765f70d59d
Fix two vulnerabilities related to SSH support:
* The external SSH execution code lacked shell quoting on repositories
name, resulting in arbitrary command execution.
* SSH public keys were zeroed by calling memset with the wrong length,
resulting in either buffer overflow or incomplete zeroing.
Release notes:
https://github.com/libgit2/libgit2/releases/tag/v1.9.2
Signed-off-by: Nicolas Cavallari <nicolas.cavallari@green-communications.fr>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit c4debc9909)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>