This update for libgit2 fixes the several issues.
These security issues were fixed:
- CVE-2016-10128: Additional sanitization prevent some edge cases in the Git Smart Protocol which can lead to reading outside of a buffer (bsc#1019036).
- CVE-2016-10129: Additional sanitization prevent some edge cases in the Git Smart Protocol which can lead to reading outside of a buffer (bsc#1019036).
- CVE-2016-10130: When using the custom certificate callback or when using pygit2 or git2go a attacker could have caused an invalid certificate to be accepted (bsc#1019037).
- CVE-2017-5338: When using the custom certificate callback or when using pygit2 or git2go a attacker could have caused an invalid certificate to be accepted (bsc#1019037).
- CVE-2017-5339: When using the custom certificate callback or when using pygit2 or git2go a attacker could have caused an invalid certificate to be accepted (bsc#1019037).
This update was imported from the SUSE:SLE-12-SP2:Update update project.
- Submitted by Scott Reeves (sreeves1)