From e4cba794784e9a76965641c1b2c3e59290c8c2ff Mon Sep 17 00:00:00 2001
From: Weihang Lo <me@weihanglo.tw>
Date: Tue, 6 Feb 2024 16:08:39 -0500
Subject: [PATCH 1/2] chore: update libgit2 submodule to 1.7.2

libgit2 v1.7.2 includes two CVE fixes:

* CVE-2024-24575: https://github.com/libgit2/libgit2/security/advisories/GHSA-54mf-x2rh-hq9v
* CVE-2024-24577: https://github.com/libgit2/libgit2/security/advisories/GHSA-j2v7-4f6v-gpg8
---
 CHANGELOG.md             | 8 ++++++++
 Cargo.toml               | 4 ++--
 README.md                | 4 ++--
 libgit2-sys/CHANGELOG.md | 3 +++
 libgit2-sys/Cargo.toml   | 2 +-
 libgit2-sys/build.rs     | 2 +-
 libgit2-sys/libgit2      | 2 +-
 7 files changed, 18 insertions(+), 7 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index efdcfcace5..e0176e5836 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,5 +1,13 @@
 # Changelog
 
+## 0.18.2 - 2024-02-06
+[0.18.1...0.18.2](https://github.com/rust-lang/git2-rs/compare/git2-0.18.1...git2-0.18.2)
+
+### Changed
+
+- Updated to libgit2 [1.7.2](https://github.com/libgit2/libgit2/releases/tag/v1.7.2).
+  [#1017](https://github.com/rust-lang/git2-rs/pull/1017)
+
 ## 0.18.1 - 2023-09-20
 [0.18.0...0.18.1](https://github.com/rust-lang/git2-rs/compare/git2-0.18.0...git2-0.18.1)
 
diff --git a/Cargo.toml b/Cargo.toml
index 316e28b0fc..76c4a62f48 100644
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -1,6 +1,6 @@
 [package]
 name = "git2"
-version = "0.18.1"
+version = "0.18.2"
 authors = ["Josh Triplett <josh@joshtriplett.org>", "Alex Crichton <alex@alexcrichton.com>"]
 license = "MIT OR Apache-2.0"
 readme = "README.md"
@@ -20,7 +20,7 @@ url = "2.0"
 bitflags = "2.1.0"
 libc = "0.2"
 log = "0.4.8"
-libgit2-sys = { path = "libgit2-sys", version = "0.16.0" }
+libgit2-sys = { path = "libgit2-sys", version = "0.16.2" }
 
 [target."cfg(all(unix, not(target_os = \"macos\")))".dependencies]
 openssl-sys = { version = "0.9.45", optional = true }
diff --git a/README.md b/README.md
index ba75127acc..46b56b022f 100644
--- a/README.md
+++ b/README.md
@@ -6,7 +6,7 @@ libgit2 bindings for Rust.
 
 ```toml
 [dependencies]
-git2 = "0.18.1"
+git2 = "0.18.2"
 ```
 
 ## Rust version requirements
@@ -16,7 +16,7 @@ stable release as well.
 
 ## Version of libgit2
 
-Currently this library requires libgit2 1.7.1 (or newer patch versions). The
+Currently this library requires libgit2 1.7.2 (or newer patch versions). The
 source for libgit2 is included in the libgit2-sys crate so there's no need to
 pre-install the libgit2 library, the libgit2-sys crate will figure that and/or
 build that for you.
diff --git a/libgit2-sys/CHANGELOG.md b/libgit2-sys/CHANGELOG.md
index 5f159825f5..fb6a0c8a59 100644
--- a/libgit2-sys/CHANGELOG.md
+++ b/libgit2-sys/CHANGELOG.md
@@ -1,5 +1,8 @@
 # Changelog
 
+## 0.16.2+1.7.2 - 2024-02-06
+[0.16.1...0.16.2](https://github.com/rust-lang/git2-rs/compare/libgit2-sys-0.16.1+1.7.1...libgit2-sys-0.16.2+1.7.2)
+
 ## 0.16.1+1.7.1 - 2023-08-28
 [0.16.0...0.16.1](https://github.com/rust-lang/git2-rs/compare/libgit2-sys-0.16.0+1.7.1...libgit2-sys-0.16.1+1.7.1)
 
diff --git a/libgit2-sys/Cargo.toml b/libgit2-sys/Cargo.toml
index 78888b9ee6..67eaf8dc8e 100644
--- a/libgit2-sys/Cargo.toml
+++ b/libgit2-sys/Cargo.toml
@@ -1,6 +1,6 @@
 [package]
 name = "libgit2-sys"
-version = "0.16.1+1.7.1"
+version = "0.16.2+1.7.2"
 authors = ["Josh Triplett <josh@joshtriplett.org>", "Alex Crichton <alex@alexcrichton.com>"]
 links = "git2"
 build = "build.rs"
diff --git a/libgit2-sys/build.rs b/libgit2-sys/build.rs
index b497005832..88fce00d6e 100644
--- a/libgit2-sys/build.rs
+++ b/libgit2-sys/build.rs
@@ -7,7 +7,7 @@ use std::process::Command;
 /// Tries to use system libgit2 and emits necessary build script instructions.
 fn try_system_libgit2() -> Result<pkg_config::Library, pkg_config::Error> {
     let mut cfg = pkg_config::Config::new();
-    match cfg.range_version("1.7.1".."1.8.0").probe("libgit2") {
+    match cfg.range_version("1.7.2".."1.8.0").probe("libgit2") {
         Ok(lib) => {
             for include in &lib.include_paths {
                 println!("cargo:root={}", include.display());
diff --git a/libgit2-sys/libgit2 b/libgit2-sys/libgit2
index a2bde63741..a418d9d4ab 160000
--- a/libgit2-sys/libgit2
+++ b/libgit2-sys/libgit2
@@ -1 +1 @@
-Subproject commit a2bde63741977ca0f4ef7db2f609df320be67a08
+Subproject commit a418d9d4ab87bae16b87d8f37143a4687ae0e4b2

From e10093eacfaa33467bf04ccfb3a089a318eeaa6a Mon Sep 17 00:00:00 2001
From: Eric Huss <eric@huss.org>
Date: Tue, 6 Feb 2024 19:09:22 -0800
Subject: [PATCH 2/2] Add link to libgit2 in sys changelog.

---
 libgit2-sys/CHANGELOG.md | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/libgit2-sys/CHANGELOG.md b/libgit2-sys/CHANGELOG.md
index fb6a0c8a59..236faecd9c 100644
--- a/libgit2-sys/CHANGELOG.md
+++ b/libgit2-sys/CHANGELOG.md
@@ -3,6 +3,9 @@
 ## 0.16.2+1.7.2 - 2024-02-06
 [0.16.1...0.16.2](https://github.com/rust-lang/git2-rs/compare/libgit2-sys-0.16.1+1.7.1...libgit2-sys-0.16.2+1.7.2)
 
+- Updated to libgit2 [1.7.2](https://github.com/libgit2/libgit2/releases/tag/v1.7.2).
+  [#1017](https://github.com/rust-lang/git2-rs/pull/1017)
+
 ## 0.16.1+1.7.1 - 2023-08-28
 [0.16.0...0.16.1](https://github.com/rust-lang/git2-rs/compare/libgit2-sys-0.16.0+1.7.1...libgit2-sys-0.16.1+1.7.1)