libgit2-devel-0.28.4-90.1.x86_64.rpm


Advertisement

Description

libgit2-devel - C git library

Property Value
Distribution openSUSE Tumbleweed
Repository GNOME Factory x86_64 + i586
Package filename libgit2-devel-0.28.4-90.1.x86_64.rpm
Package name libgit2-devel
Package version 0.28.4
Package release 90.1
Package architecture x86_64
Package type rpm
Category Development/Libraries/C and C++
Homepage https://libgit2.github.com/
License GPL-2.0 WITH GCC-exception-2.0
Maintainer -
Download size 196.40 KB
Installed size 828.90 KB
This package contains all necessary include files and libraries needed
to compile and develop applications that use libgit2.

Alternatives

Package Version Architecture Repository
libgit2-devel-0.28.4-117.8.i586.rpm 0.28.4 i586 GNOME Next
libgit2-devel-0.28.4-117.8.x86_64.rpm 0.28.4 x86_64 GNOME Next
libgit2-devel-0.28.4-91.8.i586.rpm 0.28.4 i586 GNOME Factory
libgit2-devel-0.28.4-1.1.i586.rpm 0.28.4 i586 openSUSE Oss
libgit2-devel-0.28.4-1.1.x86_64.rpm 0.28.4 x86_64 openSUSE Oss
libgit2-devel - - -

Requires

Name Value
/usr/bin/pkg-config -
libgit2-28 >= 0.28.4
pkgconfig(openssl) -
pkgconfig(zlib) -

Provides

Name Value
libgit2-devel = 0.28.4-90.1
libgit2-devel(x86-64) = 0.28.4-90.1
pkgconfig(libgit2) = 0.28.4

Download

Type URL
Mirror widehat.opensuse.org
Binary Package libgit2-devel-0.28.4-90.1.x86_64.rpm
Source Package libgit2-0.28.4-90.1.src.rpm

Install Howto

  1. Add the GNOME Factory repository:
    # zypper addrepo http://widehat.opensuse.org/repositories/GNOME:/Factory/openSUSE_Factory/ gnome-factory
  2. Install libgit2-devel rpm package:
    # zypper install libgit2-devel

Files

Path
/usr/include/git2.h
/usr/include/git2/annotated_commit.h
/usr/include/git2/apply.h
/usr/include/git2/attr.h
/usr/include/git2/blame.h
/usr/include/git2/blob.h
/usr/include/git2/branch.h
/usr/include/git2/buffer.h
/usr/include/git2/checkout.h
/usr/include/git2/cherrypick.h
/usr/include/git2/clone.h
/usr/include/git2/commit.h
/usr/include/git2/common.h
/usr/include/git2/config.h
/usr/include/git2/cred_helpers.h
/usr/include/git2/deprecated.h
/usr/include/git2/describe.h
/usr/include/git2/diff.h
/usr/include/git2/errors.h
/usr/include/git2/filter.h
/usr/include/git2/global.h
/usr/include/git2/graph.h
/usr/include/git2/ignore.h
/usr/include/git2/index.h
/usr/include/git2/indexer.h
/usr/include/git2/inttypes.h
/usr/include/git2/mailmap.h
/usr/include/git2/merge.h
/usr/include/git2/message.h
/usr/include/git2/net.h
/usr/include/git2/notes.h
/usr/include/git2/object.h
/usr/include/git2/odb.h
/usr/include/git2/odb_backend.h
/usr/include/git2/oid.h
/usr/include/git2/oidarray.h
/usr/include/git2/pack.h
/usr/include/git2/patch.h
/usr/include/git2/pathspec.h
/usr/include/git2/proxy.h
/usr/include/git2/rebase.h
/usr/include/git2/refdb.h
/usr/include/git2/reflog.h
/usr/include/git2/refs.h
/usr/include/git2/refspec.h
/usr/include/git2/remote.h
/usr/include/git2/repository.h
/usr/include/git2/reset.h
/usr/include/git2/revert.h
/usr/include/git2/revparse.h
/usr/include/git2/revwalk.h
/usr/include/git2/signature.h
/usr/include/git2/stash.h
/usr/include/git2/status.h
/usr/include/git2/stdint.h
/usr/include/git2/strarray.h
/usr/include/git2/submodule.h
/usr/include/git2/tag.h
/usr/include/git2/trace.h
/usr/include/git2/transaction.h
/usr/include/git2/transport.h
/usr/include/git2/tree.h
/usr/include/git2/types.h
/usr/include/git2/version.h
/usr/include/git2/worktree.h
/usr/include/git2/sys/alloc.h
/usr/include/git2/sys/commit.h
/usr/include/git2/sys/config.h
/usr/include/git2/sys/diff.h
/usr/include/git2/sys/filter.h
/usr/include/git2/sys/hashsig.h
/usr/include/git2/sys/index.h
/usr/include/git2/sys/mempack.h
/usr/include/git2/sys/merge.h
/usr/include/git2/sys/odb_backend.h
/usr/include/git2/sys/openssl.h
/usr/include/git2/sys/path.h
/usr/include/git2/sys/refdb_backend.h
/usr/include/git2/sys/reflog.h
/usr/include/git2/sys/refs.h
/usr/include/git2/sys/repository.h
/usr/include/git2/sys/stream.h
/usr/include/git2/sys/time.h
/usr/include/git2/sys/transport.h
/usr/lib64/libgit2.so
/usr/lib64/pkgconfig/libgit2.pc
/usr/share/doc/packages/libgit2-devel/
/usr/share/doc/packages/libgit2-devel/examples/CMakeLists.txt
/usr/share/doc/packages/libgit2-devel/examples/COPYING
/usr/share/doc/packages/libgit2-devel/examples/README.md
/usr/share/doc/packages/libgit2-devel/examples/add.c
/usr/share/doc/packages/libgit2-devel/examples/blame.c
/usr/share/doc/packages/libgit2-devel/examples/cat-file.c
/usr/share/doc/packages/libgit2-devel/examples/checkout.c
/usr/share/doc/packages/libgit2-devel/examples/common.c
/usr/share/doc/packages/libgit2-devel/examples/common.h
/usr/share/doc/packages/libgit2-devel/examples/describe.c
/usr/share/doc/packages/libgit2-devel/examples/diff.c
/usr/share/doc/packages/libgit2-devel/examples/for-each-ref.c
/usr/share/doc/packages/libgit2-devel/examples/general.c
/usr/share/doc/packages/libgit2-devel/examples/init.c
/usr/share/doc/packages/libgit2-devel/examples/log.c
/usr/share/doc/packages/libgit2-devel/examples/ls-files.c
/usr/share/doc/packages/libgit2-devel/examples/merge.c
/usr/share/doc/packages/libgit2-devel/examples/remote.c
/usr/share/doc/packages/libgit2-devel/examples/rev-list.c
/usr/share/doc/packages/libgit2-devel/examples/rev-parse.c
/usr/share/doc/packages/libgit2-devel/examples/showindex.c
/usr/share/doc/packages/libgit2-devel/examples/status.c
/usr/share/doc/packages/libgit2-devel/examples/tag.c
/usr/share/doc/packages/libgit2-devel/examples/network/Makefile
/usr/share/doc/packages/libgit2-devel/examples/network/clone.c
/usr/share/doc/packages/libgit2-devel/examples/network/common.c
/usr/share/doc/packages/libgit2-devel/examples/network/common.h
/usr/share/doc/packages/libgit2-devel/examples/network/fetch.c
/usr/share/doc/packages/libgit2-devel/examples/network/git2.c
/usr/share/doc/packages/libgit2-devel/examples/network/index-pack.c
/usr/share/doc/packages/libgit2-devel/examples/network/ls-remote.c
/usr/share/doc/packages/libgit2-devel/examples/test/test-rev-list.sh

Changelog

2019-12-11 - Andreas Stieger <andreas.stieger@gmx.de>
- libgit2 0.28.4:
* CVE-2019-1348: the fast-import stream command "feature
export-marks=path" allows writing to arbitrary file paths. As
libgit2 does not offer any interface for fast-import, it is not
susceptible to this vulnerability. (boo#1158785)
* CVE-2019-1349: by using NTFS 8.3 short names, backslashes or
alternate filesystreams, it is possible to cause submodules to
be written into pre-existing directories during a recursive
clone using git. As libgit2 rejects cloning into non-empty
directories by default, it is not susceptible to this
vulnerability. (boo#1158787)
* CVE-2019-1350: recursive clones may lead to arbitrary remote
code executing due to improper quoting of command line
arguments. As libgit2 uses libssh2, which does not require us
to perform command line parsing, it is not susceptible to this
vulnerability. (boo#1158788)
* CVE-2019-1351: Windows provides the ability to substitute
drive letters with arbitrary letters, including multi-byte
Unicode letters. To fix any potential issues arising from
interpreting such paths as relative paths, we have extended
detection of DOS drive prefixes to accomodate for such cases.
(boo#1158790)
* CVE-2019-1352: by using NTFS-style alternative file streams for
the ".git" directory, it is possible to overwrite parts of the
repository. While this has been fixed in the past for Windows,
the same vulnerability may also exist on other systems that
write to NTFS filesystems. We now reject any paths starting
with ".git:" on all systems. (boo#1158790)
* CVE-2019-1353: by using NTFS-style 8.3 short names, it was
possible to write to the ".git" directory and thus overwrite
parts of the repository, leading to possible remote code
execution. While this problem was already fixed in the past for
Windows, other systems accessing NTFS filesystems are
vulnerable to this issue too. We now enable NTFS protecions by
default on all systems to fix this attack vector. (boo#1158791)
* CVE-2019-1354: on Windows, backslashes are not a valid part of
a filename but are instead interpreted as directory separators.
As other platforms allowed to use such paths, it was possible
to write such invalid entries into a Git repository and was
thus an attack vector to write into the ".git" dierctory. We
now reject any entries starting with ".git" on all systems.
(boo#1158792)
* CVE-2019-1387: it is possible to let a submodule's git
directory point into a sibling's submodule directory, which may
result in overwriting parts of the Git repository and thus lead
to arbitrary command execution. As libgit2 doesn't provide any
way to do submodule clones natively, it is not susceptible to
this vulnerability. Users of libgit2 that have implemented
recursive submodule clones manually are encouraged to review
their implementation for this vulnerability. (boo#1158793)
2019-12-11 - Andreas Stieger <andreas.stieger@gmx.de>
- libgit2 0.28.3:
* A carefully constructed commit object with a very large number
of parents may have lead to out-of-bounds writes or potential
denial of service (boo#1158981)

See Also

Package Description
libgit2-glib-1_0-0-0.28.0.1-68.12.x86_64.rpm GLib wrapper library around libgit2
libgit2-glib-1_0-0-0.28.0.1-68.16.i586.rpm GLib wrapper library around libgit2
libgit2-glib-devel-0.28.0.1-68.12.x86_64.rpm Development files for libgit2-glib, a GLib wrapper library around libgit2
libgit2-glib-devel-0.28.0.1-68.16.i586.rpm Development files for libgit2-glib, a GLib wrapper library around libgit2
libgitg-1_0-0-3.32.1-65.14.x86_64.rpm Git repository viewer -- Library
libgitg-1_0-0-3.32.1-68.2.i586.rpm Git repository viewer -- Library
libgitg-devel-3.32.1-65.14.x86_64.rpm Git repository viewer -- Development Files
libgitg-devel-3.32.1-68.2.i586.rpm Git repository viewer -- Development Files
libgitg-ext-1_0-0-3.32.1-65.14.x86_64.rpm Git repository viewer -- Library
libgitg-ext-1_0-0-3.32.1-68.2.i586.rpm Git repository viewer -- Library
libgjs-devel-1.58.3-181.1.x86_64.rpm Development files for the GJS library
libgjs-devel-1.58.4-182.5.i586.rpm Development files for the GJS library
libgjs0-1.58.3-181.1.x86_64.rpm JavaScript bindings based on gobject-introspection and Mozilla
libgjs0-1.58.4-182.5.i586.rpm JavaScript bindings based on gobject-introspection and Mozilla
libglade-2_0-0-2.6.4-38.24.x86_64.rpm Glade Library Compatible with the GNOME 2.x Desktop Platform
Advertisement
Advertisement