UNCLASSIFIED - NO CUI

Update dependency libgit2/libgit2 to v1.9.2

POPs Triggerrequested to merge
renovate/libgit2-libgit2-1.x into development

This MR contains the following updates:

Package Type Update Change
libgit2/libgit2 ironbank-github patch v1.9.1 -> v1.9.2

Release Notes

libgit2/libgit2 (libgit2/libgit2)

v1.9.2: libgit2 v1.9.2

Compare Source

v1.9.2

🔒 This is a security release with multiple changes.

  • A bug in the external SSH execution is fixed that could cause arbitrary command execution. Remote repository names were improperly sent to the shell without quoting. Arguments to the external SSH command are now sent parameterized.

  • A bug in SSH credential creation is fixed that could cause a buffer overflow. Public keys that are not NUL terminated were improperly zeroed. The given length of public keys is now honored.

The libgit2 project thanks @​0xkato and @​bakersdozen123 for finding the bugs and providing details and reproduction steps.

All users of the v1.9 release line are recommended to upgrade.

Full Changelog: https://github.com/libgit2/libgit2/compare/v1.9.1...v1.9.2

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

♻️ Rebasing: Whenever MR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this MR and you won't be reminded about this update again.

  • If you want to rebase/retry this MR, check this box

This MR has been generated by Renovate Bot.

Merge request reports

UNCLASSIFIED - NO CUI