Attachment #238971 for bug #268512

View | Details | Raw Unified | Return to bug 268512
Collapse All | Expand All




  <vuln vid="d0da046a-81e6-11ed-96ca-0800277bb8a8">
    <topic>gitea -- multiple issues</topic>
    <affects>
      <package>
	<name>gitea</name>
	<range><lt>1.17.4</lt></range>
      </package>
    </affects>
    <description>
      <body xmlns="http://www.w3.org/1999/xhtml">
	<p>The Gitea team reports:</p>
	<blockquote cite="https://github.com/go-gitea/gitea/pull/21849">
	  <p>Do not allow Ghost access to limited visible user/org</p>
	</blockquote>
	<blockquote cite="https://github.com/go-gitea/gitea/pull/21580">
	  <p>Fix package access for admins and inactive users</p>
	</blockquote>
      </body>
    </description>
    <references>
      <url>https://github.com/go-gitea/gitea/releases/tag/v1.17.4</url>
    </references>
    <dates>
      <discovery>2022-10-24</discovery>
      <entry>2022-12-22</entry>
    </dates>
  </vuln>

  <vuln vid="d9e154c9-7de9-11ed-adca-080027d3a315">
    <topic>typo3 -- multiple vulnerabilities</topic>
    <affects>

Lines 1-7 Link Here

(-)b/www/gitea/Makefile (-2 / +1 lines)
1	PORTNAME= gitea	1	PORTNAME= gitea
2	DISTVERSIONPREFIX= v	2	DISTVERSIONPREFIX= v
3	DISTVERSION= 1.17.3	3	DISTVERSION= 1.17.4
4	PORTREVISION= 1
5	CATEGORIES= www	4	CATEGORIES= www
6	MASTER_SITES= https://github.com/go-gitea/gitea/releases/download/${DISTVERSIONPREFIX}${DISTVERSION}/ \	5	MASTER_SITES= https://github.com/go-gitea/gitea/releases/download/${DISTVERSIONPREFIX}${DISTVERSION}/ \
7	https://dl.gitea.io/gitea/${DISTVERSION}/	6	https://dl.gitea.io/gitea/${DISTVERSION}/

Lines 1-3 Link Here

(-)b/www/gitea/distinfo (-3 / +3 lines)
1	TIMESTAMP = 1665865667	1	TIMESTAMP = 1671705629
2	SHA256 (gitea-src-1.17.3.tar.gz) = 35490480ab793844e8ef9d541dca1c3c7ee510883205fe9197f373d276cd1f78	2	SHA256 (gitea-src-1.17.4.tar.gz) = 928644afcf5087109fd8377fed25a24bf659a112017f2bb499bc4a9278d73cae
3	SIZE (gitea-src-1.17.3.tar.gz) = 52711597	3	SIZE (gitea-src-1.17.4.tar.gz) = 52844862

Return to bug 268512

Lines 1-3 Link Here

(-)b/security/vuxml/vuln/2022.xml (+28 lines)
		1	<vuln vid="d0da046a-81e6-11ed-96ca-0800277bb8a8">
		2	<topic>gitea -- multiple issues</topic>
		3	<affects>
		4	<package>
		5	<name>gitea</name>
		6	<range><lt>1.17.4</lt></range>
		7	</package>
		8	</affects>
		9	<description>
		10	<body xmlns="http://www.w3.org/1999/xhtml">
		11	<p>The Gitea team reports:</p>
		12	<blockquote cite="https://github.com/go-gitea/gitea/pull/21849">
		13	<p>Do not allow Ghost access to limited visible user/org</p>
		14	</blockquote>
		15	<blockquote cite="https://github.com/go-gitea/gitea/pull/21580">
		16	<p>Fix package access for admins and inactive users</p>
		17	</blockquote>
		18	</body>
		19	</description>
		20	<references>
		21	<url>https://github.com/go-gitea/gitea/releases/tag/v1.17.4</url>
		22	</references>
		23	<dates>
		24	<discovery>2022-10-24</discovery>
		25	<entry>2022-12-22</entry>
		26	</dates>
		27	</vuln>
		28
1	<vuln vid="d9e154c9-7de9-11ed-adca-080027d3a315">	29	<vuln vid="d9e154c9-7de9-11ed-adca-080027d3a315">
2	<topic>typo3 -- multiple vulnerabilities</topic>	30	<topic>typo3 -- multiple vulnerabilities</topic>
3	<affects>	31	<affects>