Created attachment 253082 [details] [PATCH] www/forgejo: update 8.0.0 → 8.0.1, fix security issue We strongly recommend that all Forgejo installations are upgraded to the latest version as soon as possible. https://forgejo.org/2024-08-release-v801/#recommended-action
2024Q3 have vulnerable version 7.0.4. Simplest way is MFH commits update to 8.0.0 and update to 8.0.1. Harder way is direct commit to 2024Q3 with update 7.0.7. Which one is better to choose? This is a question primarily for ports-secteam.
A commit in branch main references this bug: URL: https://cgit.FreeBSD.org/ports/commit/?id=ba954124e5279d7c56b685456dca8c1be9004f30 commit ba954124e5279d7c56b685456dca8c1be9004f30 Author: Älven <alster@vinterdalen.se> AuthorDate: 2024-08-26 01:18:47 +0000 Commit: Vladimir Druzenko <vvd@FreeBSD.org> CommitDate: 2024-08-26 01:18:47 +0000 www/forgejo: update 8.0.0 → 8.0.1, fix security issue Release notes: We strongly recommend that all Forgejo installations are upgraded to the latest version as soon as possible. https://forgejo.org/2024-08-release-v801/#recommended-action PR: 281056 www/forgejo/Makefile | 3 +-- www/forgejo/distinfo | 6 +++--- 2 files changed, 4 insertions(+), 5 deletions(-)
A commit in branch 2024Q3 references this bug: URL: https://cgit.FreeBSD.org/ports/commit/?id=676441d697b813e0b1772d92fd3f981a19396013 commit 676441d697b813e0b1772d92fd3f981a19396013 Author: Älven <alster@vinterdalen.se> AuthorDate: 2024-08-26 01:18:47 +0000 Commit: Vladimir Druzenko <vvd@FreeBSD.org> CommitDate: 2024-08-30 22:37:43 +0000 www/forgejo: update 8.0.0 → 8.0.1, fix security issue Release notes: We strongly recommend that all Forgejo installations are upgraded to the latest version as soon as possible. https://forgejo.org/2024-08-release-v801/#recommended-action PR: 281056 (cherry picked from commit ba954124e5279d7c56b685456dca8c1be9004f30) www/forgejo/Makefile | 2 +- www/forgejo/distinfo | 6 +++--- 2 files changed, 4 insertions(+), 4 deletions(-)