FreeBSD Bugzilla – Attachment 200831 Details for
Bug 234659
www/gitea: Update to 1.6.3 (fixes security vulnerability)
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
[patch]
patch to vuxml documenting the gitea vulnerability
vuxml-gitea-1.6.3.patch (text/plain), 1.16 KB, created by
Stefan Bethke
on 2019-01-06 10:45:33 UTC
(
hide
)
Description:
patch to vuxml documenting the gitea vulnerability
Filename:
MIME Type:
Creator:
Stefan Bethke
Created:
2019-01-06 10:45:33 UTC
Size:
1.16 KB
patch
obsolete
>Index: vuln.xml >=================================================================== >--- vuln.xml (revision 489454) >+++ vuln.xml (working copy) >@@ -58,6 +58,34 @@ > * Do not forget port variants (linux-f10-libxml2, libxml2, etc.) > --> > <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1"> >+ <vuln vid="63e36475-119f-11e9-aba7-080027fee39c"> >+ <topic>gitea -- insufficient privilege check</topic> >+ <affects> >+ <package> >+ <name>gitea</name> >+ <range><lt>1.6.3</lt></range> >+ </package> >+ </affects> >+ <description> >+ <body xmlns="http://www.w3.org/1999/xhtml"> >+ <p>The Gitea project reports:</p> >+ <blockquote cite="https://blog.gitea.io/2019/01/release-of-1.6.3/"> >+ <p>Security</p> >+ <ul> >+ <li>Prevent DeleteFilePost doing arbitrary deletion</li> >+ </ul> >+ </blockquote> >+ </body> >+ </description> >+ <references> >+ <url>https://github.com/go-gitea/gitea/issues/5631</url> >+ </references> >+ <dates> >+ <discovery>2019-01-04</discovery> >+ <entry>2018-01-06</entry> >+ </dates> >+ </vuln> >+ > <vuln vid="720590df-10eb-11e9-b407-080027ef1a23"> > <topic>chromium -- Use after free in PDFium</topic> > <affects>
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=200831">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 234659
:
200830
| 200831