projects / buildroot.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 760fbe7) | patch
libgit2: security bump to version 0.27.4
authorBaruch Siach <baruch@tkos.co.il>
Tue, 7 Aug 2018 05:33:20 +0000 (08:33 +0300)
committerPeter Korsgaard <peter@korsgaard.com>
Wed, 8 Aug 2018 14:20:10 +0000 (16:20 +0200)
commitfffc281e6ecd7c460869e6098b30928334eb8b10
tree1834175082b9e54f45beeaaac968ce7144facea1tree
parent760fbe789c77571b2baf1ddbb3b10207ece7fd7acommit | diff
libgit2: security bump to version 0.27.4

Fixes CVE-2018-10887 and CVE-2018-10888: out-of-bounds reads when
reading objects from a packfile.

Also fixes out-of-bounds reads when processing smart-protocol "ng"
packets (no known CVE yet).

Drop upstream patch.

Cc: Nicolas Cavallari <nicolas.cavallari@green-communications.fr>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Reviewed-By: Nicolas Cavallari <nicolas.cavallari@green-communications.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
package/libgit2/0001-Fix-build-with-LibreSSL-2.7.patch [deleted file] blob | history
package/libgit2/libgit2.hash diff | blob | history
package/libgit2/libgit2.mk diff | blob | history