Skip to content

LibGit2Sharp v0.22.1
Compare
Choose a tag to compare
@ethomson ethomson released this 09 Jan 23:56
· 2 commits to maint/v0.22 since this release
v0.22.1
6edb028

This is a security release fixing two issues. The first one performs extra sanitization for some edge cases in the Git Smart Protocol which can lead to attempting to parse outside of the buffer.

The second fix affects the certificate check callback. It provides a valid parameter to indicate whether the native cryptographic library considered the certificate to be correct. This parameter is always 1/true before this fix leading to a possible MITM.

This does not affect you if you do not use the custom certificate callback or if you do not take this value into account.

A list of commits since the last release follows

6edb028 Update changelog for 0.22.1
8c1ba0b Update version to 0.22
ec52bb5 Update to libgit2 921e3a6
Assets 2
Loading