FreeBSD Bugzilla – Attachment 203703 Details for
Bug 237303
www/gitea: Update to 1.7.6 (fixes security vulnerability)
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
[patch]
vuln.xml entry for the security vulnerability fixed in 1.7.6
vuln-gitea-1.7.6.patch (text/plain), 1.14 KB, created by
Stefan Bethke
on 2019-04-15 19:46:46 UTC
(
hide
)
Description:
vuln.xml entry for the security vulnerability fixed in 1.7.6
Filename:
MIME Type:
Creator:
Stefan Bethke
Created:
2019-04-15 19:46:46 UTC
Size:
1.14 KB
patch
obsolete
>Index: vuln.xml >=================================================================== >--- vuln.xml (revision 499043) >+++ vuln.xml (working copy) >@@ -58,6 +58,31 @@ > * Do not forget port variants (linux-f10-libxml2, libxml2, etc.) > --> > <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1"> >+ <vuln vid="b747783f-5fb6-11e9-b2ac-08002705f877"> >+ <topic>gitea -- remote code execution</topic> >+ <affects> >+ <package> >+ <name>gitea</name> >+ <range><lt>1.7.5</lt></range> >+ </package> >+ </affects> >+ <description> >+ <body xmlns="http://www.w3.org/1999/xhtml"> >+ <p>The Gitea team reports:</p> >+ <blockquote cite="https://blog.gitea.io/2019/04/gitea-1.7.6-is-released/"> >+ <p>Prevent remote code execution vulnerability with mirror repo URL settings</p> >+ </blockquote> >+ </body> >+ </description> >+ <references> >+ <url>https://blog.gitea.io/2019/04/gitea-1.7.6-is-released/</url> >+ </references> >+ <dates> >+ <discovery>2019-03-12</discovery> >+ <entry>2019-03-20</entry> >+ </dates> >+ </vuln> >+ > <vuln vid="4e1997e8-5de0-11e9-b95c-b499baebfeaf"> > <topic>MySQL -- multiple vulnerabilities</topic> > <affects>
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=203703">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 237303
:
203702
| 203703