pkgsrc-Changes archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
CVS commit: [pkgsrc-2016Q4] pkgsrc/devel/libgit2
Module Name: pkgsrc
Committed By: bsiegert
Date: Fri Jan 13 20:34:41 UTC 2017
Modified Files:
pkgsrc/devel/libgit2 [pkgsrc-2016Q4]: Makefile PLIST distinfo
Log Message:
Pullup ticket #5191 - requested by taca
devel/libgit2: security fix
Revisions pulled up:
- devel/libgit2/Makefile 1.14-1.16
- devel/libgit2/PLIST 1.6
- devel/libgit2/distinfo 1.8
---
Module Name: pkgsrc
Committed By: wiz
Date: Sun Jan 1 14:44:09 UTC 2017
Modified Files:
[...]
pkgsrc/devel/libgit2: Makefile
[...]
Log Message:
Add python-3.6 to incompatible versions.
---
Module Name: pkgsrc
Committed By: adam
Date: Sun Jan 1 16:06:40 UTC 2017
Modified Files:
[...]
pkgsrc/devel/libgit2: Makefile
[...]
Log Message:
Revbump after boost update
---
Module Name: pkgsrc
Committed By: taca
Date: Wed Jan 11 00:11:24 UTC 2017
Modified Files:
pkgsrc/devel/libgit2: Makefile PLIST distinfo
Log Message:
Update libgit2 to 0.25.1, it includes security problem.
For full changes, please refer CHANGESLOG.md file.
* libgit2 v0.24.6 and libgit2 v0.25.1, January 9th, 2017
Includes two fixes, one performs extra sanitization for some edge cases in
the Git Smart Protocol which can lead to attempting to parse outside of the
buffer.
The second fix affects the certificate check callback. It provides a valid
parameter to indicate whether the native cryptographic library considered
the certificate to be correct. This parameter is always 1/true before these
releases leading to a possible MITM.
This does not affect you if you do not use the custom certificate callback
or if you do not take this value into account. This does affect you if you
use pygit2 or git2go regardless of whether you specify a certificate check
callback.
To generate a diff of this commit:
cvs rdiff -u -r1.13 -r1.13.2.1 pkgsrc/devel/libgit2/Makefile
cvs rdiff -u -r1.5 -r1.5.4.1 pkgsrc/devel/libgit2/PLIST
cvs rdiff -u -r1.7 -r1.7.4.1 pkgsrc/devel/libgit2/distinfo
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: pkgsrc/devel/libgit2/Makefile
diff -u pkgsrc/devel/libgit2/Makefile:1.13 pkgsrc/devel/libgit2/Makefile:1.13.2.1
--- pkgsrc/devel/libgit2/Makefile:1.13 Fri Oct 7 18:25:43 2016
+++ pkgsrc/devel/libgit2/Makefile Fri Jan 13 20:34:41 2017
@@ -1,7 +1,6 @@
-# $NetBSD: Makefile,v 1.13 2016/10/07 18:25:43 adam Exp $
+# $NetBSD: Makefile,v 1.13.2.1 2017/01/13 20:34:41 bsiegert Exp $
-DISTNAME= libgit2-0.24.1
-PKGREVISION= 1
+DISTNAME= libgit2-0.25.1
CATEGORIES= devel
MASTER_SITES= ${MASTER_SITE_GITHUB:=libgit2/}
GITHUB_TAG= v${PKGVERSION_NOREV}
@@ -16,7 +15,7 @@ USE_TOOLS+= pkg-config
USE_CMAKE= yes
PKGCONFIG_OVERRIDE+= libgit2.pc.in
-PYTHON_VERSIONS_INCOMPATIBLE= 34 35 # not yet ported as of 0.21.1
+PYTHON_VERSIONS_INCOMPATIBLE= 34 35 36 # not yet ported as of 0.21.1
.include "../../devel/zlib/buildlink3.mk"
.include "../../security/libssh2/buildlink3.mk"
Index: pkgsrc/devel/libgit2/PLIST
diff -u pkgsrc/devel/libgit2/PLIST:1.5 pkgsrc/devel/libgit2/PLIST:1.5.4.1
--- pkgsrc/devel/libgit2/PLIST:1.5 Tue Aug 30 10:24:40 2016
+++ pkgsrc/devel/libgit2/PLIST Fri Jan 13 20:34:41 2017
@@ -1,4 +1,4 @@
-@comment $NetBSD: PLIST,v 1.5 2016/08/30 10:24:40 jperkin Exp $
+@comment $NetBSD: PLIST,v 1.5.4.1 2017/01/13 20:34:41 bsiegert Exp $
include/git2.h
include/git2/annotated_commit.h
include/git2/attr.h
@@ -35,6 +35,7 @@ include/git2/oidarray.h
include/git2/pack.h
include/git2/patch.h
include/git2/pathspec.h
+include/git2/proxy.h
include/git2/rebase.h
include/git2/refdb.h
include/git2/reflog.h
@@ -59,13 +60,16 @@ include/git2/sys/filter.h
include/git2/sys/hashsig.h
include/git2/sys/index.h
include/git2/sys/mempack.h
+include/git2/sys/merge.h
include/git2/sys/odb_backend.h
include/git2/sys/openssl.h
include/git2/sys/refdb_backend.h
include/git2/sys/reflog.h
include/git2/sys/refs.h
+include/git2/sys/remote.h
include/git2/sys/repository.h
include/git2/sys/stream.h
+include/git2/sys/time.h
include/git2/sys/transport.h
include/git2/tag.h
include/git2/trace.h
@@ -75,6 +79,6 @@ include/git2/tree.h
include/git2/types.h
include/git2/version.h
lib/libgit2.so
-lib/libgit2.so.0.24.0
-lib/libgit2.so.24
+lib/libgit2.so.0.25.1
+lib/libgit2.so.25
lib/pkgconfig/libgit2.pc
Index: pkgsrc/devel/libgit2/distinfo
diff -u pkgsrc/devel/libgit2/distinfo:1.7 pkgsrc/devel/libgit2/distinfo:1.7.4.1
--- pkgsrc/devel/libgit2/distinfo:1.7 Tue Aug 30 10:24:40 2016
+++ pkgsrc/devel/libgit2/distinfo Fri Jan 13 20:34:41 2017
@@ -1,6 +1,6 @@
-$NetBSD: distinfo,v 1.7 2016/08/30 10:24:40 jperkin Exp $
+$NetBSD: distinfo,v 1.7.4.1 2017/01/13 20:34:41 bsiegert Exp $
-SHA1 (libgit2-0.24.1.tar.gz) = 198ac53d713c521d940951ab5d6b90b75b941918
-RMD160 (libgit2-0.24.1.tar.gz) = c9c75373fedb66c1732d472dda05dfc4fe40d5fa
-SHA512 (libgit2-0.24.1.tar.gz) = 7ad06cef694a293eb90569b042270425f1d012c1c9de8db595dd841942072110bc5342f0d9782479abbba355f5db170b9dad778e79dd23857003e9668cdc1e13
-Size (libgit2-0.24.1.tar.gz) = 4173317 bytes
+SHA1 (libgit2-0.25.1.tar.gz) = c65238d0e0a698b202a3a886d003228cac6dacc3
+RMD160 (libgit2-0.25.1.tar.gz) = a9f3315d22f79e1955761f156117105781aea442
+SHA512 (libgit2-0.25.1.tar.gz) = bbd0d27c95406b548185ce02e2a9288a9dcb8c3b28476ba20f4f4917f6bd67f1ddee80de3054d30b79cdb9d973c3061a15ea7847c79bfa4e0c62e41d5195cb99
+Size (libgit2-0.25.1.tar.gz) = 4252130 bytes
Home |
Main Index |
Thread Index |
Old Index