Git + .NET = ❤
This is a security release fixing a number of possible security issues, including hardening validation for submodule validation to help protect against CVE 2018-17456, and a number of possible errors found by fuzzing the libgit2 native library.
This release includes libgit2 v0.27.5.
This release includes all the changes from the previous v0.25.1 release, and correctly updates the version number to v0.25.2.
The prior release, v0.25.1, would incorrectly claim that it was an v0.25.0 prerelease when queried for its version. v0.25.1 was not available as a NuGet package for this reason.
There are no changes from v0.25.1 other than the version number update.
This is a security release fixing insufficient validation of submodule names (CVE-2018-11235, reported by Etienne Stalmans) and disallows .gitmodules
files as symlinks. This includes libgit2 v0.27.1, whose release notes follow.
While submodule names come from the untrusted .gitmodules
file, we blindly append the name to $GIT_DIR/modules
to construct the final path of the submodule repository. In case the name contains e.g. ../
, an adversary would be able to escape your repository and write data at arbitrary paths. In accordance with git, we now enforce some rules for submodule names which will cause libgit2 to ignore these malicious names.
Adding a symlink as .gitmodules into the index from the workdir or checking out such files is not allowed as this can make a Git implementation write outside of the repository and bypass the fsck checks for CVE-2018-11235.
libgit2 (and LibGit2Sharp) are not susceptible to CVE-2018-11233.
LibGit2Sharp is now .NET Core 2.0+ and .NET Framework compatible.
GitObject
now has a Peel
method that will let you peel (for example)
a Tag
to a Tree
.MergeOptions
now includes an option to IgnoreWhitespaceChanges
.TreeDefinition
can now Add
an object with only the ID, which allows
users of large files to add entries without realizing a Blob
.ObjectDatabase
can now Write
a Stream
, which allows users of
large files to stream an object into storage without loading it into
memory.ObjectDatabase
can now MergeCommitsIntoIndex
allowing users to perform
an in-memory merge that produces an Index
structure with conflicts.GlobalSettings.SetEnableStrictObjectCreation
ofs_delta
support with
GlobalSettings.SetEnableOfsDelta
StatusOptions.IncludeUntracked
and/or
the StatusOptions.RecurseUntrackedDirs
options.StatusOptions.IncludeIgnored
option.Commands.Pull
can now provide a null
value for PullOptions
,
which indicates that default values should be used.Notes
collection from a Repository
no longer throws an
exception when the repository has no notes.This is a security release fixing two issues. It updates libgit2's included zlib to 1.2.11, and includes a libgit2 fix for memory handling issues when reading crafted repository index files.
This is the last release before a moving to .NET Core compatible library.
It will be the last supported release with the prior architecture; as a result, this release is primarily bugfixes and does not include major new APIs.
This is a security release fixing two issues. The first one performs extra sanitization for some edge cases in the Git Smart Protocol which can lead to attempting to parse outside of the buffer.
The second fix affects the certificate check callback. It provides a valid parameter to indicate whether the native cryptographic library considered the certificate to be correct. This parameter is always 1/true before this fix leading to a possible MITM.
This does not affect you if you do not use the custom certificate callback or if you do not take this value into account.
A list of commits since the last release follows
6edb028 Update changelog for 0.22.1
8c1ba0b Update version to 0.22
ec52bb5 Update to libgit2 921e3a6
This is a security release fixing two issues. The first one performs extra sanitization for some edge cases in the Git Smart Protocol which can lead to attempting to parse outside of the buffer.
The second fix affects the certificate check callback. It provides a valid parameter to indicate whether the native cryptographic library considered the certificate to be correct. This parameter is always 1/true before this fix leading to a possible MITM.
This does not affect you if you do not use the custom certificate callback or if you do not take this value into account.
A list of commits since the last release follows
82d621c Merge pull request #1402 from libgit2/ethomson/0_23_1
097036d Update change log for 0.23.1
7f259c8 Update version number to 0.23.1
595938e Update LibGit2Sharp.NativeBinaries to 1.0.164
CherryPickCommit
and RevertCommit
to ObjectDatabase
.IncludeIgnored
field to SatusOptions
.Commit.CreateBuffer
to write a commit object to a buffer and
ObjectDatabase.CreateCommitWithSignature
to create commits which include a
signature.Commit.ExtractSignature
to get a commit's signature.ObjectDatabase.Write<T>
to write arbitrary objects to the object db.Commit.PrettifyMessage
lib
directory,
instead of NativeBinaries
for improved mono compatibility. In
addition, the names of platform architectures now better reflect
the vendor naming (eg, x86_64
instead of amd64
on Linux).QueryBy
overload with FollowFilter
.Branch.Remote
in favour of Branch.RemoteName
Remote
no longer implement the equality operator.Remote.Update
takes a remote name instead of an instance.Fetch
, Pull
, Move
, Remove
, Stage
are now in a commands namespace to
indicate what they represent.