UbuntuUpdates.org

Package "libgit2"

Name: libgit2

Description:

This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • low-level Git library
  • libgit2 library and debugging symbols
  • low-level Git library (development files)
Latest version: 0.19.0-2ubuntu0.4
Release: trusty (14.04)
Level: security
Repository: universe

Links

All versions of this package
Bug fixes

List of files in package
Repository home page

Other versions of "libgit2" in Trusty

Repository Area Version
updates universe 0.19.0-2ubuntu0.4

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 0.19.0-2ubuntu0.4 2018-09-13 17:06:40 UTC

  libgit2 (0.19.0-2ubuntu0.4) trusty-security; urgency=medium

  * SECURITY UPDATE: Out of bounds read
    - debian/patches/CVE-2018-10887-1.patch: delta: Fix sign-extension of big
      left-shift
    - debian/patches/CVE-2018-10887-2.patch: delta: fix overflow when
      computing limit
    - debian/patches/CVE-2018-10888.patch fix out-of-bounds read of delta
    - debian/patches/fix-umask-fragility.patch: Fix umask issues in unit tests
      so that build can complete successfully. (needed to successfully build)
    - debian/patches/pool_alloc_sizes.patch: Round up pool alloc sizes for
      alignment (needed to successfully build on armhf)
    - CVE-2018-10887, CVE-2018-10888

 -- Mike Salvatore <email address hidden> Wed, 05 Sep 2018 12:52:25 -0400
CVE-2018-10887 A flaw was found in libgit2 before version 0.27.3. It has been discovered that an unexpected sign extension in git_delta_apply function in delta.c fi
CVE-2018-10888 A flaw was found in libgit2 before version 0.27.3. A missing check in git_delta_apply function in delta.c file, may lead to an out-of-bound read whil


About   -   Send Feedback to @ubuntu_updates