./devel/libgit2, Portable, pure C implementation of the Git core methods

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]

Branch: CURRENT, Version: 0.27.4, Package name: libgit2-0.27.4, Maintainer: pkgsrc-users

libgit2 is a portable, pure C implementation of the Git core methods provided as
a re-entrant linkable library with a solid API, allowing you to write native
speed custom Git applications in any language which supports C bindings.

Required to run:
[www/curl] [security/libssh2] [lang/python27] [www/http-parser]

Required to build:

Master sites:

SHA1: 47392972e2c9689dbce0cf68b1e678fcc9915c2a
RMD160: 6efb878890e638d2f780f80351827a46b0a63510
Filesize: 4660.404 KB

Version history: (Expand)

CVS history: (Expand)

   2018-09-23 17:11:43 by Takahiro Kambe | Files touched by this commit (2) | Package updated
Log message:
devel/libgit2: update to 0.27.4


This is a security release fixing out-of-bounds reads when
processing smart-protocol "ng" packets.

When parsing an "ng" packet, we keep track of both the current position
as well as the remaining length of the packet itself. But instead of
taking care not to exceed the length, we pass the current pointer's
position to `strchr`, which will search for a certain character until
hitting NUL. It is thus possible to create a crafted packet which
doesn't contain a NUL byte to trigger an out-of-bounds read.

The issue was discovered by the oss-fuzz project, issue 9406.


This is a security release fixing out-of-bounds reads when
reading objects from a packfile. This corresponds to
CVE-2018-10887 and CVE-2018-10888, which were both reported by
Riccardo Schirone.

When packing objects into a single so-called packfile, objects
may not get stored as complete copies but instead as deltas
against another object "base". A specially crafted delta object
could trigger an integer overflow and thus bypass our input
validation, which may result in copying memory before or after
the base object into the final deflated object. This may lead to
objects containing copies of system memory being written into the
object database. As the hash of those objects cannot be easily
controlled by the attacker, it is unlikely that any of those
objects will be valid and referenced by the commit graph.

Note that the error could also be triggered by the function
`git_apply__patch`. But as this function is not in use outside of
our test suite, it is not a possible attack vector.
   2018-08-16 20:55:17 by Adam Ciarcinski | Files touched by this commit (653) | Package updated
Log message:
revbump after boost-libs update
   2018-06-05 20:48:23 by Thomas Klausner | Files touched by this commit (2) | Package updated
Log message:
libgit2: update to 0.27.1.


This is a security release fixing insufficient validation of submodule names
(CVE-2018-11235, reported by Etienne Stalmans) and disallows `.gitmodules` files
as symlinks.

While submodule names come from the untrusted ".gitmodules" file, we \ 
append the name to "$GIT_DIR/modules" to construct the final path of the
submodule repository. In case the name contains e.g. "../", an \ 
adversary would
be able to escape your repository and write data at arbitrary paths. In
accordance with git, we now enforce some rules for submodule names which will
cause libgit2 to ignore these malicious names.

Adding a symlink as `.gitmodules` into the index from the workdir or checking
out such files is not allowed as this can make a Git implementation write
outside of the repository and bypass the `fsck` checks for CVE-2018-11235.

libgit2 is not susceptible to CVE-2018-11233.
   2018-04-29 23:32:09 by Adam Ciarcinski | Files touched by this commit (629) | Package updated
Log message:
revbump for boost-libs update
   2018-04-17 12:50:24 by Thomas Klausner | Files touched by this commit (3) | Package updated
Log message:
libgit2: update to 0.27.0.


### Changes or improvements

* Improved `p_unlink` in `posix_w32.c` to try and make a file writable
  before sleeping in the retry loop to prevent unnecessary calls to sleep.

* The CMake build infrastructure has been improved to speed up building time.

* A new CMake option "-DUSE_HTTPS=<backend>" makes it possible \ 
to explicitly
  choose an HTTP backend.

* A new CMake option "-DSHA1_BACKEND=<backend>" makes it \ 
possible to explicitly
  choose an SHA1 backend. The collision-detecting backend is now the default.

* A new CMake option "-DUSE_BUNDLED_ZLIB" makes it possible to \ 
explicitly use
  the bundled zlib library.

* A new CMake option "-DENABLE_REPRODUCIBLE_BUILDS" makes it possible to
  generate a reproducible static archive. This requires support from your

* The minimum required CMake version has been bumped to 2.8.11.

* Writing to a configuration file now preserves the case of the key given by the
  caller for the case-insensitive portions of the key (existing sections are
  used even if they don't match).

* We now support conditional includes in configuration files.

* Fix for handling re-reading of configuration files with includes.

* Fix for reading patches which contain exact renames only.

* Fix for reading patches with whitespace in the compared files' paths.

* We will now fill `FETCH_HEAD` from all passed refspecs instead of overwriting
  with the last one.

* There is a new diff option, `GIT_DIFF_INDENT_HEURISTIC` which activates a
  heuristic which takes into account whitespace and indentation in order to
  produce better diffs when dealing with ambiguous diff hunks.

* Fix for pattern-based ignore rules where files ignored by a rule cannot be
  un-ignored by another rule.

* Sockets opened by libgit2 are now being closed on exec(3) if the platform
  supports it.

* Fix for peeling annotated tags from packed-refs files.

* Fix reading huge loose objects from the object database.

* Fix files not being treated as modified when only the file mode has changed.

* We now explicitly reject adding submodules to the index via

* Fix handling of `GIT_DIFF_FIND_RENAMES_FROM_REWRITES` raising `SIGABRT` when
  one file has been deleted and another file has been rewritten.

* Fix for WinHTTP not properly handling NTLM and Negotiate challenges.

* When using SSH-based transports, we now repeatedly ask for the passphrase to
  decrypt the private key in case a wrong passphrase is being provided.

* When generating conflict markers, they will now use the same line endings as
  the rest of the file.

### API additions

* The `git_merge_file_options` structure now contains a new setting,
  `marker_size`.  This allows users to set the size of markers that
  delineate the sides of merged files in the output conflict file.
  By default this is 7 (`GIT_MERGE_CONFLICT_MARKER_SIZE`), which
  produces output markers like `<<<<<<<` and \ 

* `git_remote_create_detached()` creates a remote that is not associated
  to any repository (and does not apply configuration like 'insteadof' rules).
  This is mostly useful for e.g. emulating `git ls-remote` behavior.

* `git_diff_patchid()` lets you generate patch IDs for diffs.

* `git_status_options` now has an additional field `baseline` to allow creating
  status lists against different trees.

* New family of functions to allow creating notes for a specific notes commit
  instead of for a notes reference.

* New family of functions to allow parsing message trailers. This API is still
  experimental and may change in future releases.

### API removals

### Breaking API changes

* Signatures now distinguish between +0000 and -0000 UTC offsets.

* The certificate check callback in the WinHTTP transport will now receive the
  `message_cb_payload` instead of the `cred_acquire_payload`.

* We are now reading symlinked directories under .git/refs.

* We now refuse creating branches named "HEAD".

* We now refuse reading and writing all-zero object IDs into the
  object database.

* We now read the effective user's configuration file instead of the real user's
  configuration in case libgit2 runs as part of a setuid binary.

* The `git_odb_open_rstream` function and its `readstream` callback in the
  `git_odb_backend` interface have changed their signatures to allow providing
  the object's size and type to the caller.
   2018-03-25 10:23:50 by Ryo ONODERA | Files touched by this commit (2) | Package updated
Log message:
Update to 0.26.3

* Fix some security bugs

This is a bugfix release. It includes the following non-exclusive list of
improvements, which have been backported from the master branch:

    Fix cloning of the libgit2 project with git clone --recursive by removing an
    invalid submodule from our testing data.

    Fix endianness of the port in p_getaddrinfo().

    Fix handling of negative gitignore rules with wildcards.

    Fix handling of case-insensitive negative gitignore rules.

    Fix resolving references to a tag if the reference is stored with its fully
    resolved OID in the packed-refs file.

    Fix checkout not treating worktree files as modified when only their mode has

    Fix rename detection with GIT_DIFF_FIND_RENAMES_FROM_REWRITES.

    Enable Windows 7 and earlier to use TLS 1.2.

This is a security release fixing memory handling issues when reading crafted
repository index files. The issues allow for possible denial of service due to
allocation of large memory and out-of-bound reads.

As the index is never transferred via the network, exploitation requires an
attacker to have access to the local repository.

This is a security release that includes an update to the bundled zlib
to update it to 1.2.11. Users who build the bundled zlib are vulnerable
to security issues in the prior version.

This does not affect you if you rely on a system-installed version of zlib.
All users of v0.26.0 who use the bundled zlib should upgrade to this release.
   2018-01-01 22:18:57 by Adam Ciarcinski | Files touched by this commit (629) | Package updated
Log message:
Revbump after boost update
   2017-11-21 00:04:05 by Thomas Klausner | Files touched by this commit (2)
Log message:
libgit2: remove python from bl3.mk

cmake says it's only needed for tests