Eclipse JGit: Java implementation of Git 7.2.1 | projects.eclipse.org

7.2.1

Description

Bug Fixes

#157 Fix package name of spring boot JarLauncher class in jgit.sh

Security Fixes

The following changes fix CVE-2025-4949:

ManifestParser: Do not accept DOCTYPE and entities to harden XML parser
AmazonS3: Do not accept DOCTYPE and entities to harden XML parser

Kudos to Simon Gerst for reporting this vulnerability.

Conforms To UI/UX Guidelines

Not verified

Subprojects included with this release

Eclipse JGit: Java implementation of Git

Back to the top