Open dm9pZCAq opened 6 months ago
there are few vulnerabilities which is fixed in original libgit2 which is still present in this fork: https://github.com/libgit2/libgit2/security
This fork is used only by gitstatusd. These functions aren't used there.
revparse is used but it looks like this part is before vulnerability is introduced
https://github.com/romkatv/libgit2/blob/2ecf33948a4df9ef45a66c68b8ef24a5e60eaac6/src/revparse.c#L773-L790
Thanks for checking!
there are few vulnerabilities which is fixed in original libgit2 which is still present in this fork: https://github.com/libgit2/libgit2/security