Bug 269707 - www/gitea: update to 1.18.4 (fixes security vulnerabilities)
Summary: www/gitea: update to 1.18.4 (fixes security vulnerabilities)
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: Normal Affects Many People
Assignee: Florian Smeets
URL: https://github.com/go-gitea/gitea/rel...
Keywords: security
Depends on:
Blocks:
 
Reported: 2023-02-20 07:45 UTC by Stefan Bethke
Modified: 2023-02-20 18:07 UTC (History)
4 users (show)

See Also:
stb: maintainer-feedback+
fluffy: merge-quarterly+

Attachments
Update port to gitea 1.18.4 (2.71 KB, patch)
2023-02-20 07:45 UTC, Stefan Bethke 		no flags Details | Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Stefan Bethke 2023-02-20 07:45:12 UTC 
Created attachment 240273 [details]
Update port to gitea 1.18.4

Update gitea to 1.18.4

This release fixes one security issue and two bugs.

Release notes: https://blog.gitea.io/2023/01/gitea-1.18.3-is-released/
Comment 1 Stefan Bethke 2023-02-20 07:46:59 UTC 
Sorry, that should read:

This release fixes two security issues and a large number of bugs.
Comment 2 Dima Panov freebsd_committer freebsd_triage 2023-02-20 09:34:46 UTC 
Merge to Q1 and vuxml entry, please
Comment 3 Florian Smeets freebsd_committer freebsd_triage 2023-02-20 09:36:25 UTC 
(In reply to Dima Panov from comment #2)
The patch does include a vuxml entry. I'm about to commit it.
Comment 4 commit-hook freebsd_committer freebsd_triage 2023-02-20 09:39:00 UTC 
A commit in branch main references this bug:

URL: https://cgit.FreeBSD.org/ports/commit/?id=55ec5c6ffa440e11cbca3a10aea87b56cbcd62c8

commit 55ec5c6ffa440e11cbca3a10aea87b56cbcd62c8
Author:     Stefan Bethke <stb@lassitu.de>
AuthorDate: 2023-02-20 09:34:49 +0000
Commit:     Florian Smeets <flo@FreeBSD.org>
CommitDate: 2023-02-20 09:34:49 +0000

    security/vuxml: Add gitea vulnerabilities

    PR:             269707

 security/vuxml/vuln/2023.xml | 38 ++++++++++++++++++++++++++++++++++++++
 1 file changed, 38 insertions(+)
Comment 5 commit-hook freebsd_committer freebsd_triage 2023-02-20 11:10:12 UTC 
A commit in branch main references this bug:

URL: https://cgit.FreeBSD.org/ports/commit/?id=6f6ba3c6c5cc23fe12f924ed7d197961e524d713

commit 6f6ba3c6c5cc23fe12f924ed7d197961e524d713
Author:     Stefan Bethke <stb@lassitu.de>
AuthorDate: 2023-02-20 11:08:24 +0000
Commit:     Florian Smeets <flo@FreeBSD.org>
CommitDate: 2023-02-20 11:09:36 +0000

    www/gitea: Update to 1.18.4

    PR:             269707
    Security:       5048ed45-b0f1-11ed-ab04-9106b1b896dd

 www/gitea/Makefile | 3 +--
 www/gitea/distinfo | 6 +++---
 2 files changed, 4 insertions(+), 5 deletions(-)
Comment 6 commit-hook freebsd_committer freebsd_triage 2023-02-20 18:05:33 UTC 
A commit in branch 2023Q1 references this bug:

URL: https://cgit.FreeBSD.org/ports/commit/?id=a3a0e9f77e532e18b5ed1915a6d6afac45260acf

commit a3a0e9f77e532e18b5ed1915a6d6afac45260acf
Author:     Stefan Bethke <stb@lassitu.de>
AuthorDate: 2023-02-20 11:08:24 +0000
Commit:     Florian Smeets <flo@FreeBSD.org>
CommitDate: 2023-02-20 18:04:38 +0000

    www/gitea: Update to 1.18.4

    PR:             269707
    Security:       5048ed45-b0f1-11ed-ab04-9106b1b896dd
    (cherry picked from commit 6f6ba3c6c5cc23fe12f924ed7d197961e524d713)

 www/gitea/Makefile | 3 +--
 www/gitea/distinfo | 6 +++---
 2 files changed, 4 insertions(+), 5 deletions(-)
Comment 7 Florian Smeets freebsd_committer freebsd_triage 2023-02-20 18:07:57 UTC 
Committed. Thanks.

In the future you can check the vuxml entry with "make validate". There was a little indentation issue with the patch.