Bug 263684 - www/gitea: Update to 1.16.7 (fixes security vulnerabilities)
Summary: www/gitea: Update to 1.16.7 (fixes security vulnerabilities)
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: --- Affects Many People
Assignee: Dmitri Goutnik
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2022-04-30 14:32 UTC by Stefan Bethke
Modified: 2022-05-05 12:38 UTC (History)
1 user (show)

See Also:
stb: maintainer-feedback+
stb: merge-quarterly?

Attachments
patch to update the port to 1.16.6 (860 bytes, patch)
2022-04-30 14:32 UTC, Stefan Bethke 		no flags Details | Diff
patch to update gitea to 1.16.7 (860 bytes, patch)
2022-05-02 16:58 UTC, Stefan Bethke 		stb: maintainer-approval+
Details | Diff
minimal vuxml entry for gitea 1.16.7 (1.74 KB, patch)
2022-05-02 17:05 UTC, Stefan Bethke 		stb: maintainer-approval+
Details | Diff
Show Obsolete (1) View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Stefan Bethke 2022-04-30 14:32:15 UTC 
Created attachment 233606 [details]
patch to update the port to 1.16.6

Update gitea to 1.16.6

This release fixes a large number of bugs and contains some enhancements.

Release notes: https://blog.gitea.io/2022/04/gitea-1.16.6-is-released/
Comment 1 Stefan Bethke 2022-05-02 16:57:22 UTC 
Update gitea to 1.16.7

Release notes: https://github.com/go-gitea/gitea/releases/tag/v1.16.7
(eventually as well https://blog.gitea.io/2022/05/gitea-1.16.7-is-released/)
Comment 2 Stefan Bethke 2022-05-02 16:58:37 UTC 
Created attachment 233675 [details]
patch to update gitea to 1.16.7
Comment 3 Stefan Bethke 2022-05-02 17:05:05 UTC 
Created attachment 233676 [details]
minimal vuxml entry for gitea 1.16.7
Comment 4 Stefan Bethke 2022-05-02 17:05:59 UTC 
There is little information available on the vulnerability. I couldn't find anything apart from the GitHub PR.
Comment 5 commit-hook freebsd_committer freebsd_triage 2022-05-05 12:25:14 UTC 
A commit in branch main references this bug:

URL: https://cgit.FreeBSD.org/ports/commit/?id=beab28bbe67fe82aab3bc1c51638ba26c4a7d784

commit beab28bbe67fe82aab3bc1c51638ba26c4a7d784
Author:     Stefan Bethke <stb@lassitu.de>
AuthorDate: 2022-05-05 12:23:12 +0000
Commit:     Dmitri Goutnik <dmgk@FreeBSD.org>
CommitDate: 2022-05-05 12:23:12 +0000

    www/gitea: Update to 1.16.7

    Changes:        https://blog.gitea.io/2022/05/gitea-1.16.7-is-released/

    PR:             263684
    Security:       95ee401d-cc6a-11ec-9cfc-10c37b4ac2ea

 www/gitea/Makefile | 3 +--
 www/gitea/distinfo | 6 +++---
 2 files changed, 4 insertions(+), 5 deletions(-)
Comment 6 commit-hook freebsd_committer freebsd_triage 2022-05-05 12:38:18 UTC 
A commit in branch 2022Q2 references this bug:

URL: https://cgit.FreeBSD.org/ports/commit/?id=ce6d34a2603da06f5d9364daad580d72a1c535ff

commit ce6d34a2603da06f5d9364daad580d72a1c535ff
Author:     Stefan Bethke <stb@lassitu.de>
AuthorDate: 2022-05-05 12:23:12 +0000
Commit:     Dmitri Goutnik <dmgk@FreeBSD.org>
CommitDate: 2022-05-05 12:26:13 +0000

    www/gitea: Update to 1.16.7

    Changes:        https://blog.gitea.io/2022/05/gitea-1.16.7-is-released/

    PR:             263684
    Security:       95ee401d-cc6a-11ec-9cfc-10c37b4ac2ea
    (cherry picked from commit beab28bbe67fe82aab3bc1c51638ba26c4a7d784)

 www/gitea/Makefile | 3 +--
 www/gitea/distinfo | 6 +++---
 2 files changed, 4 insertions(+), 5 deletions(-)
Comment 7 Dmitri Goutnik freebsd_committer freebsd_triage 2022-05-05 12:38:40 UTC 
Committed, thanks!