Information on source package libgit2

Available versions

ReleaseVersion
jessie0.21.1-3
jessie (security)0.21.1-3+deb8u1
stretch0.25.1+really0.24.6-1
buster0.27.7+dfsg.1-0.2
bullseye0.28.3+dfsg.1-1
sid0.28.3+dfsg.1-1

Open issues

BugjessiestretchbusterbullseyesidDescription
CVE-2018-8099vulnerable (no DSA)vulnerable (no DSA)fixedfixedfixedIncorrect returning of an error code in the index.c:read_entry() funct ...
CVE-2018-8098vulnerable (no DSA)vulnerable (no DSA)fixedfixedfixedInteger overflow in the index.c:read_entry() function while decompress ...
CVE-2018-15501fixedvulnerable (no DSA)fixedfixedfixedIn ng_pkt in transports/smart_pkt.c in libgit2 before 0.26.6 and 0.27. ...
CVE-2018-10888fixedvulnerable (no DSA)fixedfixedfixedA flaw was found in libgit2 before version 0.27.3. A missing check in ...
CVE-2018-10887fixedvulnerable (no DSA)fixedfixedfixedA flaw was found in libgit2 before version 0.27.3. It has been discove ...
CVE-2016-8569vulnerable (no DSA)fixedfixedfixedfixedThe git_oid_nfmt function in commit.c in libgit2 before 0.24.3 allows ...
CVE-2016-8568vulnerable (no DSA)fixedfixedfixedfixedThe git_commit_message function in oid.c in libgit2 before 0.24.3 allo ...
CVE-2016-10129vulnerable (no DSA)fixedfixedfixedfixedThe Git Smart Protocol support in libgit2 before 0.24.6 and 0.25.x bef ...
CVE-2016-10128vulnerable (no DSA)fixedfixedfixedfixedBuffer overflow in the git_pkt_parse_line function in transports/smart ...

Resolved issues

BugDescription
CVE-2016-10130The http_connect function in transports/http.c in libgit2 before 0.24. ...
CVE-2014-9390arbitrary command execution vulnerability on case-insensitive file systems

Security announcements

DSA / DLADescription
DLA-1477-1libgit2 - security update

Search for package or bug name: Reporting problems