diff mbox series

[1/2] libgit2: update 1.7.1 -> 1.7.2

Message ID 20240218154240.1650484-1-simone.p.weiss@posteo.com
State Accepted, archived
Commit 7191dcae3853728dbb95c4901c2fdb73f9066a66
Headers show
Series [1/2] libgit2: update 1.7.1 -> 1.7.2 | expand

Commit Message

Simone Weiß Feb. 18, 2024, 3:42 p.m. UTC 
From: Simone Weiß <simone.p.weiss@posteo.com>

Update libgit2 to pull in securtiy fixes.

Changelog summary:
- A bug in git_revparse_single is fixed that could cause a Denial of
  Service attack. This fixes CVE-2024-24575

 - A bug in git_index_add is fixed that could lead to arbitrary code execution.
   This fixes CVE-2024-24577

 - A bug in the smart transport negotiation could have caused an out-of-bounds
   read.

Signed-off-by: Simone Weiß <simone.p.weiss@posteo.com>
---
 .../libgit2/{libgit2_1.7.1.bb => libgit2_1.7.2.bb}              | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
 rename meta/recipes-support/libgit2/{libgit2_1.7.1.bb => libgit2_1.7.2.bb} (92%)
diff mbox series

Patch

diff --git a/meta/recipes-support/libgit2/libgit2_1.7.1.bb b/meta/recipes-support/libgit2/libgit2_1.7.2.bb
similarity index 92%
rename from meta/recipes-support/libgit2/libgit2_1.7.1.bb
rename to meta/recipes-support/libgit2/libgit2_1.7.2.bb
index 92af0b8454..d1629c0c0b 100644
--- a/meta/recipes-support/libgit2/libgit2_1.7.1.bb
+++ b/meta/recipes-support/libgit2/libgit2_1.7.2.bb
@@ -6,7 +6,7 @@  LIC_FILES_CHKSUM = "file://COPYING;md5=5bdf47bbc9a39dc6ce076d59e322dc17"
 DEPENDS = "curl openssl zlib libssh2 libgcrypt libpcre2"
 
 SRC_URI = "git://github.com/libgit2/libgit2.git;branch=maint/v1.7;protocol=https"
-SRCREV = "a2bde63741977ca0f4ef7db2f609df320be67a08"
+SRCREV = "a418d9d4ab87bae16b87d8f37143a4687ae0e4b2"
 
 S = "${WORKDIR}/git"