| Index | index by Group | index by Distribution | index by Vendor | index by creation date | index by Name | Mirrors | Help | Search |
| Name: libgit2-26 | Distribution: openSUSE Step 15 |
| Version: 0.26.8 | Vendor: openSUSE |
| Release: 3.13.2 | Build date: Sat Feb 6 19:29:56 2021 |
| Group: System/Libraries | Build host: obs-arm-5 |
| Size: 904894 | Source RPM: libgit2-0.26.8-3.13.2.src.rpm |
| Packager: https://bugs.opensuse.org | |
| Url: http://libgit2.github.com/ | |
| Summary: C git library | |
libgit2 is a portable, pure C implementation of the Git core methods provided as a re-entrant linkable library with a solid API, allowing you to write native speed custom Git applications in any language with bindings.
GPL-2.0 WITH GCC-exception-2.0
* Thu Nov 29 2018 mgorse@suse.com
- Update to version 0.26.8:
* Various security fixes for parsing integers from buffers,
and buffer handling bsc#1114729
- includes changess from 0.26.7:
* CVE-2018-17456: Submodule URLs and paths with a leading "-"
are now ignored to avoid injecting options into library
consumers that perform recursive clones (bsc#1110949)
* Avoid a buffer overflow when running repack
* Avoid stack overflow from unbounded recursion in configuration
file parser
* Avoid heap-buffer overflow when parsing "ok" packets
* Fix heap-buffer overflows in smart protocol parsing code
* Fix potential integer overflows on platforms with 16 bit ints
* Fix potential NULL pointer dereference when parsing
configuration files
- includes changess from 0.26.6:
* fix out-of-bounds reads when processing smart-protocol "ng"
packets (bsc#1104641)
* Thu Jul 26 2018 mgorse@suse.com
- Update to version 0.26.5 (boo#1095219 boo#1100612 boo#1100613):
* This is a security release fixing out-of-bounds reads when
reading objects from a packfile. This corresponds to
CVE-2018-10887 and CVE-2018-10888, which were both reported by
Riccardo Schirone.
* Changes in v0.26.4:
* This is a security release fixing insufficient validation of
submodule names (CVE-2018-11235, reported by Etienne
Stalmans) and disallows `.gitmodules` files as symlinks.
* Wed Mar 14 2018 kbabioch@suse.com
- Update to 0.26.3:
* Fix cloning of the libgit2 project with git clone --recursive by removing an
invalid submodule from our testing data.
* Fix endianness of the port in p_getaddrinfo().
* Fix handling of negative gitignore rules with wildcards.
* Fix handling of case-insensitive negative gitignore rules.
* Fix resolving references to a tag if the reference is stored with its fully
resolved OID in the packed-refs file.
* Fix checkout not treating worktree files as modified when only their mode has
changed.
* Fix rename detection with GIT_DIFF_FIND_RENAMES_FROM_REWRITES.
* Fixes memory handling issues when reading crafted repository index files.
The issues allow for possible denial of service due to allocation of large
memory and out-of-bound reads.
(CVE-2018-8098 bnc#1085257 CVE-2018-8099 bnc#1085256)
* Updates the bundled zlib to 1.2.11. Users who build the bundled zlib are
vulnerable to security issues in the prior version.
* Wed Feb 28 2018 dimstar@opensuse.org
- Modernize spec-file by calling spec-cleaner
* Mon Nov 13 2017 mimi.vx@gmail.com
- remove unneeded dependency (python is used only for testsuite, which
isn't used during build)
* Sat Aug 05 2017 astieger@suse.com
- libgit2 0.26.0:
* Support for opening, creating and modifying worktrees.
* Can now detect SHA1 collisions resulting from the SHAttered
attack CVE-2005-4900
* Fix for missing implementation of `git_merge_driver_source` getters
* Fix for installed pkg-config file being broken when the prefix
contains spaces
* Can now detect when the hashsum of on-disk objects does not
match their expected hashsum.
* Support open-ended ranges (e.g. "master..", "...master") in
revision range parsing code.
* Correctly compute ignores with leading "/" in subdirectories.
* Optionally call `fsync` on loose objects, packfiles and their
indexes, loose references and packed reference files.
* Builds against OpenSSL v1.1 and against LibreSSL.
* Improvements for reading index v4 files.
* API additions and incompatible API changes
* Wed Jan 11 2017 astieger@suse.com
- libgit2 0.25.1
- New features and functionality:
* repository discovery features
* Support for reading and writing git index v4 files
* Improve the performance of the revwalk
* reference db concurrency improvements
* Nanosecond resolution is now activated by default
* restrict the set of ciphers used with OpenSSL by default.
* user-registered merge drivers
* built-in support for the union merge driver
* callers can now specify proxy settings
* New API for creating signed commits
* New API for creating blobs from streams
* New flags for opening repositories
* New functions for various git operations
- Removed API:
* git_blob_create_fromchunks() has been removed in favour of
git_blob_create_fromstream()
- Changed API:
* git_packbuilder_object_count and git_packbuilder_written now
return a size_t instead of a uint32_t for more thorough
compatibility with the rest of the library.
* git_packbuiler_progress now provides explicitly sized uint32_t
values instead of unsigned int.
* git_diff_file now includes an id_abbrev field that reflects the
number of nibbles set in the id field.
* git_odb_backend now has a freshen function pointer
* git_remote_connect() now accepts proxy options.
* Wed Jan 11 2017 astieger@suse.com
- libgit2 0.24.6, including the following security fixes:
* bsc#1019036: edge cases in the Git Smart Protocol can lead to
attempting to parse outside of the buffer
CVE-2016-10128,CVE-2016-10129
* bsc#1019037: MITM possible due to lack of parameter for
certificate parameter
CVE-2016-10130,CVE-2017-5338,CVE-2017-5339
- includes changes from 0.24.5:
* add support for OpenSSL 1.1.0 for BIO filter
* Thu Dec 01 2016 astieger@suse.com
- libgit2 0.24.3, fixing the following vulnerabilities:
* CVE-2016-8568, CVE-2016-8569: invalid memory accesses parsing
object files (bsc#1003810)
* various bug fixes from the 0.24.2 release
* Mon May 09 2016 sreeves@suse.com
- Add to the SDK. Fate#319349
- Update license to GPL-2.0 WITH GCC-exception-2.0
* Wed Apr 20 2016 astieger@suse.com
- libgit2 0.24.1:
+ various compatible backported bug fixes
* Wed Mar 16 2016 dimstar@opensuse.org
- Update to version 0.24.0:
+ Custom filters can now be registered with wildcard attributes,
for example filter=*. Consumers should examine the attributes
parameter of the check function for details.
+ Symlinks are now followed when locking a file, which can be
necessary when multiple worktrees share a base repository.
+ You can now set your own user-agent to be sent for HTTP
requests by using the GIT_OPT_SET_USER_AGENT with
git_libgit2_opts().
+ You can set custom HTTP header fields to be sent along with
requests by passing them in the fetch and push options.
+ Tree objects are now assumed to be sorted. If a tree is not
correctly formed, it will give bad results. This is the git
approach and cuts a significant amount of time when reading the
trees.
+ Filter registration is now protected against concurrent
registration.
+ Filenames which are not valid on Windows in an index no longer
cause to fail to parse it on that OS.
+ Rebases can now be performed purely in-memory, without touching
the repository's workdir.
+ When adding objects to the index, or when creating new tree or
commit objects, the inputs are validated to ensure that the
dependent objects exist and are of the correct type. This
object validation can be disabled with the
GIT_OPT_ENABLE_STRICT_OBJECT_CREATION option.
+ The WinHTTP transport's handling of bad credentials now behaves
like the others, asking for credentials again.
+ Various API changes (additions AND removals).
- Rename libgit2-23 subpackage to libgit2-24, following upstraems
soname bump (also in baselibs.conf).
* Mon Nov 30 2015 astieger@suse.com
- libgit2 0.23.4:
* various bug fixes and improvements
- drop upstreamed libgit2-fix-.pc-file.patch
* Wed Oct 07 2015 astieger@suse.com
- libgit2 0.23.3, containing critical fixes:
* blame: guard xdiff calls for large files
* diff: don't feed large files to xdiff
* merge_file: treat large files as binary
* xdiff: convert size variables to size_t
* GITERR_CHECK_ALLOC_ADDn: multi-arg adders
* Thu Sep 10 2015 dimstar@opensuse.org
- Add libgit2-fix-.pc-file.patch: Fix paths written in libgit2.pc.
* Mon Sep 07 2015 astieger@suse.com
- libgit2 0.23.2:
* documentation fixes
* diff: don't error out on an invalid regex
* http: propagate the credentials callback's error code
* Fix bug in git_smart__push: push_transfer_progress cb is never called
* remote: don't confuse tag auto-follow rules with refspec matching
* curl: use the most secure auth method for the proxy
* Forcing libssh2 lib location
* fix duplicate basenames to support older VS
- includes changes from 0.23.1:
* Stage an unregistered submodule in _add_bypath()
* filebuf: remove lockfile upon rename errors
* Increase required version of cmake to 2.8
* Handle ssh:// and git:// urls containing a '~' character.
* documentation updates
* submodule URL handling fixes
* index: allow add_bypath to update submodules
* blob: fail to create a blob from a dir with EDIRECTORY
* submodule: lookup the submodule by path if available
* submdule: reproduce double-reporting of a submodule in foreach
- note cmake requirement and use cmake makros
- build with system libcurl
- build with system http-parser
* Tue Jul 28 2015 dimstar@opensuse.org
- Update to version 0.23.0:
+ Changes or improvements:
- Patience and minimal diff drivers can now be used for merges.
- Merges can now ignore whitespace changes.
- Updated binary identification in CRLF filtering to avoid
false positives in UTF-8 files.
- Rename and copy detection is enabled for small files.
- Checkout can now handle an initial checkout of a repository,
making GIT_CHECKOUT_SAFE_CREATE unnecessary for users of
clone.
- The signature parameter in the ref-modifying functions has
been removed. Use git_repository_set_ident() and
git_repository_ident() to override the signature to be used.
- The local transport now auto-scales the number of threads to
use when creating the packfile instead of sticking to one.
- Reference renaming now uses the right id for the old value.
- The annotated version of branch creation, HEAD detaching and
reset allow for specifying the expression from the user to be
put into the reflog.
- git_rebase_commit now returns GIT_EUNMERGED when you attempt
to commit with unstaged changes.
- On Mac OS X, we now use SecureTransport to provide the
cryptographic support for HTTPS connections insead of
OpenSSL.
- Checkout can now accept an index for the baseline
computations via the baseline_index member.
- The configuration for fetching is no longer stored inside the
git_remote struct but has been moved to a git_fetch_options.
The remote functions now take these options or the callbacks
instead of setting them beforehand.
- git_submodule instances are no longer cached or shared across
lookup. Each submodule represents the configuration at the
time of loading.
- The index now uses diffs for add_all() and update_all() which
gives it a speed boost and closer semantics to git.
- The ssh transport now reports the stderr output from the
server as the error message, which allows you to get the
"repository not found" messages.
- git_index_conflict_add() will remove staged entries that
exist for conflicted paths.
- The flags for a git_diff_file will now have the
GIT_DIFF_FLAG_EXISTS bit set when a file exists on that side
of the diff. This is useful for understanding whether a side
of the diff exists in the presence of a conflict.
- The constructor for a write-stream into the odb now takes
git_off_t instead of size_t for the size of the blob, which
allows putting large files into the odb on 32-bit systems.
- The remote's push and pull URLs now honor the
url.$URL.insteadOf configuration. This allows modifying URL
prefixes to a custom value via gitconfig.
- git_diff_foreach, git_diff_blobs, git_diff_blob_to_buffer,
and git_diff_buffers now accept a new binary callback of type
git_diff_binary_cb that includes the binary diff information.
- The race condition mitigations described in racy-git.txt have
been implemented.
- If libcurl is installed, we will use it to connect to HTTP(S)
servers.
+ Various API changes (incl. breaking changes).
- Rename libgit2-22 subpackage to libgit2-23, following upstreams
soname bump (also in baselibs.conf).
* Tue Jan 27 2015 dimstar@opensuse.org
- Update to version 0.22.1:
+ The following (critical) fixes have been backported to this
maintenance release:
- checkout: introduce git_checkout_perfdata.
- git_path_join_unrooted: return base len.
- checkout: don't recreate previous directory.
- checkout tests: nasty symlinks.
- checkout: drop newline in error message.
- checkout: remove files before writing new ones.
- checkout tests: emulate p_realpath poorly on Win32.
- checkout tests: cleanup realpath impl on Win32.
- Changes from version 0.22.0:
+ git_signature_new() now requires a non-empty email address.
+ Use CommonCrypto libraries for SHA-1 calculation on Mac OS X.
+ Disable SSL compression and SSLv2 and SSLv3 ciphers in favor of
TLSv1 in OpenSSL.
+ The fetch behavior of remotes with autotag set to
GIT_REMOTE_DOWNLOAD_TAGS_ALL has been changed to match git
1.9.0 and later. In this mode, libgit2 now fetches all tags in
addition to whatever else needs to be fetched.
+ git_checkout() now handles case-changing renames correctly on
case-insensitive filesystems; for example renaming "readme" to
"README".
+ The search for libssh2 is now done via pkg-config instead of a
custom search of a few directories.
+ Add support for core.protectHFS and core.protectNTFS. Add more
validation for filenames which we write such as references.
+ The local transport now generates textual progress output like
git-upload-pack does ("counting objects").
+ git_checkout_index() can now check out an in-memory index that
is not necessarily the repository's index, so you may check out
an index that was produced by git_merge and friends while
retaining the cached information.
+ Remove the default timeout for receiving / sending data over
HTTP using the WinHTTP transport layer.
+ Add SPNEGO (Kerberos) authentication using GSSAPI on Unix
systems.
+ Provide built-in objects for the empty blob (e69de29) and empty
tree (4b825dc) objects.
+ The index' tree cache is now filled upon read-tree and
write-tree and the cache is written to disk.
+ LF -> CRLF filter refuses to handle mixed-EOL files.
+ LF -> CRLF filter now runs when * text = auto (with Git for
Windows 1.9.4).
+ File unlocks are atomic again via rename. Read-only files on
Windows are made read-write if necessary.
+ Share open packfiles across repositories to share descriptors
and mmaps.
+ Use a map for the treebuilder, making insertion O(1).
+ The build system now accepts an option EMBED_SSH_PATH which
when set tells it to include a copy of libssh2 at the given
location. This is enabled for MSVC.
+ Add support for refspecs with the asterisk in the middle of a
pattern.
+ Fetching now performs opportunistic updates. To achieve this,
we introduce a difference between active and passive refspecs,
which make git_remote_download() and git_remote_fetch() to take
a list of resfpecs to be the active list, similarly to how git
fetch accepts a list on the command-line.
+ The THREADSAFE option to build libgit2 with threading support
has been flipped to be on by default.
+ The remote object has learnt to prune remote-tracking branches.
If the remote is configured to do so, this will happen via
git_remote_fetch(). You can also call git_remote_prune() after
connecting or fetching to perform the prune.
- Rename libgit2-21 subpackage to libgit2-22, following upstreams
soname bump (also in baselibs.conf).
* Thu Oct 16 2014 hrvoje.senjan@gmail.com
- Add baselibs.conf
/usr/lib/libgit2.so.0.26.8 /usr/lib/libgit2.so.26 /usr/share/doc/packages/libgit2-26 /usr/share/doc/packages/libgit2-26/AUTHORS /usr/share/doc/packages/libgit2-26/README.md /usr/share/licenses/libgit2-26 /usr/share/licenses/libgit2-26/COPYING
Generated by rpm2html 1.8.1
Fabrice Bellet, Tue Apr 9 16:43:41 2024