On Wed, Jun 01, 2016 at 01:39:01PM +0900, Jason A. Donenfeld wrote:
> Does that vuln apply to our usage of libgit?
Yes, I think CVE-2016-2315 affects anything that uses libgit's tree
reading code.
___
CGit mailing list
CGit@lists.zx2c4.com
Does that vuln apply to our usage of libgit?
___
CGit mailing list
CGit@lists.zx2c4.com
http://lists.zx2c4.com/mailman/listinfo/cgit
On Fri, Mar 18, 2016 at 11:21:56PM +0100, Jason A. Donenfeld wrote:
> Yes, I'll try to get that done this weekend.
Any chance you could tag a new release in June? The latest cgit
release (0.12) still contains a git version (2.7.0) with known
security vulnerabilities.
Thanks,
Peter
From: Christian Hesse
Update to git version v2.7.4, no changes required.
Signed-off-by: Christian Hesse
---
Makefile | 2 +-
git | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/Makefile b/Makefile
index c01701c..87d82b6 100644
---