From 8a9c19caf7beab76554fea239c4ba9a2d2ec95de Mon Sep 17 00:00:00 2001
From: Sergey Lukin <sergej.lukin@gmail.com>
Date: Thu, 26 Jan 2017 07:56:15 +0000
Subject: main/libgit2: security upgrade to 0.25.1 - fixes #6739

CVE-2016-10128: smart_pkt: verify packet length exceeds PKT_LEN_SIZE
CVE-2016-10129: smart_pkt: treat empty packet lines as error
CVE-2016-10130: http: check certificate validity before clobbering the error variable
---
 main/libgit2/libressl.patch | 12 ++++++++++++
 1 file changed, 12 insertions(+)
 create mode 100644 main/libgit2/libressl.patch

(limited to 'main/libgit2/libressl.patch')

diff --git a/main/libgit2/libressl.patch b/main/libgit2/libressl.patch
new file mode 100644
index 0000000000..967cdc4982
--- /dev/null
+++ b/main/libgit2/libressl.patch
@@ -0,0 +1,12 @@
+diff -ru src.orig/libgit2-0.25.1/src/openssl_stream.h src/libgit2-0.25.1/src/openssl_stream.h
+--- libgit2-0.25.1/src/copenssl_stream.h.orig
++++ libgit2-0.25.1/src/openssl_stream.h
+@@ -27,7 +27,7 @@
+ 
+ 
+ 
+-# if OPENSSL_VERSION_NUMBER < 0x10100000L
++# if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
+ 
+ GIT_INLINE(BIO_METHOD*) BIO_meth_new(int type, const char *name)
+ {
-- 
cgit v1.2.3