Security Information

Information about security advisories affecting libgit2 and the releases that provide resolution.

In case you think to have found a security issue with libgit2, please do not open a public issue. Instead, you can report the issue to the private mailing list

As the index is never transferred via the network, exploitation requires an attacker to have access to the local repository.

This does not affect you if you rely on a system-installed version of zlib. All users of v0.26.0 who use the bundled zlib should upgrade to this release.