FreeBSD Bugzilla – Attachment 243263 Details for
Bug 272380
www/gitea: Update to 1.19.4 (fixes security vulnerabilities)
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
[patch]
Update port and vuxml
gitea-1.19.4.patch (text/plain), 2.12 KB, created by
Stefan Bethke
on 2023-07-05 10:41:46 UTC
(
hide
)
Description:
Update port and vuxml
Filename:
MIME Type:
Creator:
Stefan Bethke
Created:
2023-07-05 10:41:46 UTC
Size:
2.12 KB
patch
obsolete
>diff --git a/security/vuxml/vuln/2023.xml b/security/vuxml/vuln/2023.xml >index 473c19021b04..36559507d5b6 100644 >--- a/security/vuxml/vuln/2023.xml >+++ b/security/vuxml/vuln/2023.xml >@@ -1,3 +1,31 @@ >+ <vuln vid="8ea24413-1b15-11ee-9331-570525adb7f1"> >+ <topic>gitea -- avoid open HTTP redirects</topic> >+ <affects> >+ <package> >+ <name>gitea</name> >+ <range><lt>1.19.4</lt></range> >+ </package> >+ </affects> >+ <description> >+ <body xmlns="http://www.w3.org/1999/xhtml"> >+ <p>The Gitea team reports:</p> >+ <blockquote cite="https://github.com/go-gitea/gitea/pull/25143"> >+ <p>If redirect_to parameter has set value starting with >+ \\example.com redirect will be created with header Location: >+ /\\example.com that will redirect to example.com domain.</p> >+ </blockquote> >+ </body> >+ </description> >+ <references> >+ <url>https://blog.gitea.io/2023/07/gitea-1.19.4-is-released/</url> >+ <url>https://github.com/go-gitea/gitea/releases/tag/v1.19.4</url> >+ </references> >+ <dates> >+ <discovery>2023-06-08</discovery> >+ <entry>2023-07-05</entry> >+ </dates> >+ </vuln> >+ > <vuln vid="01eeea33-1afa-11ee-8a9b-b42e991fc52e"> > <topic>phpldapadmin -- XSS vulnerability</topic> > <affects> >diff --git a/www/gitea/Makefile b/www/gitea/Makefile >index 782053b4a3e0..7b07a52bde93 100644 >--- a/www/gitea/Makefile >+++ b/www/gitea/Makefile >@@ -1,6 +1,6 @@ > PORTNAME= gitea > DISTVERSIONPREFIX= v >-DISTVERSION= 1.19.3 >+DISTVERSION= 1.19.4 > CATEGORIES= www > MASTER_SITES= https://github.com/go-gitea/gitea/releases/download/${DISTVERSIONPREFIX}${DISTVERSION}/ \ > https://dl.gitea.io/gitea/${DISTVERSION}/ >diff --git a/www/gitea/distinfo b/www/gitea/distinfo >index d6d143aa1049..ec1c92eb90df 100644 >--- a/www/gitea/distinfo >+++ b/www/gitea/distinfo >@@ -1,3 +1,3 @@ >-TIMESTAMP = 1685483917 >-SHA256 (gitea-src-1.19.3.tar.gz) = ad2bc17929c9df9e986daeed6578344b5d59473626177c673a5e19509f17418c >-SIZE (gitea-src-1.19.3.tar.gz) = 55634848 >+TIMESTAMP = 1688548753 >+SHA256 (gitea-src-1.19.4.tar.gz) = bcd30d10a32952854b506c0f3d584b29f1251668c25a06476398b596236cfb19 >+SIZE (gitea-src-1.19.4.tar.gz) = 55781048
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=243263">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 272380
: 243263