Created attachment 232790 [details] updates www/gitea to 1.16.5 This updates www/gita to 1.16.5 and fixes several security vulunerabilities. re: https://github.com/go-gitea/gitea/releases/tag/v1.16.5
This also (apparently) fixes a regression after 1.16.4 update (see: bug 261576), which can be closed when this once this update is committed and merged. Also pending vuxml entry for these security updates
Created attachment 232792 [details] vuxml entries for gitea 1.16.4 and 1.16.5 Combined into single patch. Let me know if they should be separated.
(In reply to fsbruva from comment #2) FWIW, these are all the bugs labeled security between 1.15.10 and 1.16.5 https://github.com/go-gitea/gitea/pull/17605 https://github.com/go-gitea/gitea/pull/17666 https://github.com/go-gitea/gitea/pull/17688 https://github.com/go-gitea/gitea/pull/18359 https://github.com/go-gitea/gitea/pull/18365 https://github.com/go-gitea/gitea/pull/18389 https://github.com/go-gitea/gitea/pull/18414 https://github.com/go-gitea/gitea/pull/18417 https://github.com/go-gitea/gitea/pull/18540 https://github.com/go-gitea/gitea/pull/18979 https://github.com/go-gitea/gitea/pull/18980 https://github.com/go-gitea/gitea/pull/19072 https://github.com/go-gitea/gitea/pull/19080 https://github.com/go-gitea/gitea/pull/19085 https://github.com/go-gitea/gitea/pull/19119 https://github.com/go-gitea/gitea/pull/19122 https://github.com/go-gitea/gitea/pull/19124 https://github.com/go-gitea/gitea/pull/19131 https://github.com/go-gitea/gitea/pull/19139 https://github.com/go-gitea/gitea/pull/19169 https://github.com/go-gitea/gitea/pull/19175 https://github.com/go-gitea/gitea/pull/19179 https://github.com/go-gitea/gitea/pull/19183 https://github.com/go-gitea/gitea/pull/19186
A commit in branch main references this bug: URL: https://cgit.FreeBSD.org/ports/commit/?id=36060fbbb19c439751045bc139fc15cb4b02a231 commit 36060fbbb19c439751045bc139fc15cb4b02a231 Author: fsbruva@yahoo.com <fsbruva@yahoo.com> AuthorDate: 2022-03-29 20:39:43 +0000 Commit: Florian Smeets <flo@FreeBSD.org> CommitDate: 2022-03-29 20:59:57 +0000 security/vuxml: Add www/gitea vulnerabilities PR: 262898 security/vuxml/vuln-2022.xml | 61 ++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 61 insertions(+)
A commit in branch main references this bug: URL: https://cgit.FreeBSD.org/ports/commit/?id=b788272c6c2ff5b21dd6991f7f680e39e6041b12 commit b788272c6c2ff5b21dd6991f7f680e39e6041b12 Author: Dan Langille <dvl@FreeBSD.org> AuthorDate: 2022-03-29 21:06:34 +0000 Commit: Florian Smeets <flo@FreeBSD.org> CommitDate: 2022-03-29 21:11:35 +0000 www/gitea: Update to 1.16.5 - Fixes for runtime issues with go1.18 - Fixes for security issues Changes: https://github.com/go-gitea/gitea/releases/tag/v1.16.5 PR: 262898, 261576 Reported by: dvl, CTS - FreeBSD Team <de-freebsd@ctseuro.com> Approved by: maintainer Security: 83466f76-aefe-11ec-b4b6-d05099c0c059 www/gitea/Makefile | 2 +- www/gitea/distinfo | 6 +++--- 2 files changed, 4 insertions(+), 4 deletions(-)
A commit in branch 2022Q1 references this bug: URL: https://cgit.FreeBSD.org/ports/commit/?id=e3af7d020f102c934154db26094e1d94cac6891e commit e3af7d020f102c934154db26094e1d94cac6891e Author: Dan Langille <dvl@FreeBSD.org> AuthorDate: 2022-03-29 21:06:34 +0000 Commit: Florian Smeets <flo@FreeBSD.org> CommitDate: 2022-03-29 21:28:30 +0000 www/gitea: Update to 1.16.5 - Fixes for runtime issues with go1.18 - Fixes for security issues Changes: https://github.com/go-gitea/gitea/releases/tag/v1.16.5 PR: 262898, 261576 Reported by: dvl, CTS - FreeBSD Team <de-freebsd@ctseuro.com> Approved by: maintainer Security: 83466f76-aefe-11ec-b4b6-d05099c0c059 (cherry picked from commit b788272c6c2ff5b21dd6991f7f680e39e6041b12) www/gitea/Makefile | 2 +- www/gitea/distinfo | 6 +++--- 2 files changed, 4 insertions(+), 4 deletions(-)
Committed and merged to quarterly.
(In reply to Florian Smeets from comment #3) Would you like me to submit another patch to update vuxml and include this list?