diff options
-rw-r--r-- | gnu/local.mk | 1 | ||||
-rw-r--r-- | gnu/packages/patches/libgit2-use-after-free.patch | 24 | ||||
-rw-r--r-- | gnu/packages/version-control.scm | 7 |
3 files changed, 3 insertions, 29 deletions
diff --git a/gnu/local.mk b/gnu/local.mk index ff47777650..3fb8f168de 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -756,7 +756,6 @@ dist_patch_DATA = \ %D%/packages/patches/libgit2-0.25.1-mtime-0.patch \ %D%/packages/patches/libgdata-fix-tests.patch \ %D%/packages/patches/libgdata-glib-duplicate-tests.patch \ - %D%/packages/patches/libgit2-use-after-free.patch \ %D%/packages/patches/libjxr-fix-function-signature.patch \ %D%/packages/patches/libjxr-fix-typos.patch \ %D%/packages/patches/liboop-mips64-deplibs-fix.patch \ diff --git a/gnu/packages/patches/libgit2-use-after-free.patch b/gnu/packages/patches/libgit2-use-after-free.patch deleted file mode 100644 index 580af8781a..0000000000 --- a/gnu/packages/patches/libgit2-use-after-free.patch +++ /dev/null @@ -1,24 +0,0 @@ -This patch is taken from <https://github.com/libgit2/libgit2/pull/4122>; -we need it to fix the use-after-free error in 'git_commit_extract_signature' -reported at <https://github.com/libgit2/libgit2/issues/4118>. - -From ade0d9c658fdfc68d8046935f6908f033fe7a529 Mon Sep 17 00:00:00 2001 -From: Patrick Steinhardt <ps@pks.im> -Date: Mon, 13 Feb 2017 13:46:17 +0100 -Subject: [PATCH 3/3] commit: avoid possible use-after-free - -diff --git a/src/commit.c b/src/commit.c -index 89a4db1..05b70a9 100644 ---- a/src/commit.c -+++ b/src/commit.c -@@ -766,8 +766,9 @@ int git_commit_extract_signature(git_buf *signature, git_buf *signed_data, git_r - if (git_buf_oom(signature)) - goto oom; - -+ error = git_buf_puts(signed_data, eol+1); - git_odb_object_free(obj); -- return git_buf_puts(signed_data, eol+1); -+ return error; - } - - giterr_set(GITERR_OBJECT, "this commit is not signed"); diff --git a/gnu/packages/version-control.scm b/gnu/packages/version-control.scm index 2e17201a5f..fbaf8f2f29 100644 --- a/gnu/packages/version-control.scm +++ b/gnu/packages/version-control.scm @@ -334,7 +334,7 @@ everything from small to very large projects with speed and efficiency.") (define-public libgit2 (package (name "libgit2") - (version "0.25.1") + (version "0.26.0") (source (origin (method url-fetch) (uri (string-append "https://github.com/libgit2/libgit2/" @@ -342,9 +342,8 @@ everything from small to very large projects with speed and efficiency.") (file-name (string-append name "-" version ".tar.gz")) (sha256 (base32 - "1cdwcw38frc1wf28x5ppddazv9hywc718j92f3xa3ybzzycyds3s")) - (patches (search-patches "libgit2-use-after-free.patch" - "libgit2-0.25.1-mtime-0.patch")))) + "1fdk9yhwvl1w1z71ykzcvgh4nsf8scxcbclz5anh98zpplmhmisa")) + (patches (search-patches "libgit2-0.25.1-mtime-0.patch")))) (build-system cmake-build-system) (arguments `(#:phases |