CVE-2016-8568 * Read out-of-bounds in git_oid_nfmt: https://github.com/libgit2/libgit2/issues/3936 CVE-2016-8569 * DoS using a null pointer dereference in git_commit_message: https://github.com/libgit2/libgit2/issues/3937 Proposed patch: https://github.com/libgit2/libgit2/pull/3956
Created libgit2 tracking bugs for this issue: Affects: fedora-all [bug 1383212] Affects: epel-all [bug 1383213]