Log message:
libgit2: Requires C99.

Log message:
libgit2: update to 0.28.1.

v0.28.1
-------

This is a bugfix release with the following change:

* The deprecated functions (`git_buf_free` and the `giterr_` family of
  functions) are now exported properly.  In the v0.28 release, they were
  not given the correct external attributes and they did not have the
  correct linkage visibility in the v0.28 library.

v0.28
-----

### Changes or improvements

* The library is now always built with cdecl calling conventions on
  Windows; the ability to build a stdcall library has been removed.

* Reference log creation now honors `core.logallrefupdates=always`.

* Fix some issues with the error-reporting in the OpenSSL backend.

* HTTP proxy support is now builtin; libcurl is no longer used to support
  proxies and is removed as a dependency.

* Certificate and credential callbacks can now return `GIT_PASSTHROUGH`
  to decline to act; libgit2 will behave as if there was no callback set
  in the first place.

* The line-ending filtering logic - when checking out files - has been
  updated to match newer git (>= git 2.9) for proper interoperability.

* Symbolic links are now supported on Windows when `core.symlinks` is set
  to `true`.

* Submodules with names which attempt to perform path traversal now have their
  configuration ignored. Such names were blindly appended to the
  `$GIT_DIR/modules` and a malicious name could lead to an attacker writing to
  an arbitrary location. This matches git's handling of CVE-2018-11235.

* Object validation is now performed during tree creation in the
  `git_index_write_tree_to` API.

* Configuration variable may now be specified on the same line as a section
  header; previously this was erroneously a parser error.

* When an HTTP server supports both NTLM and Negotiate authentication
  mechanisms, we would previously fail to authenticate with any mechanism.

* The `GIT_OPT_SET_PACK_MAX_OBJECTS` option can now set the maximum
  number of objects allowed in a packfile being downloaded; this can help
  limit the maximum memory used when fetching from an untrusted remote.

* Line numbers in diffs loaded from patch files were not being populated;
  they are now included in the results.

* The repository's index is reloaded from disk at the beginning of
  `git_merge` operations to ensure that it is up-to-date.

* Mailmap handling APIs have been introduced, and the new commit APIs
  `git_commit_committer_with_mailmap` and `git_commit_author_with_mailmap`
  will use the mailmap to resolve the committer and author information.
  In addition, blame will use the mailmap given when the
  `GIT_BLAME_USE_MAILMAP` option.

* Ignore handling for files in ignored folders would be ignored.

* Worktrees can now be backed by bare repositories.

* Trailing spaces are supported in `.gitignore` files, these spaces were
  previously (and erroneously) treated as part of the pattern.

* The library can now be built with mbedTLS support for HTTPS.

* The diff status character 'T' will now be presented by the
  `git_diff_status_char` API for diff entries that change type.

* Revision walks previously would sometimes include commits that should
  have been ignored; this is corrected.

* Revision walks are now more efficient when the output is unsorted;
  we now avoid walking all the way to the beginning of history unnecessarily.

* Error-handling around index extension loading has been fixed. We were
  previously always misreporting a truncated index (#4858).

### API additions

* The index may now be iterated atomically using `git_index_iterator`.

* Remote objects can now be created with extended options using the
  `git_remote_create_with_opts` API.

* Diff objects can now be applied as changes to the working directory,
  index or both, emulating the `git apply` command.  Additionally,
  `git_apply_to_tree` can apply those changes to a tree object as a
  fully in-memory operation.

* You can now swap out memory allocators via the
  `GIT_OPT_SET_ALLOCATOR` option with `git_libgit2_opts()`.

* You can now ensure that functions do not discard unwritten changes to the
  index via the `GIT_OPT_ENABLE_UNSAVED_INDEX_SAFETY` option to
  `git_libgit2_opts()`.  This will cause functions that implicitly re-read
  the index (eg, `git_checkout`) to fail if you have staged changes to the
  index but you have not written the index to disk.  (Unless the checkout
  has the FORCE flag specified.)

  At present, this defaults to off, but we intend to enable this more
  broadly in the future, as a warning or error.  We encourage you to
  examine your code to ensure that you are not relying on the current
  behavior that implicitly removes staged changes.

* Reference specifications can be parsed from an arbitrary string with
  the `git_refspec_parse` API.

* You can now get the name and path of worktrees using the
  `git_worktree_name` and `git_worktree_path` APIs, respectively.

* The `ref` field has been added to `git_worktree_add_options` to enable
  the creation of a worktree from a pre-existing branch.

* It's now possible to analyze merge relationships between any two
  references, not just against `HEAD`, using `git_merge_analysis_for_ref`.

### API removals

* The `git_buf_free` API is deprecated; it has been renamed to
  `git_buf_dispose` for consistency.  The `git_buf_free` API will be
  retained for backward compatibility for the foreseeable future.

* The `git_otype` enumeration and its members are deprecated and have
  been renamed for consistency.  The `GIT_OBJ_` enumeration values are
  now prefixed with `GIT_OBJECT_`.  The old enumerations and macros
  will be retained for backward compatibility for the foreseeable future.

* Several index-related APIs have been renamed for consistency.  The
  `GIT_IDXENTRY_` enumeration values and macros have been renamed to
  be prefixed with `GIT_INDEX_ENTRY_`.  The `GIT_INDEXCAP` enumeration
  values are now prefixed with `GIT_INDEX_CAPABILITY_`.  The old
  enumerations and macros will be retained for backward compatibility
  for the foreseeable future.

* The error functions and enumeration values have been renamed for
  consistency.  The `giterr_` functions and values prefix have been
  renamed to be prefixed with `git_error_`; similarly, the `GITERR_`
  constants have been renamed to be prefixed with `GIT_ERROR_`.
  The old enumerations and macros will be retained for backward
  compatibility for the foreseeable future.

### Breaking API changes

* The default checkout strategy changed from `DRY_RUN` to `SAFE` (#4531).

* Adding a symlink as .gitmodules into the index from the workdir or checking
  out such files is not allowed as this can make a Git implementation write
  outside of the repository and bypass the fsck checks for CVE-2018-11235.

Log message:
revbump for boost 1.69.0

Log message:
libgit2: update to 0.27.7.

v0.27.7
-------

This is a bugfix release with the following changes or improvements:

- Our continuous integration environment has switched from Travis and
  AppVeyor to Azure Pipelines CI.

- Fix adding worktrees for bare repositories.

- Fix parsed patches not computing the old respectively new line
  numbers correctly.

- Fix parsing configuration variables which do not have a section.

- Fix a zero-byte allocation when trying to detect file renames and
  copies of a diff without any hunks.

- Fix a zero-byte allocation when trying to resize or duplicate
  vectors.

- Fix return value when trying to unlock worktrees which aren't
  locked.

- Fix returning an unitialized error code when preparing a revision
  walk without any pushed commits.

- Fix return value of `git_remote_lookup` when lookup of
  "remote.$remote.tagopt" fails.

- Fix the revision walk always labelling commits as interesting due
  to a mishandling of the commit date.

- Fix the packbuilder inserting uninteresting blobs when adding a
  tree containing references to such blobs.

- Ignore unsupported authentication schemes in HTTP transport.

- Improve performane of `git_remote_prune`.

- Fix detection of whether `qsort_r` has a BSD or GNU function
  signature.

- Fix detection of iconv if it is provided by libc.

v0.27.6
-------

This as a security release fixing the following list of issues:

- The function family `git__strtol` is used to parse integers
  from a buffer. As the functions do not take a buffer length as
  argument, they will scan either until the end of the current
  number or until a NUL byte is encountered. Many callers have
  been misusing the function and called it on potentially
  non-NUL-terminated buffers, resulting in possible out-of-bounds
  reads. Callers have been fixed to use `git__strntol` functions
  instead and `git__strtol` functions were removed.

- The function `git__strntol64` relied on the undefined behavior
  of signed integer overflows. While the code tried to detect
  such overflows after they have happened, this is unspecified
  behavior and may lead to weird behavior on uncommon platforms.

- In the case where `git__strntol32` was unable to parse an
  integer because it doesn't fit into an `int32_t`, it printed an
  error message containing the string that is currently being
  parsed. The code didn't truncate the string though, which
  caused it to print the complete string until a NUL byte is
  encountered and not only the currently parsed number. In case
  where the string was not NUL terminated, this could have lead
  to an out-of-bounds read.

- When parsing tags, all unknown fields that appear before the
  tag message are skipped. This skipping is done by using a plain
  `strstr(buffer, "\n\n")` to search for the two newlines that
  separate tag fields from tag message. As it is not possible to
  supply a buffer length to `strstr`, this call may skip over the
  buffer's end and thus result in an out of bounds read. As
  `strstr` may return a pointer that is out of bounds, the
  following computation of `buffer_end - buffer` will overflow
  and result in an allocation of an invalid length. Note that
  when reading objects from the object database, we make sure to
  always NUL terminate them, making the use of `strstr` safe.

- When parsing the "encoding" field of a commit, we may perform
  an out of bounds read due to using `git__prefixcmp` instead of
  `git__prefixncmp`. This can result in the parsed commit object
  containing uninitialized data in both its message encoding and
  message fields. Note that when reading objects from the object
  database, we make sure to always NUL terminate them, making the
  use of `strstr` safe.

Log message:
Update HOMEPAGE

Log message:
devel/libgit2: update to 0.27.5

libgit2 0.27.5 (2018/10/5)

This is a security release fixing the following list of issues:

* Submodule URLs and paths with a leading "-" are now ignored.  This \ 
is due to
  the recently discovered CVE-2018-17456, which can lead to arbitrary code
  execution in upstream git.  While libgit2 itself is not vulnerable, it can
  be used to inject options in an implementation which performs a recursive
  clone by executing an external command.

* When running repack while doing repo writes, packfile_load__cb() could see
  some temporary files in the directory that were bigger than the usual, and
  makes memcmp overflow on the p->pack_name string.  This issue was reported
  and fixed by bisho.

* The configuration file parser used unbounded recursion to parse multiline
  variables, which could lead to a stack overflow.  The issue was reported by
  the oss-fuzz project, issue 10048 and fixed by Nelson Elhage.

* The fix to the unbounded recursion introduced a memory leak in the config
  parser.  While this leak was never in a public release, the oss-fuzz project
  reported this as issue 10127.  The fix was implemented by Nelson Elhage and
  Patrick Steinhardt.

* When parsing "ok" packets received via the smart protocol, our \ 
parsing code
  did not correctly verify the bounds of the packets, which could result in a
  heap-buffer overflow.  The issue was reported by the oss-fuzz project, issue
  9749 and fixed by Patrick Steinhardt.

* The parsing code for the smart protocol has been tightened in general,
  fixing heap-buffer overflows when parsing the packet type as well as for
  "ACK" and "unpack" packets.  The issue was discovered and \ 
fixed by Patrick
  Steinhardt.

* Fixed potential integer overflows on platforms with 16 bit integers when
  parsing packets for the smart protocol.  The issue was discovered and fixed
  by Patrick Steinhardt.

* Fixed potential NULL pointer dereference when parsing configuration files
  which have "include.path" or "includeIf..path" statements \ 
without a value.

Log message:
devel/libgit2: update to 0.27.4

v0.27.4
-------

This is a security release fixing out-of-bounds reads when
processing smart-protocol "ng" packets.

When parsing an "ng" packet, we keep track of both the current position
as well as the remaining length of the packet itself. But instead of
taking care not to exceed the length, we pass the current pointer's
position to `strchr`, which will search for a certain character until
hitting NUL. It is thus possible to create a crafted packet which
doesn't contain a NUL byte to trigger an out-of-bounds read.

The issue was discovered by the oss-fuzz project, issue 9406.

v0.27.3
-------

This is a security release fixing out-of-bounds reads when
reading objects from a packfile. This corresponds to
CVE-2018-10887 and CVE-2018-10888, which were both reported by
Riccardo Schirone.

When packing objects into a single so-called packfile, objects
may not get stored as complete copies but instead as deltas
against another object "base". A specially crafted delta object
could trigger an integer overflow and thus bypass our input
validation, which may result in copying memory before or after
the base object into the final deflated object. This may lead to
objects containing copies of system memory being written into the
object database. As the hash of those objects cannot be easily
controlled by the attacker, it is unlikely that any of those
objects will be valid and referenced by the commit graph.

Note that the error could also be triggered by the function
`git_apply__patch`. But as this function is not in use outside of
our test suite, it is not a possible attack vector.

Log message:
revbump after boost-libs update

Log message:
libgit2: update to 0.27.1.

v0.27.1
---------

This is a security release fixing insufficient validation of submodule names
(CVE-2018-11235, reported by Etienne Stalmans) and disallows `.gitmodules` files
as symlinks.

While submodule names come from the untrusted ".gitmodules" file, we \ 
blindly
append the name to "$GIT_DIR/modules" to construct the final path of the
submodule repository. In case the name contains e.g. "../", an \ 
adversary would
be able to escape your repository and write data at arbitrary paths. In
accordance with git, we now enforce some rules for submodule names which will
cause libgit2 to ignore these malicious names.

Adding a symlink as `.gitmodules` into the index from the workdir or checking
out such files is not allowed as this can make a Git implementation write
outside of the repository and bypass the `fsck` checks for CVE-2018-11235.

libgit2 is not susceptible to CVE-2018-11233.

Log message:
revbump for boost-libs update