@ -6,7 +6,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=5bdf47bbc9a39dc6ce076d59e322dc17"
DEPENDS = "curl openssl zlib libssh2 libgcrypt libpcre2"
SRC_URI = "git://github.com/libgit2/libgit2.git;branch=maint/v1.7;protocol=https"
SRCREV = "a2bde63741977ca0f4ef7db2f609df320be67a08"
SRCREV = "a418d9d4ab87bae16b87d8f37143a4687ae0e4b2"
S = "${WORKDIR}/git"