SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for libgit2-1_8-1.8.1-1.1.x86_64.rpm :

* Fri May 17 2024 Dirk Müller - update to 1.8.1:
* In v1.8, libgit2 introduced the `report_unchanged ` member in the `git_fetch_options` structure. We mistakenly introduced this as a bitfield, which is not suitable for our public API. To correct this mistake, we have _removed_ the `report_unchanged ` member. To support the report unchanged tips option, users can set the `update_fetchhead` member to include the `GIT_REMOTE_UPDATE_REPORT_UNCHANGED` value.
* The libgit2 projects regrets the API change, but this was required to support cross-platform compatibility.
* commit: Fix git_commit_create_from_stage without author and
* committer
* process.c: fix environ
* Bounds check for pack index read
* transport: provide a useful error message during cancellation
* transport: support sha256 oids
* Revparse: Correctly accept ref with \'AATT\' at the end
* remote: drop bitfields in git_remote_fetch_options
* examples: fix memory leak in for-each-ref.c
* xdiff: use proper free function
* rand: avoid uninitialized loadavg warnings
* cli: include alloca on illumos / solaris / sunos
* Update git_array allocator to obey strict aliasing rules
* tree: avoid mixed signedness comparison by AATTethomson in
* Sun Mar 24 2024 Andreas Stieger - update to 1.8.0:
* Simplified commit creation (git_commit_create_from_stage)
* Worktree improvements for better compatibility with core git
* ABI breaking channge: Add WORKTREE configuration level. GIT_CONFIG_LEVEL_WORKTREE level t priority 6, GIT_CONFIG_LEVEL_APP now begins at priority 7.
* ABI breaking change: git_config_entry structure change
* ABI breaking change: git_push_options includes remote push options- the optional, experimental support for invoking OpenSSH remains disabled in this package
* Wed Feb 07 2024 Andreas Stieger - update to 1.7.2:
* CVE-2024-24575: infinite loop condition given specially crafted inputs (boo#1219664)
* CVE-2024-24577: arbitrary code execution due to heap corruption in git_index_add (boo#1219660)
* Fix a bug in the smart transport negotiation could have caused an out-of-bounds read when a remote server did not advertise capabilities.
* Tue Aug 15 2023 Andreas Stieger - update to 1.7.1:
* proxy: Return an error for invalid proxy URLs instead of crashing
* ssh: fix known_hosts leak in _git_ssh_setup_conn
* repository: make cleanup safe for re-use with grafts
* fix: Add missing include for oidarray
* Revert \"CMake: Search for ssh2 instead of libssh2.\"
* Wed Jul 19 2023 Andreas Stieger - update to 1.7.0:
* supports shallow clone and shallow repositories
* Simplify custom pluggable allocator (breaking change)
* repo: honor environment variables for more scenarios
* Introduce timeouts on sockets
* some performance improvements and bug fixes
* Wed Apr 12 2023 Andreas Stieger - Update to 1.6.4:
* config: return GIT_ENOTFOUND for missing programdata- move experimental cli into libgit2-tools as intended
* Tue Mar 21 2023 Paolo Stivanin - Update to 1.6.3:
* odb: restore git_odb_open by AATTethomson in #6520
* Ensure that git_index_add_all handles ignored directories by AATTethomson in #6521
* pack: use 64 bits for the number of objects by AATTcarlosmn in #6530- Drop restore-git-odb-open.patch
* Tue Mar 21 2023 Daniel Garcia - Add restore-git-odb-open.patch, some code was removed by error upstream and they fix it after the release. gh#libgit2/libgit2AATTe1e0d77c6f15
* Tue Mar 07 2023 Andreas Stieger - libgit2 1.6.2:
* Support the notion of a home directory separately from global configuration directory
* stash: partial stash specific files
* push: revpars refspec source, so user can push things that are not refs
* Support OpenSSL 3
* Many bug fixes- Not enabled: experimental SHA256 support for bare repositories
* Sun Feb 26 2023 Andreas Stieger - update to 1.5.2:
* Improve SSH key handling functionality: examine all keys in known_hosts files for matches, to support remote hosts with multiple key types
* Sat Jan 21 2023 Dirk Müller - update to 1.5.1:
* This is a security release to address CVE-2023-22742: when compiled using the optional, included libssh2 backend, libgit2 fails to verify SSH keys by default. boo#1207364
* When using an SSH remote with the optional, included libssh2 backend, libgit2 does not perform certificate checking by default. Prior versions of libgit2 require the caller to set the `certificate_check` field of libgit2\'s `git_remote_callbacks` structure - if a certificate check callback is not set, libgit2 does not perform any certificate checking. This means that by default - without configuring a certificate check callback, clients will not perform validation on the server SSH keys and may be subject to a man-in-the-middle attack.
* Wed Dec 21 2022 Dominique Leuenberger - Drop baselibs.conf: there is no known consumer of the -32bit package.
* Thu Jul 14 2022 Andreas Stieger - update to 1.5.0:
* add the basis for an experimental CLI
* continue prepare for SHA256 support
* add a benchmarking utility
* Tue Jul 12 2022 Andreas Stieger - update to 1.4.4 (bsc#1198234)
* Compatibility with git\'s changes to address CVE-2022-29187. As a follow up to CVE 2022-24765, now not only is the working directory of a non-bare repository examined for its ownership, but the .git directory and the .git file (if present) are also examined for their ownership [boo#1201431]
* A fix for compatibility with git\'s (new) behavior for CVE 2022-24765 allows users on POSIX systems to access a git repository that is owned by them when they are running in sudo- enable reproducible builds
* Wed Apr 13 2022 Andreas Stieger - update to 1.4.3:
* compatibility with git\'s changes for CVE-2022-24765 boo#1187234
* several correctness fixes where invalid input can lead to a crash and denial of service
* Thu Mar 17 2022 Andreas Stieger - update to 1.4.2:
* remote: do store the update_tips callback error value
* Sat Feb 19 2022 Andreas Stieger - update to 1.4.1:
* improve compatibility with git
* some deprecated API, ABI has changed
* multiple bug fixes and developer visible changes- build with system PCRE2- remove http-parser build dependency, bundled lib has fixes
* Wed Oct 20 2021 Matej Cepl - Update to 1.3.0: - This release includes only minor new features that will be helpful for users to have an orderly transition to the v2.0 lineage. - Complete list is available on https://github.com/libgit2/libgit2/blob/main/docs/changelog.md#v13
* Thu Sep 02 2021 Andreas Stieger - update to 1.2.0:
* Add support for commit graphs
* Add support for multi-pack indexes
* And core.longpaths support
* Add support for additional SSH hostkey types
* Add NO_PROXY environment variable support
* Developer visible changes and bug fixes
* Fri Jul 16 2021 Dirk Müller - update to 1.1.1:
* Fixes a bug where decompressing packfiles could fail in rare instances.
* Ensure worktree paths are validated in more cases.
* Builds without thread-safety (`THREADSAFE=OFF`) are supported again.
* Builds without mmap (`NO_MMAP`) are supported again.
* mbedTLS is supported in non-default locations.
* Malformed branch names or missing branches on remotes are ignored.
* Use compiler intrinsics to detect arithmetic overflows in more cases.
* The configuration cache functions properly on systems with strict alignment.
* A missing options initializer function (`git_blob_filter_options_init`) was added for `git_blob_filter_options`.
* Several documentation fixes.
  
ICM