From c03bc5721203d4952bc7c4b90efedeee4383780c Mon Sep 17 00:00:00 2001
From: Franz Pletz <fpletz@fnordicwalking.de>
Date: Wed, 11 Jan 2017 06:50:54 +0100
Subject: [PATCH] libgit2: 0.24.3 -> 0.24.6

Fixes the following vulnerabilities:

  * CVE-2016-10128
  * CVE-2016-10129
  * CVE-2016-10130
  * CVE-2017-5338
  * CVE-2017-5339
---
 pkgs/development/libraries/git2/default.nix | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/pkgs/development/libraries/git2/default.nix b/pkgs/development/libraries/git2/default.nix
index 2bd500b9efb..51e366ba29c 100644
--- a/pkgs/development/libraries/git2/default.nix
+++ b/pkgs/development/libraries/git2/default.nix
@@ -1,13 +1,13 @@
 { stdenv, fetchurl, pkgconfig, cmake, zlib, python, libssh2, openssl, curl, http-parser, libiconv }:
 
 stdenv.mkDerivation (rec {
-  version = "0.24.3";
+  version = "0.24.6";
   name = "libgit2-${version}";
 
   src = fetchurl {
     name = "${name}.tar.gz";
     url = "https://github.com/libgit2/libgit2/tarball/v${version}";
-    sha256 = "01jdp0i0nxhx8w2gjd75mwfy1d4z2c5xzz7q5jfypa6pkdi86dmh";
+    sha256 = "070jrv690bd5dq991lc32qfnai9ywvrjzsfgi3rcw6kw4l2ynxjr";
   };
 
   # TODO: `cargo` (rust's package manager) surfaced a serious bug in