From: Simone Weiß <[email protected]> Update libgit2 to pull in securtiy fixes.
Changelog summary: - A bug in git_revparse_single is fixed that could cause a Denial of Service attack. This fixes CVE-2024-24575 - A bug in git_index_add is fixed that could lead to arbitrary code execution. This fixes CVE-2024-24577 - A bug in the smart transport negotiation could have caused an out-of-bounds read. Signed-off-by: Simone Weiß <[email protected]> --- .../libgit2/{libgit2_1.7.1.bb => libgit2_1.7.2.bb} | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) rename meta/recipes-support/libgit2/{libgit2_1.7.1.bb => libgit2_1.7.2.bb} (92%) diff --git a/meta/recipes-support/libgit2/libgit2_1.7.1.bb b/meta/recipes-support/libgit2/libgit2_1.7.2.bb similarity index 92% rename from meta/recipes-support/libgit2/libgit2_1.7.1.bb rename to meta/recipes-support/libgit2/libgit2_1.7.2.bb index 92af0b8454..d1629c0c0b 100644 --- a/meta/recipes-support/libgit2/libgit2_1.7.1.bb +++ b/meta/recipes-support/libgit2/libgit2_1.7.2.bb @@ -6,7 +6,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=5bdf47bbc9a39dc6ce076d59e322dc17" DEPENDS = "curl openssl zlib libssh2 libgcrypt libpcre2" SRC_URI = "git://github.com/libgit2/libgit2.git;branch=maint/v1.7;protocol=https" -SRCREV = "a2bde63741977ca0f4ef7db2f609df320be67a08" +SRCREV = "a418d9d4ab87bae16b87d8f37143a4687ae0e4b2" S = "${WORKDIR}/git" -- 2.39.2
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#195834): https://lists.openembedded.org/g/openembedded-core/message/195834 Mute This Topic: https://lists.openembedded.org/mt/104429116/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
