[Buildroot] [git commit branch/2022.11.x] package/libgit2: security bump to 1.5.1
Peter Korsgaard
peter at korsgaard.com
Sun Feb 5 17:07:09 UTC 2023
commit: https://git.buildroot.net/buildroot/commit/?id=b25f3d1723a35e1dffcfcb0168367697ba20e2b1
branch: https://git.buildroot.net/buildroot/commit/?id=refs/heads/2022.11.x
Fixes CVE-2023-22742: when compiled with BR2_PACKAGE_LIBSSH2,
libgit2 fails to verify SSH keys by default.
https://github.com/libgit2/libgit2/blob/v1.5.1/docs/changelog.md
Signed-off-by: Nicolas Cavallari <nicolas.cavallari at green-communications.fr>
Signed-off-by: Peter Korsgaard <peter at korsgaard.com>
(cherry picked from commit cc47da516cf5b76752d63361a8a7579d93e6fbbb)
Signed-off-by: Peter Korsgaard <peter at korsgaard.com>
---
package/libgit2/libgit2.hash | 2 +-
package/libgit2/libgit2.mk | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/package/libgit2/libgit2.hash b/package/libgit2/libgit2.hash
index fb760fd4cc..e834525df5 100644
--- a/package/libgit2/libgit2.hash
+++ b/package/libgit2/libgit2.hash
@@ -1,3 +1,3 @@
# Locally calculated
-sha256 8de872a0f201b33d9522b817c92e14edb4efad18dae95cf156cf240b2efff93e libgit2-1.5.0.tar.gz
+sha256 7074f1e2697992b82402501182db254fe62d64877b12f6e4c64656516f4cde88 libgit2-1.5.1.tar.gz
sha256 0fc09da43d666b5b0cf5695defc3100d5cf387936b260ebab37e396d7e0dbc83 COPYING
diff --git a/package/libgit2/libgit2.mk b/package/libgit2/libgit2.mk
index 9409011eb4..c962c8030f 100644
--- a/package/libgit2/libgit2.mk
+++ b/package/libgit2/libgit2.mk
@@ -4,7 +4,7 @@
#
################################################################################
-LIBGIT2_VERSION = 1.5.0
+LIBGIT2_VERSION = 1.5.1
LIBGIT2_SITE = $(call github,libgit2,libgit2,v$(LIBGIT2_VERSION))
LIBGIT2_LICENSE = \
GPL-2.0 with linking exception, \
More information about the buildroot
mailing list