Created attachment 253396 [details] update forgejo to 7.0.9 Patch to update www/forgejo7 to 7.0.9. Release notes: https://codeberg.org/forgejo/forgejo/milestone/8232
A commit in branch main references this bug: URL: https://cgit.FreeBSD.org/ports/commit/?id=683316a1186356d1ddadc21e868525033d8ecdd6 commit 683316a1186356d1ddadc21e868525033d8ecdd6 Author: Marko Cupać <marko.cupac@mimar.rs> AuthorDate: 2024-09-07 12:06:20 +0000 Commit: Vladimir Druzenko <vvd@FreeBSD.org> CommitDate: 2024-09-07 12:06:20 +0000 www/forgejo7: update to 7.0.9 (fixes security vulnerability) Changelog: Security - PR (backported): replace v-html with v-text in branch search inputbox for XSS protection - PR: Upgrade webpack to v5.94.0 as a precaution to mitigate CVE-2024-43788, although we were not yet able to confirm that this can be exploited in Forgejo. https://codeberg.org/forgejo/forgejo/milestone/8232 PR: 281334 www/forgejo7/Makefile | 2 +- www/forgejo7/distinfo | 6 +++--- 2 files changed, 4 insertions(+), 4 deletions(-)
Thanks.