283302 – www/forgejo7: update to 7.0.12 (fixes security vulnerability)

Bug 283302 - www/forgejo7: update to 7.0.12 (fixes security vulnerability)

Summary: www/forgejo7: update to 7.0.12 (fixes security vulnerability)

Status:	Closed FIXED

Alias:	None

Product:	Ports & Packages
Classification:	Unclassified
Component:	Individual Port(s) (show other bugs)
Version:	Latest
Hardware:	Any Any

Importance:	--- Affects Some People
Assignee:	Vladimir Druzenko

URL:	https://codeberg.org/forgejo/forgejo/...
Keywords:

Depends on:
Blocks:

Reported:	2024-12-13 09:12 UTC by Marko Cupać
Modified:	2024-12-14 19:35 UTC (History)
CC List:	2 users (show)

See Also:

Flags:	vvd: merge-quarterly+

Attachments
update www/forgejo7 to 7.0.12 (1.22 KB, patch) 2024-12-13 09:12 UTC, Marko Cupać	no flags	Details \| Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Marko Cupać 2024-12-13 09:12:27 UTC

Created attachment 255833 [details]
update www/forgejo7 to 7.0.12

Hi,

here's patch to update www/forgejo7 to 7.0.12, which fixes also security vulnerabilities. Nothing drastic, just bumped DISTVERSION and regenerated distinfo. It builds fine in 14.2 x64 poudriere jail, I have already updated my test instance, it appears to run fine.

This being a security issue, I think it would be appropriate to have latest version in latest quarterly (202404). If including in quarterly, make sure to also bump lang/go122 there to at least 1.22.7. I am already receiving emails about inability to build current version of www/forgejo7 (7.0.10) in quarterly due to lang/go there being at 1.22.6.

Best regards,

Comment 1 Vladimir Druzenko freebsd_committer

2024-12-14 18:48:07 UTC

Ashish SHUKLA, this port need update lang/go122 in 2024Q4.

Comment 2 commit-hook freebsd_committer

2024-12-14 19:25:14 UTC

A commit in branch main references this bug:

URL: https://cgit.FreeBSD.org/ports/commit/?id=f66c325df4cd0a65fb3e96701601ec3743bd9aa5

commit f66c325df4cd0a65fb3e96701601ec3743bd9aa5
Author:     Marko Cupać <marko.cupac@mimar.rs>
AuthorDate: 2024-12-14 19:22:16 +0000
Commit:     Vladimir Druzenko <vvd@FreeBSD.org>
CommitDate: 2024-12-14 19:22:16 +0000

    www/forgejo7: Update 7.0.10 → 7.0.12 (fixes security vulnerability)

    Changelogs:
    https://codeberg.org/forgejo/forgejo/src/branch/forgejo/release-notes-published/7.0.11.md
    https://codeberg.org/forgejo/forgejo/src/branch/forgejo/release-notes-published/7.0.12.md

    PR:     283302
    MFH:    2024Q4

 www/forgejo7/Makefile | 2 +-
 www/forgejo7/distinfo | 6 +++---
 2 files changed, 4 insertions(+), 4 deletions(-)

Comment 3 commit-hook freebsd_committer

2024-12-14 19:31:15 UTC

A commit in branch 2024Q4 references this bug:

URL: https://cgit.FreeBSD.org/ports/commit/?id=b51cbb4c9fb3219a4b66c41565e92d57444724de

commit b51cbb4c9fb3219a4b66c41565e92d57444724de
Author:     Marko Cupać <marko.cupac@mimar.rs>
AuthorDate: 2024-12-14 19:22:16 +0000
Commit:     Vladimir Druzenko <vvd@FreeBSD.org>
CommitDate: 2024-12-14 19:28:10 +0000

    www/forgejo7: Update 7.0.10 → 7.0.12 (fixes security vulnerability)

    Changelogs:
    https://codeberg.org/forgejo/forgejo/src/branch/forgejo/release-notes-published/7.0.11.md
    https://codeberg.org/forgejo/forgejo/src/branch/forgejo/release-notes-published/7.0.12.md

    PR:     283302
    MFH:    2024Q4
    (cherry picked from commit f66c325df4cd0a65fb3e96701601ec3743bd9aa5)

 www/forgejo7/Makefile | 2 +-
 www/forgejo7/distinfo | 6 +++---
 2 files changed, 4 insertions(+), 4 deletions(-)

Comment 4 Vladimir Druzenko freebsd_committer

2024-12-14 19:35:59 UTC

Thanks.