libgit2: 0.24.3 -> 0.24.6

Fixes the following vulnerabilities:

  * CVE-2016-10128
  * CVE-2016-10129
  * CVE-2016-10130
  * CVE-2017-5338
  * CVE-2017-5339
This commit is contained in:
Franz Pletz 2017-01-11 06:50:54 +01:00
parent 3ecfab8819
commit c03bc57212
No known key found for this signature in database
GPG key ID: 846FDED7792617B4

View file

@ -1,13 +1,13 @@
{ stdenv, fetchurl, pkgconfig, cmake, zlib, python, libssh2, openssl, curl, http-parser, libiconv }:
stdenv.mkDerivation (rec {
version = "0.24.3";
version = "0.24.6";
name = "libgit2-${version}";
src = fetchurl {
name = "${name}.tar.gz";
url = "https://github.com/libgit2/libgit2/tarball/v${version}";
sha256 = "01jdp0i0nxhx8w2gjd75mwfy1d4z2c5xzz7q5jfypa6pkdi86dmh";
sha256 = "070jrv690bd5dq991lc32qfnai9ywvrjzsfgi3rcw6kw4l2ynxjr";
};
# TODO: `cargo` (rust's package manager) surfaced a serious bug in