A cross-platform, linkable library implementation of Git that you can use in your application.
This is a bugfix release to improve the SSH key handling functionality that was introduced in v1.4.5.
known_hosts file on Windows.known_hosts file for matches, to support remote hosts with multiple key types.All users of the v1.4 release line are recommended to upgrade.
libgit2, when compiled using the optional, included libssh2 backend, fails to verify SSH keys by default.
When using an SSH remote with the optional, included libssh2 backend, libgit2 does not perform certificate checking by default. Prior versions of libgit2 require the caller to set the certificate_check field of libgit2's git_remote_callbacks structure - if a certificate check callback is not set, libgit2 does not perform any certificate checking. This means that by default - without configuring a certificate check callback, clients will not perform validation on the server SSH keys and may be subject to a man-in-the-middle attack.
Beginning in libgit2 v1.4.5 and v1.5.1, libgit2 will now perform host key checking by default. Users can still override the default behavior using the certificate_check function.
The libgit2 security team would like to thank the Julia and Rust security teams for responsibly disclosing this vulnerability and assisting with fixing the vulnerability.
Users are encouraged to upgrade to v1.4.5 or v1.5.1.
libgit2, when compiled using the optional, included libssh2 backend, fails to verify SSH keys by default.
When using an SSH remote with the optional, included libssh2 backend, libgit2 does not perform certificate checking by default. Prior versions of libgit2 require the caller to set the certificate_check field of libgit2's git_remote_callbacks structure - if a certificate check callback is not set, libgit2 does not perform any certificate checking. This means that by default - without configuring a certificate check callback, clients will not perform validation on the server SSH keys and may be subject to a man-in-the-middle attack.
Beginning in libgit2 v1.4.5 and v1.5.1, libgit2 will now perform host key checking by default. Users can still override the default behavior using the certificate_check function.
The libgit2 security team would like to thank the Julia and Rust security teams for responsibly disclosing this vulnerability and assisting with fixing the vulnerability.
Users are encouraged to upgrade to v1.4.5 or v1.5.1.
This is release v1.5.0, "Stubentiger". This release adds the basis for an experimental CLI, continues preparing for SHA256 support, adds a benchmarking utility, and has numerous new features and bugfixes.
clone support to the CLI @ethomson in https://github.com/libgit2/libgit2/pull/6274
git_transport_smart_remote_connect_options by @lhchavez in https://github.com/libgit2/libgit2/pull/6278
find_system_dirs does not return GIT_ENOTFOUND by @ethomson in https://github.com/libgit2/libgit2/pull/6228
Full Changelog: https://github.com/libgit2/libgit2/compare/v1.4.0...v1.5.0
🔒 This is a security release with multiple changes.
This provides compatibility with git's changes to address CVE 2022-29187. As a follow up to CVE 2022-24765, now not only is the working directory of a non-bare repository examined for its ownership, but the .git directory and the .git file (if present) are also examined for their ownership.
A fix for compatibility with git's (new) behavior for CVE 2022-24765 allows users on POSIX systems to access a git repository that is owned by them when they are running in sudo.
A fix for further compatibility with git's (existing) behavior for CVE 2022-24765 allows users on Windows to access a git repository that is owned by the Administrator when running with escalated privileges (using runas Administrator).
The bundled zlib is updated to v1.2.12, as prior versions had memory corruption bugs. It is not known that there is a security vulnerability in libgit2 based on these bugs, but we are updating to be cautious.
All users of the v1.4 release line are recommended to upgrade.
🔒 This is a security release with multiple changes.
This provides compatibility with git's changes to address CVE 2022-29187. As a follow up to CVE 2022-24765, now not only is the working directory of a non-bare repository examined for its ownership, but the .git directory and the .git file (if present) are also examined for their ownership.
A fix for compatibility with git's (new) behavior for CVE 2022-24765 allows users on POSIX systems to access a git repository that is owned by them when they are running in sudo.
A fix for further compatibility with git's (existing) behavior for CVE 2022-24765 allows users on Windows to access a git repository that is owned by the Administrator when running with escalated privileges (using runas Administrator).
The bundled zlib is updated to v1.2.12, as prior versions had memory corruption bugs. It is not known that there is a security vulnerability in libgit2 based on these bugs, but we are updating to be cautious.
All users of the v1.3 release line are recommended to upgrade.
🔒 This is a security release to provide compatibility with git's changes to address CVE 2022-24765.
libgit2 is not directly affected by this vulnerability, because libgit2 does not directly invoke any executable. But we are providing these changes as a security release for any users that use libgit2 for repository discovery and then also use git on that repository. In this release, we will now validate that the user opening the repository is the same user that owns the on-disk repository. This is to match git's behavior.
In addition, we are providing several correctness fixes where invalid input can lead to a crash. These may prevent possible denial of service attacks. At this time there are not known exploits to these issues.
Full list of changes:
All users of the v1.4 release line are recommended to upgrade.
Full Changelog: https://github.com/libgit2/libgit2/compare/v1.4.2...v1.4.3
🔒 This is a security release to provide compatibility with git's changes to address CVE 2022-24765.
libgit2 is not directly affected by this vulnerability, because libgit2 does not directly invoke any executable. But we are providing these changes as a security release for any users that use libgit2 for repository discovery and then also use git on that repository. In this release, we will now validate that the user opening the repository is the same user that owns the on-disk repository. This is to match git's behavior.
In addition, we are providing several correctness fixes where invalid input can lead to a crash. These may prevent possible denial of service attacks. At this time there are not known exploits to these issues.
Full list of changes:
All users of the v1.3 release line are recommended to upgrade.
🐞 This is a bugfix release with the following changes:
find_system_dirs does not return GIT_ENOTFOUND by @ethomson in https://github.com/libgit2/libgit2/pull/6228
All users of the v1.4 release line are recommended to upgrade.
🐞 This is a bugfix release with the following changes:
All users of the v1.4 release line are recommended to upgrade.
Full Changelog: https://github.com/libgit2/libgit2/compare/v1.4.0...v1.4.1