update git on -stable (CVE-2018-17456)

On Fri, 5 Oct 2018 23:22:45 +0200, Klemens Nanni <kn@openbsd.org> wrote:

> These releases fix a security flaw (CVE-2018-17456), which allowed an
> attacker to execute arbitrary code by crafting a malicious .gitmodules
> file in a project cloned with --recurse-submodules.

And here's a diff for -stable. OK?

Index: Makefile
===================================================================
RCS file: /cvs/ports/devel/git/Makefile,v
retrieving revision 1.187.2.1
diff -u -p -r1.187.2.1 Makefile
--- Makefile 4 Jun 2018 10:47:54 -0000 1.187.2.1
+++ Makefile 6 Oct 2018 18:23:30 -0000
@@ -4,7 +4,7 @@ COMMENT-main = GIT - Tree History Storag
COMMENT-svn = GIT - subversion interoperability tools
COMMENT-x11 = GIT - graphical tools

-V = 2.16.4
+V = 2.16.5
DISTNAME = git-${V}
PKGNAME-main = ${DISTNAME}
PKGNAME-svn = git-svn-${V}
Index: distinfo
===================================================================
RCS file: /cvs/ports/devel/git/distinfo,v
retrieving revision 1.142.2.1
diff -u -p -r1.142.2.1 distinfo
--- distinfo 4 Jun 2018 10:47:54 -0000 1.142.2.1
+++ distinfo 6 Oct 2018 18:23:30 -0000
@@ -1,4 +1,4 @@
-SHA256 (git-2.16.4.tar.gz) = 6HCevNo9eTzZM8pVAEgUlZu45vpRi1s39gLZiB5InS4=
-SHA256 (git-manpages-2.16.4.tar.gz) = bO4IVtt53t2uRTHG3ibJwJD7PT0OMS/WlX4eH4PJxmI=
-SIZE (git-2.16.4.tar.gz) = 7290813
-SIZE (git-manpages-2.16.4.tar.gz) = 678200
+SHA256 (git-2.16.5.tar.gz) = 6tmXwE/7iVUwpuKpbQBvW2KRnH20AUU8Q7Ur8NHcS0A=
+SHA256 (git-manpages-2.16.5.tar.gz) = jFaxu5oak9XLYHYzQ48rmdvAscV8hhs1pk6zl/QHiFg=
+SIZE (git-2.16.5.tar.gz) = 7290739
+SIZE (git-manpages-2.16.5.tar.gz) = 678201