Debian Package Tracker

general

source: libgit2 (main)
version: 0.26.0+dfsg.1-1.2
maintainer: Russell Sim [DMD] [dm]
arch: any
std-ver: 4.1.3
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

o-o-bpo: 0.21.1-3~bpo7+1
oldstable: 0.21.1-3
stable: 0.25.1+really0.24.6-1
testing: 0.26.0+dfsg.1-1.1
unstable: 0.26.0+dfsg.1-1.2
exp: 0.27.0+dfsg.1-0.5

versioned links

0.21.1-3~bpo7+1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
0.21.1-3: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
0.23.1-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
0.25.1+really0.24.6-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
0.26.0+dfsg.1-1.1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
0.26.0+dfsg.1-1.2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
0.27.0+dfsg.1-0.3: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
0.27.0+dfsg.1-0.4: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
0.27.0+dfsg.1-0.5: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

libgit2-26
libgit2-dev

action needed

A new upstream version is available: 0.27.2 high

A new upstream version 0.27.2 is available, you should consider packaging it.

Created: 2018-03-11 Last update: 2018-06-21 14:05

2 security issues in buster high

There are 2 open security issues in buster.

2 important issues:

CVE-2018-8098: Integer overflow in the index.c:read_entry() function while decompressing a compressed prefix length in libgit2 before v0.26.2 allows an attacker to cause a denial of service (out-of-bounds read) via a crafted repository index file.
CVE-2018-8099: Incorrect returning of an error code in the index.c:read_entry() function leads to a double free in libgit2 before v0.26.2, which allows an attacker to cause a denial of service via a crafted repository index file.

Please fix them.

Created: 2018-03-15 Last update: 2018-06-02 08:03

2 security issues in sid high

There are 2 open security issues in sid.

2 important issues:

CVE-2018-8098: Integer overflow in the index.c:read_entry() function while decompressing a compressed prefix length in libgit2 before v0.26.2 allows an attacker to cause a denial of service (out-of-bounds read) via a crafted repository index file.
CVE-2018-8099: Incorrect returning of an error code in the index.c:read_entry() function leads to a double free in libgit2 before v0.26.2, which allows an attacker to cause a denial of service via a crafted repository index file.

Please fix them.

Created: 2018-03-15 Last update: 2018-06-02 08:03

The package has not entered testing even though the delay is over normal

The package has not entered testing even though the 5-day delay is over. Check why.

Created: 2018-05-08 Last update: 2018-06-21 14:02

2 bugs tagged patch in the BTS normal

The BTS contains patches fixing 2 bugs, consider including or untagging them.

Created: 2018-03-15 Last update: 2018-06-21 13:40

lintian reports 3 warnings normal

Lintian reports 3 warnings about this package. You should make the package lintian clean getting rid of them.

Created: 2017-08-18 Last update: 2018-06-05 07:49

The URL(s) for this package had some recent persistent issues low

DUCK reports some issues concerning upstream URLs defined for this package.

Created: 2018-06-14 Last update: 2018-06-21 14:11

2 ignored security issues in stretch low

There are 2 open security issues in stretch.

2 issues skipped by the security teams:

CVE-2018-8098: Integer overflow in the index.c:read_entry() function while decompressing a compressed prefix length in libgit2 before v0.26.2 allows an attacker to cause a denial of service (out-of-bounds read) via a crafted repository index file.
CVE-2018-8099: Incorrect returning of an error code in the index.c:read_entry() function leads to a double free in libgit2 before v0.26.2, which allows an attacker to cause a denial of service via a crafted repository index file.

Please fix them.

Created: 2018-03-15 Last update: 2018-06-02 08:03

6 ignored security issues in jessie low

There are 6 open security issues in jessie.

6 issues skipped by the security teams:

CVE-2016-10129: The Git Smart Protocol support in libgit2 before 0.24.6 and 0.25.x before 0.25.1 allows remote attackers to cause a denial of service (NULL pointer dereference) via an empty packet line.
CVE-2016-8569: The git_oid_nfmt function in commit.c in libgit2 before 0.24.3 allows remote attackers to cause a denial of service (NULL pointer dereference) via a cat-file command with a crafted object file.
CVE-2018-8099: Incorrect returning of an error code in the index.c:read_entry() function leads to a double free in libgit2 before v0.26.2, which allows an attacker to cause a denial of service via a crafted repository index file.
CVE-2016-8568: The git_commit_message function in oid.c in libgit2 before 0.24.3 allows remote attackers to cause a denial of service (out-of-bounds read) via a cat-file command with a crafted object file.
CVE-2018-8098: Integer overflow in the index.c:read_entry() function while decompressing a compressed prefix length in libgit2 before v0.26.2 allows an attacker to cause a denial of service (out-of-bounds read) via a crafted repository index file.
CVE-2016-10128: Buffer overflow in the git_pkt_parse_line function in transports/smart_pkt.c in the Git Smart Protocol support in libgit2 before 0.24.6 and 0.25.x before 0.25.1 allows remote attackers to have unspecified impact via a crafted non-flush packet.

Please fix them.

Created: 2016-10-08 Last update: 2018-06-02 08:03

Build log checks report 1 warning low

Build log checks report 1 warning

Created: 2017-11-14 Last update: 2017-11-14 07:24

Standards version of the package is outdated. wishlist

The package should be updated to follow the last version of Debian Policy (Standards-Version 4.1.4 instead of 4.1.3).

Created: 2017-08-18 Last update: 2018-06-05 01:58

testing migrations

This package will soon be part of the auto-libgit2 transition. You might want to ensure that your package is ready for it. You can probably find supplementary information in the debian-release archives or in the corresponding release.debian.org bug.
excuses:
- 49 days old (5 needed)
- missing build on mipsel: libgit2-26, libgit2-dev (from 0.26.0+dfsg.1-1.1)
- Piuparts tested OK - https://piuparts.debian.org/sid/source/libg/libgit2.html
- autopkgtest for ktexteditor/5.46.0-1: amd64: Pass
- Not considered

news

[rss feed]

[2018-06-04] Accepted libgit2 0.27.0+dfsg.1-0.5 (source) into experimental (Pirate Praveen) (signed by: Praveen Arimbrathodiyil)
[2018-05-26] Accepted libgit2 0.27.0+dfsg.1-0.4 (source) into experimental (John Paul Adrian Glaubitz)
[2018-05-26] Accepted libgit2 0.27.0+dfsg.1-0.3 (source) into experimental (Pirate Praveen) (signed by: Praveen Arimbrathodiyil)
[2018-05-24] Accepted libgit2 0.27.0+dfsg.1-0.2 (source) into experimental (Pirate Praveen) (signed by: Praveen Arimbrathodiyil)
[2018-05-12] Accepted libgit2 0.27.0+dfsg.1-0.1 (source amd64) into experimental, experimental (Pirate Praveen) (signed by: Praveen Arimbrathodiyil)
[2018-05-02] Accepted libgit2 0.26.0+dfsg.1-1.2 (source) into unstable (Nicolas Braud-Santoni) (signed by: Stefano Rivera)
[2017-09-19] libgit2 0.26.0+dfsg.1-1.1 MIGRATED to testing (Debian testing watch)
[2017-09-14] Accepted libgit2 0.26.0+dfsg.1-1.1 (source) into unstable (Ximin Luo)
[2017-08-17] Accepted libgit2 0.26.0+dfsg.1-1 (amd64 source) into experimental, experimental (Russell Sim) (signed by: Ximin Luo)
[2017-05-28] libgit2 0.25.1+really0.24.6-1 MIGRATED to testing (Debian testing watch)
[2017-05-21] Accepted libgit2 0.25.1+really0.24.6-1 (source amd64) into unstable (Russell Sim)
[2017-05-20] Accepted libgit2 0.25.1-2 (source amd64) into unstable (Russell Sim)
[2017-05-02] Accepted libgit2 0.25.1-1 (source amd64) into experimental, experimental (Russell Sim) (signed by: Ximin Luo)
[2017-01-05] libgit2 0.24.5-1 MIGRATED to testing (Debian testing watch)
[2017-01-02] Accepted libgit2 0.24.5-1 (source amd64) into unstable (Russell Sim)
[2016-11-10] libgit2 0.24.2-2 MIGRATED to testing (Debian testing watch)
[2016-11-04] Accepted libgit2 0.24.2-2 (source amd64) into unstable (Russell Sim)
[2016-10-27] Accepted libgit2 0.24.2-1 (source amd64) into experimental (Russell Sim)
[2016-04-19] libgit2 0.24.1-2 MIGRATED to testing (Debian testing watch)
[2016-04-13] Accepted libgit2 0.24.1-2 (source amd64) into unstable (Andreas Henriksson)
[2016-04-12] Accepted libgit2 0.24.1-1 (source amd64) into experimental (Andreas Henriksson)
[2016-04-11] Accepted libgit2 0.24.0-2 (source amd64) into experimental (Andreas Henriksson)
[2016-04-11] Accepted libgit2 0.24.0-1 (source amd64) into experimental, experimental (Andreas Henriksson)
[2016-03-28] libgit2 0.23.1-1.1 MIGRATED to testing (Debian testing watch)
[2016-03-26] Accepted libgit2 0.23.1-1.1 (source) into unstable (Josh Triplett) (signed by: David Bremner)
[2015-09-14] libgit2 0.23.1-1 MIGRATED to testing (Britney)
[2015-09-08] Accepted libgit2 0.23.1-1 (source amd64) into unstable, unstable (Russell Sim) (signed by: Michael Stapelberg)
[2015-05-31] Accepted libgit2 0.22.2-2 (source) into unstable (Russell Sim) (signed by: Jonathan Wiltshire)
[2015-05-21] Accepted libgit2 0.22.2-1 (source amd64) into unstable, unstable (Russell Sim) (signed by: Michael Stapelberg)
[2015-04-27] libgit2 0.21.3-1.1 MIGRATED to testing (Britney)

bugs [bug history graph]

all: 6
RC: 3
I&N: 3
M&W: 0
F&P: 0

links

homepage
lintian (0, 3)
buildd: logs, exp, checks, clang, reproducibility
popcon
browse source code
edit tags
security tracker

ubuntu

[Information about Ubuntu for Debian Developers]

version: 0.26.0+dfsg.1-1.2build1
3 bugs