{"update": {"autokarma": true, "autotime": true, "stable_karma": 3, "stable_days": 0, "unstable_karma": -3, "require_bugs": true, "require_testcases": true, "display_name": "", "notes": "- Update the git2 crate to version 0.18.2.\n- Update the libgit2-sys crate to version 0.16.2.\n\nVersion 0.16.2 of the libgit2-sys crate includes an update of the bundled copy of libgit2 to version 1.7.2 to address CVE-2024-24575 and CVE-2024-24577.\n\nSince the libgit2 bindings cause applications that use them to statically link libgit2, this update also includes rebuilds of all affected applications.", "type": "security", "status": "stable", "request": null, "severity": "high", "suggest": "unspecified", "locked": false, "pushed": true, "critpath": false, "critpath_groups": "", "close_bugs": true, "date_submitted": "2024-02-14 00:04:31", "date_modified": null, "date_approved": "2024-02-14 00:15:35", "date_testing": "2024-02-14 00:12:32", "date_stable": "2024-02-14 00:15:35", "alias": "FEDORA-2024-53685bdcb6", "test_gating_status": "ignored", "from_tag": "f40-build-side-83560", "date_pushed": "2024-02-14 00:15:35", "meets_testing_requirements": true, "url": "https://bodhi.stg.fedoraproject.org/updates/FEDORA-2024-53685bdcb6", "title": "rust-asyncgit-0.24.3-3.fc40 rust-bat-0.24.0-3.fc40 rust-cargo-c-0.9.28-4.fc40 rust-eza-0.17.3-2.fc40 rust-git-absorb-0.6.11-3.fc40 rust-git-delta-0.16.5-9.fc40 rust-git2-0.18.2-1.fc40 rust-gitui-0.24.3-4.fc40 rust-libgit2-sys-0.16.2-1.fc40 rust-lsd-1.0.0-3.fc40 rust-pore-0.1.10-3.fc40 rust-pretty-git-prompt-0.2.1-20.fc40 rust-shadow-rs-0.8.1-8.fc40 rust-silver-2.0.1-7.fc40 rust-tokei-12.1.2-8.fc40 rust-vergen-5.1.17-8.fc40", "version_hash": "373f9f9967cc636ee2611d76466717ac53598a13", "release": {"name": "F40", "long_name": "Fedora 40", "version": "40", "id_prefix": "FEDORA", "branch": "f40", "dist_tag": "f40", "stable_tag": "f40-updates", "testing_tag": "f40-updates-testing", "candidate_tag": "f40-updates-candidate", "pending_signing_tag": "f40-signing-pending", "pending_testing_tag": "f40-updates-testing-pending", "pending_stable_tag": "f40-updates-pending", "override_tag": "f40-override", "mail_template": "fedora_errata_template", "state": "current", "composed_by_bodhi": true, "create_automatic_updates": false, "package_manager": "dnf", "testing_repository": "updates-testing", "released_on": null, "eol": "2025-05-13", "critpath_mandatory_days_in_testing": 14, "mandatory_days_in_testing": 7, "critpath_min_karma": 2, "min_karma": 1, "setting_status": null}, "user": {"name": "decathorpe", "email": "decathorpe@gmail.com", "id": 388, "avatar": "https://seccdn.libravatar.org/avatar/67f4ac6a6b20752d6c2ff1f21b29d10c6fcdd05a35ffccdca789fe670dfc3efb?s=24&d=retro", "openid": "decathorpe.id.stg.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "provenpackager"}, {"name": "fedorabugs"}, {"name": "fedora-contributor"}, {"name": "packaging-committee"}, {"name": "pantheon-sig"}, {"name": "multimedia-sig"}, {"name": "ipausers"}, {"name": "libreoffice-sig"}, {"name": "rust-sig"}, {"name": "diversity-pride"}, {"name": "signed_fpca"}, {"name": "cosmic-sig"}, {"name": "trust admins"}, {"name": "fesco"}]}, "comments": [{"karma": 0, "karma_critpath": 0, "text": "This update's test gating status has been changed to 'waiting'.", "timestamp": "2024-02-14 00:04:32", "update_id": 588934, "user_id": 91, "id": 3407801, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.stg.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "This update's test gating status has been changed to 'ignored'.", "timestamp": "2024-02-14 00:04:52", "update_id": 588934, "user_id": 91, "id": 3407802, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.stg.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "This update's test gating status has been changed to 'waiting'.", "timestamp": "2024-02-14 00:12:32", "update_id": 588934, "user_id": 91, "id": 3407814, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.stg.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "This update's test gating status has been changed to 'ignored'.", "timestamp": "2024-02-14 00:12:32", "update_id": 588934, "user_id": 91, "id": 3407815, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.stg.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "This update has been submitted for stable by bodhi", "timestamp": "2024-02-14 00:15:38", "update_id": 588934, "user_id": 91, "id": 3407816, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.stg.fedoraproject.org", "groups": []}}], "builds": [{"nvr": "rust-asyncgit-0.24.3-3.fc40", "signed": true, "release_id": 76, "type": "rpm", "epoch": 0}, {"nvr": "rust-bat-0.24.0-3.fc40", "signed": true, "release_id": 76, "type": "rpm", "epoch": 0}, {"nvr": "rust-cargo-c-0.9.28-4.fc40", "signed": true, "release_id": 76, "type": "rpm", "epoch": 0}, {"nvr": "rust-eza-0.17.3-2.fc40", "signed": true, "release_id": 76, "type": "rpm", "epoch": 0}, {"nvr": "rust-git2-0.18.2-1.fc40", "signed": true, "release_id": 76, "type": "rpm", "epoch": 0}, {"nvr": "rust-git-absorb-0.6.11-3.fc40", "signed": true, "release_id": 76, "type": "rpm", "epoch": 0}, {"nvr": "rust-git-delta-0.16.5-9.fc40", "signed": true, "release_id": 76, "type": "rpm", "epoch": 0}, {"nvr": "rust-gitui-0.24.3-4.fc40", "signed": true, "release_id": 76, "type": "rpm", "epoch": 0}, {"nvr": "rust-libgit2-sys-0.16.2-1.fc40", "signed": true, "release_id": 76, "type": "rpm", "epoch": 0}, {"nvr": "rust-lsd-1.0.0-3.fc40", "signed": true, "release_id": 76, "type": "rpm", "epoch": 0}, {"nvr": "rust-pore-0.1.10-3.fc40", "signed": true, "release_id": 76, "type": "rpm", "epoch": 0}, {"nvr": "rust-pretty-git-prompt-0.2.1-20.fc40", "signed": true, "release_id": 76, "type": "rpm", "epoch": 0}, {"nvr": "rust-shadow-rs-0.8.1-8.fc40", "signed": true, "release_id": 76, "type": "rpm", "epoch": 0}, {"nvr": "rust-silver-2.0.1-7.fc40", "signed": true, "release_id": 76, "type": "rpm", "epoch": 0}, {"nvr": "rust-tokei-12.1.2-8.fc40", "signed": true, "release_id": 76, "type": "rpm", "epoch": 0}, {"nvr": "rust-vergen-5.1.17-8.fc40", "signed": true, "release_id": 76, "type": "rpm", "epoch": 0}], "bugs": [{"bug_id": 2263100, "title": "TRIAGE CVE-2024-24577 rust-libgit2-sys: libgit2: arbitrary code execution due to heap corruption in git_index_add [fedora-all]", "security": true, "parent": false, "feedback": [{"karma": 0, "comment_id": 3408653, "bug_id": 2263100, "comment": {"karma": 1, "karma_critpath": 0, "text": "", "timestamp": "2024-02-14 13:13:29", "update_id": 588935, "user_id": 4120, "id": 3408653, "testcase_feedback": [], "user": {"name": "atim", "email": "ego.cordatus@gmail.com", "id": 4120, "avatar": "https://seccdn.libravatar.org/avatar/8c3a317a13d88ca7421098b94cce0501c97ca2283e7139c4992df34f6218fb3b?s=24&d=retro", "openid": "atim.id.stg.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "rust-sig"}, {"name": "trust admins"}]}}}]}, {"bug_id": 2263105, "title": "TRIAGE CVE-2024-24575 rust-libgit2-sys: libgit2: potential infiniate loop condition in git_revparse_single [fedora-all]", "security": true, "parent": false, "feedback": [{"karma": 0, "comment_id": 3408653, "bug_id": 2263105, "comment": {"karma": 1, "karma_critpath": 0, "text": "", "timestamp": "2024-02-14 13:13:29", "update_id": 588935, "user_id": 4120, "id": 3408653, "testcase_feedback": [], "user": {"name": "atim", "email": "ego.cordatus@gmail.com", "id": 4120, "avatar": "https://seccdn.libravatar.org/avatar/8c3a317a13d88ca7421098b94cce0501c97ca2283e7139c4992df34f6218fb3b?s=24&d=retro", "openid": "atim.id.stg.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "rust-sig"}, {"name": "trust admins"}]}}}]}], "updateid": "FEDORA-2024-53685bdcb6", "karma": 0, "content_type": "rpm", "test_cases": []}, "can_edit": false, "ci_allowed": false}