diff options
| author | Edward Thomson <ethomson@edwardthomson.com> | 2019-08-05 00:11:54 +0100 |
|---|---|---|
| committer | Edward Thomson <ethomson@edwardthomson.com> | 2019-08-05 12:04:02 +0100 |
| commit | bdfeb32feee4bb67d6dfa3593a3d67f5217c600d (patch) | |
| tree | bc0ac680beb290b0a164eccf1fb8e3b6ba510ab9 | |
| parent | 12bcc7a9f0cd7976af1e04007470d804fa4b4f34 (diff) | |
| download | libgit2-bdfeb32feee4bb67d6dfa3593a3d67f5217c600d.tar.gz | |
v0.27.9: update changelog for security release
| -rw-r--r-- | CHANGELOG.md | 15 |
1 files changed, 15 insertions, 0 deletions
diff --git a/CHANGELOG.md b/CHANGELOG.md index 29d1ae6d5..8398e5ab4 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,18 @@ +v0.27.9 +------- + +This is a security release fixing the following issues: + +* A carefully constructed commit object with a very large number + of parents may lead to potential out-of-bounds writes or + potential denial of service. + +* The ProgramData configuration file is always read for compatibility + with Git for Windows and Portable Git installations. The ProgramData + location is not necessarily writable only by administrators, so we + now ensure that the configuration file is owned by the administrator + or the current user. + v0.27.8 ------- |