Pullup ticket #6068 - requested by nia devel/libgit2: security fix Revisions pulled up: - devel/libgit2/Makefile 1.40 - devel/libgit2/distinfo 1.18 --- Module Name: pkgsrc Committed By: nia Date: Sun Oct 6 12:18:30 UTC 2019 Modified Files: pkgsrc/devel/libgit2: Makefile distinfo Log Message: libgit2: Update to 0.28.3 This is a security release fixing the following issues: A carefully constructed commit object with a very large number of parents may lead to potential out-of-bounds writes or potential denial of service. The ProgramData configuration file is always read for compatibility with Git for Windows and Portable Git installations. The ProgramData location is not necessarily writable only by administrators, so we now ensure that the configuration file is owned by the administrator or the current user.diff -r1.39 -r1.39.2.1 pkgsrc/devel/libgit2/Makefile
(bsiegert)
@@ -1,17 +1,16 @@ | @@ -1,17 +1,16 @@ | |||
1 | # $NetBSD: Makefile,v 1.39 2019/08/22 12:23:02 ryoon Exp $ | 1 | # $NetBSD: Makefile,v 1.39.2.1 2019/10/07 09:14:47 bsiegert Exp $ | |
2 | 2 | |||
3 | DISTNAME= libgit2-0.28.2 | 3 | DISTNAME= libgit2-0.28.3 | |
4 | PKGREVISION= 3 | |||
5 | CATEGORIES= devel | 4 | CATEGORIES= devel | |
6 | MASTER_SITES= ${MASTER_SITE_GITHUB:=libgit2/} | 5 | MASTER_SITES= ${MASTER_SITE_GITHUB:=libgit2/} | |
7 | GITHUB_TAG= v${PKGVERSION_NOREV} | 6 | GITHUB_TAG= v${PKGVERSION_NOREV} | |
8 | 7 | |||
9 | MAINTAINER= pkgsrc-users@NetBSD.org | 8 | MAINTAINER= pkgsrc-users@NetBSD.org | |
10 | HOMEPAGE= https://libgit2.org/ | 9 | HOMEPAGE= https://libgit2.org/ | |
11 | COMMENT= Portable, pure C implementation of the Git core methods | 10 | COMMENT= Portable, pure C implementation of the Git core methods | |
12 | LICENSE= gnu-gpl-v2 # linking exception (linking allowed in more ways) | 11 | LICENSE= gnu-gpl-v2 # linking exception (linking allowed in more ways) | |
13 | 12 | |||
14 | EXTRACT_USING= bsdtar | 13 | EXTRACT_USING= bsdtar | |
15 | USE_CMAKE= yes | 14 | USE_CMAKE= yes | |
16 | USE_LANGUAGES= c99 | 15 | USE_LANGUAGES= c99 | |
17 | USE_TOOLS+= pkg-config | 16 | USE_TOOLS+= pkg-config |
@@ -1,6 +1,6 @@ | @@ -1,6 +1,6 @@ | |||
1 | $NetBSD: distinfo,v 1.17 2019/05/27 14:35:25 wiz Exp $ | 1 | $NetBSD: distinfo,v 1.17.4.1 2019/10/07 09:14:47 bsiegert Exp $ | |
2 | 2 | |||
3 | SHA1 (libgit2-0.28.2.tar.gz) = 85025d651696a83c4d2a45932235ed1146c95cbc | 3 | SHA1 (libgit2-0.28.3.tar.gz) = fb3c394b36e17ebb2cea42a2c407e899f90509a9 | |
4 | RMD160 (libgit2-0.28.2.tar.gz) = 18fbe97266d064b8857618066e156a4297fbcff4 | 4 | RMD160 (libgit2-0.28.3.tar.gz) = 76e988d9229a58ff9f1e39e33a33317cb806f33e | |
5 | SHA512 (libgit2-0.28.2.tar.gz) = 0879c162e2e1dc00eadfbda22cd1f9d3a95b4ec2b653c108983f37c2f695140882de4d50d7cbc04ced247125a4e9fe6df16130e1267891aecdb2411d920db5c6 | 5 | SHA512 (libgit2-0.28.3.tar.gz) = 15444823b7d4885f7b8c3982f8905efc4a75913de016a9b2e0a24d5ce9746e6a549dffd5469036529557feff2ce7ece9328266eb312c80b96091ce0f65ee97ee | |
6 | Size (libgit2-0.28.2.tar.gz) = 4987586 bytes | 6 | Size (libgit2-0.28.3.tar.gz) = 4988580 bytes |