./devel/libgit2, Portable, pure C implementation of the Git core methods

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]


Branch: CURRENT, Version: 0.27.7nb1, Package name: libgit2-0.27.7nb1, Maintainer: pkgsrc-users

libgit2 is a portable, pure C implementation of the Git core methods provided as
a re-entrant linkable library with a solid API, allowing you to write native
speed custom Git applications in any language which supports C bindings.


Required to run:
[www/curl] [security/libssh2] [lang/python27] [www/http-parser]

Required to build:
[pkgtools/cwrappers]

Master sites:

SHA1: 1898564266b4672ac3a1e98e9ce5a57bd1cd48c0
RMD160: fba3719288325573fcbce5d11b560d5cac4b2b89
Filesize: 4670.758 KB

Version history: (Expand)


CVS history: (Expand)


   2018-12-13 20:52:27 by Adam Ciarcinski | Files touched by this commit (668)
Log message:
revbump for boost 1.69.0
   2018-12-01 21:18:18 by Thomas Klausner | Files touched by this commit (2) | Package updated
Log message:
libgit2: update to 0.27.7.

v0.27.7
-------

This is a bugfix release with the following changes or improvements:

- Our continuous integration environment has switched from Travis and
  AppVeyor to Azure Pipelines CI.

- Fix adding worktrees for bare repositories.

- Fix parsed patches not computing the old respectively new line
  numbers correctly.

- Fix parsing configuration variables which do not have a section.

- Fix a zero-byte allocation when trying to detect file renames and
  copies of a diff without any hunks.

- Fix a zero-byte allocation when trying to resize or duplicate
  vectors.

- Fix return value when trying to unlock worktrees which aren't
  locked.

- Fix returning an unitialized error code when preparing a revision
  walk without any pushed commits.

- Fix return value of `git_remote_lookup` when lookup of
  "remote.$remote.tagopt" fails.

- Fix the revision walk always labelling commits as interesting due
  to a mishandling of the commit date.

- Fix the packbuilder inserting uninteresting blobs when adding a
  tree containing references to such blobs.

- Ignore unsupported authentication schemes in HTTP transport.

- Improve performane of `git_remote_prune`.

- Fix detection of whether `qsort_r` has a BSD or GNU function
  signature.

- Fix detection of iconv if it is provided by libc.

v0.27.6
-------

This as a security release fixing the following list of issues:

- The function family `git__strtol` is used to parse integers
  from a buffer. As the functions do not take a buffer length as
  argument, they will scan either until the end of the current
  number or until a NUL byte is encountered. Many callers have
  been misusing the function and called it on potentially
  non-NUL-terminated buffers, resulting in possible out-of-bounds
  reads. Callers have been fixed to use `git__strntol` functions
  instead and `git__strtol` functions were removed.

- The function `git__strntol64` relied on the undefined behavior
  of signed integer overflows. While the code tried to detect
  such overflows after they have happened, this is unspecified
  behavior and may lead to weird behavior on uncommon platforms.

- In the case where `git__strntol32` was unable to parse an
  integer because it doesn't fit into an `int32_t`, it printed an
  error message containing the string that is currently being
  parsed. The code didn't truncate the string though, which
  caused it to print the complete string until a NUL byte is
  encountered and not only the currently parsed number. In case
  where the string was not NUL terminated, this could have lead
  to an out-of-bounds read.

- When parsing tags, all unknown fields that appear before the
  tag message are skipped. This skipping is done by using a plain
  `strstr(buffer, "\n\n")` to search for the two newlines that
  separate tag fields from tag message. As it is not possible to
  supply a buffer length to `strstr`, this call may skip over the
  buffer's end and thus result in an out of bounds read. As
  `strstr` may return a pointer that is out of bounds, the
  following computation of `buffer_end - buffer` will overflow
  and result in an allocation of an invalid length. Note that
  when reading objects from the object database, we make sure to
  always NUL terminate them, making the use of `strstr` safe.

- When parsing the "encoding" field of a commit, we may perform
  an out of bounds read due to using `git__prefixcmp` instead of
  `git__prefixncmp`. This can result in the parsed commit object
  containing uninitialized data in both its message encoding and
  message fields. Note that when reading objects from the object
  database, we make sure to always NUL terminate them, making the
  use of `strstr` safe.
   2018-10-19 14:29:58 by Ryo ONODERA | Files touched by this commit (1) | Package updated
Log message:
Update HOMEPAGE
   2018-10-18 16:43:01 by Takahiro Kambe | Files touched by this commit (2) | Package updated
Log message:
devel/libgit2: update to 0.27.5

libgit2 0.27.5 (2018/10/5)

This is a security release fixing the following list of issues:

* Submodule URLs and paths with a leading "-" are now ignored.  This \ 
is due to
  the recently discovered CVE-2018-17456, which can lead to arbitrary code
  execution in upstream git.  While libgit2 itself is not vulnerable, it can
  be used to inject options in an implementation which performs a recursive
  clone by executing an external command.

* When running repack while doing repo writes, packfile_load__cb() could see
  some temporary files in the directory that were bigger than the usual, and
  makes memcmp overflow on the p->pack_name string.  This issue was reported
  and fixed by bisho.

* The configuration file parser used unbounded recursion to parse multiline
  variables, which could lead to a stack overflow.  The issue was reported by
  the oss-fuzz project, issue 10048 and fixed by Nelson Elhage.

* The fix to the unbounded recursion introduced a memory leak in the config
  parser.  While this leak was never in a public release, the oss-fuzz project
  reported this as issue 10127.  The fix was implemented by Nelson Elhage and
  Patrick Steinhardt.

* When parsing "ok" packets received via the smart protocol, our \ 
parsing code
  did not correctly verify the bounds of the packets, which could result in a
  heap-buffer overflow.  The issue was reported by the oss-fuzz project, issue
  9749 and fixed by Patrick Steinhardt.

* The parsing code for the smart protocol has been tightened in general,
  fixing heap-buffer overflows when parsing the packet type as well as for
  "ACK" and "unpack" packets.  The issue was discovered and \ 
fixed by Patrick
  Steinhardt.

* Fixed potential integer overflows on platforms with 16 bit integers when
  parsing packets for the smart protocol.  The issue was discovered and fixed
  by Patrick Steinhardt.

* Fixed potential NULL pointer dereference when parsing configuration files
  which have "include.path" or "includeIf..path" statements \ 
without a value.
   2018-09-23 17:11:43 by Takahiro Kambe | Files touched by this commit (2) | Package updated
Log message:
devel/libgit2: update to 0.27.4

v0.27.4
-------

This is a security release fixing out-of-bounds reads when
processing smart-protocol "ng" packets.

When parsing an "ng" packet, we keep track of both the current position
as well as the remaining length of the packet itself. But instead of
taking care not to exceed the length, we pass the current pointer's
position to `strchr`, which will search for a certain character until
hitting NUL. It is thus possible to create a crafted packet which
doesn't contain a NUL byte to trigger an out-of-bounds read.

The issue was discovered by the oss-fuzz project, issue 9406.

v0.27.3
-------

This is a security release fixing out-of-bounds reads when
reading objects from a packfile. This corresponds to
CVE-2018-10887 and CVE-2018-10888, which were both reported by
Riccardo Schirone.

When packing objects into a single so-called packfile, objects
may not get stored as complete copies but instead as deltas
against another object "base". A specially crafted delta object
could trigger an integer overflow and thus bypass our input
validation, which may result in copying memory before or after
the base object into the final deflated object. This may lead to
objects containing copies of system memory being written into the
object database. As the hash of those objects cannot be easily
controlled by the attacker, it is unlikely that any of those
objects will be valid and referenced by the commit graph.

Note that the error could also be triggered by the function
`git_apply__patch`. But as this function is not in use outside of
our test suite, it is not a possible attack vector.
   2018-08-16 20:55:17 by Adam Ciarcinski | Files touched by this commit (653) | Package updated
Log message:
revbump after boost-libs update
   2018-06-05 20:48:23 by Thomas Klausner | Files touched by this commit (2) | Package updated
Log message:
libgit2: update to 0.27.1.

v0.27.1
---------

This is a security release fixing insufficient validation of submodule names
(CVE-2018-11235, reported by Etienne Stalmans) and disallows `.gitmodules` files
as symlinks.

While submodule names come from the untrusted ".gitmodules" file, we \ 
blindly
append the name to "$GIT_DIR/modules" to construct the final path of the
submodule repository. In case the name contains e.g. "../", an \ 
adversary would
be able to escape your repository and write data at arbitrary paths. In
accordance with git, we now enforce some rules for submodule names which will
cause libgit2 to ignore these malicious names.

Adding a symlink as `.gitmodules` into the index from the workdir or checking
out such files is not allowed as this can make a Git implementation write
outside of the repository and bypass the `fsck` checks for CVE-2018-11235.

libgit2 is not susceptible to CVE-2018-11233.
   2018-04-29 23:32:09 by Adam Ciarcinski | Files touched by this commit (629) | Package updated
Log message:
revbump for boost-libs update