pkgsrc.se | The NetBSD package collection

./devel/libgit2, Portable, pure C implementation of the Git core methods

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]

Branch: pkgsrc-2016Q4, Version: 0.25.1, Package name: libgit2-0.25.1, Maintainer: pkgsrc-users

libgit2 is a portable, pure C implementation of the Git core methods provided as
a re-entrant linkable library with a solid API, allowing you to write native
speed custom Git applications in any language which supports C bindings.

Required to run:
[security/libssh2] [lang/python27] [www/http-parser] [www/curl]

Required to build:
[pkgtools/cwrappers]

Master sites:

https://github.com/libgit2/ (Download)

SHA1: c65238d0e0a698b202a3a886d003228cac6dacc3
RMD160: a9f3315d22f79e1955761f156117105781aea442
Filesize: 4152.471 KB

Version history: (Expand)

(2017-01-14) Updated to version: libgit2-0.25.1
(2017-01-05) Package added to pkgsrc.se, version libgit2-0.24.1nb1 (created)

CVS history: (Expand)

2017-01-13 21:34:41 by Benny Siegert | Files touched by this commit (3) | Package updated

Log message:
Pullup ticket #5191 - requested by taca
devel/libgit2: security fix

Revisions pulled up:
- devel/libgit2/Makefile                                        1.14-1.16
- devel/libgit2/PLIST                                           1.6
- devel/libgit2/distinfo                                        1.8

---
   Module Name:	pkgsrc
   Committed By:	wiz
   Date:		Sun Jan  1 14:44:09 UTC 2017

   Modified Files:
   	[...]
   	pkgsrc/devel/libgit2: Makefile
   	[...]

   Log message:
   Add python-3.6 to incompatible versions.

---
   Module Name:	pkgsrc
   Committed By:	adam
   Date:		Sun Jan  1 16:06:40 UTC 2017

   Modified Files:
   	[...]
   	pkgsrc/devel/libgit2: Makefile
   	[...]

   Log message:
   Revbump after boost update

---
   Module Name:	pkgsrc
   Committed By:	taca
   Date:		Wed Jan 11 00:11:24 UTC 2017

   Modified Files:
   	pkgsrc/devel/libgit2: Makefile PLIST distinfo

   Log message:
   Update libgit2 to 0.25.1, it includes security problem.

   For full changes, please refer CHANGESLOG.md file.

   * libgit2 v0.24.6 and libgit2 v0.25.1, January 9th, 2017

   Includes two fixes, one performs extra sanitization for some edge cases in
   the Git Smart Protocol which can lead to attempting to parse outside of the
   buffer.

   The second fix affects the certificate check callback. It provides a valid
   parameter to indicate whether the native cryptographic library considered
   the certificate to be correct. This parameter is always 1/true before these
   releases leading to a possible MITM.

   This does not affect you if you do not use the custom certificate callback
   or if you do not take this value into account. This does affect you if you
   use pygit2 or git2go regardless of whether you specify a certificate check
   callback.