vulnerabilities from original libgit2 not fixed here

romkatv / libgit2

A cross-platform, linkable library implementation of Git that you can use in your application.

https://libgit2.org/

Other

7 stars 4 forks source link

Open dm9pZCAq opened 6 months ago

dm9pZCAq commented 6 months ago

there are few vulnerabilities which is fixed in original libgit2 which is still present in this fork: https://github.com/libgit2/libgit2/security

romkatv commented 6 months ago

This fork is used only by gitstatusd. These functions aren't used there.

dm9pZCAq commented 6 months ago

revparse is used but it looks like this part is before vulnerability is introduced

romkatv commented 6 months ago

Thanks for checking!