diff options
author | Edward Thomson <ethomson@edwardthomson.com> | 2019-08-05 00:32:11 +0100 |
---|---|---|
committer | Edward Thomson <ethomson@edwardthomson.com> | 2019-08-13 17:56:06 +0100 |
commit | df3f18acf0d4fae14f26c9de0c9675736aff0eb5 (patch) | |
tree | 3c8c2b7a8ecb7fec71c970f43a299b057941404c | |
parent | 57a9ccd5e21f8b98885e392f193ee6a7ead79172 (diff) | |
download | libgit2-df3f18acf0d4fae14f26c9de0c9675736aff0eb5.tar.gz |
changelog: include security updatesusers/ethomson/security_updates
-rw-r--r-- | docs/changelog.md | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/docs/changelog.md b/docs/changelog.md index e5eaf0794..563c5c9c8 100644 --- a/docs/changelog.md +++ b/docs/changelog.md @@ -22,6 +22,16 @@ v0.28 + 1 * libgit2 can now correctly cope with URLs where the host contains a colon but a port is not specified. (eg `http://example.com:/repo.git`). +* A carefully constructed commit object with a very large number + of parents may lead to potential out-of-bounds writes or + potential denial of service. + +* The ProgramData configuration file is always read for compatibility + with Git for Windows and Portable Git installations. The ProgramData + location is not necessarily writable only by administrators, so we + now ensure that the configuration file is owned by the administrator + or the current user. + v0.28 ----- |