Security: Update to libgit2 1.7.2

Question

hoerup opened this issue 5 months ago · comments

libgit2 < 1.7.2 is vulnerable to CVE-2024-24577

Please update libgit2 in this project

Torben Hørup · Answer 1 · Mon Feb 26 2024 16:03:03 GMT+0800 (China Standard Time)

Torben Hørup · Answer 2 · Mon Feb 26 2024 18:57:49 GMT+0800 (China Standard Time)

Could you please also update https://www.nuget.org/packages/LibGit2Sharp.NativeBinaries and mark the packages vulnerable ?

Brandon Ording · Answer 3 · Tue Mar 19 2024 11:01:26 GMT+0800 (China Standard Time)

LibGit2Sharp 0.30.0 has been released and includes libgit2 1.7.2.