Attachment #241028 for bug #270377

View | Details | Raw Unified | Return to bug 270377
Collapse All | Expand All




  <vuln vid="cb2c143c-c78b-11ed-9fca-ad77f88e2433">
    <topic>gitea -- multiple issues</topic>
    <affects>
      <package>
	<name>gitea</name>
	<range><lt>1.19.0</lt></range>
      </package>
    </affects>
    <description>
      <body xmlns="http://www.w3.org/1999/xhtml">
	<p>The Gitea team reports:</p>
	<blockquote cite="https://github.com/go-gitea/gitea/pull/23155">
	  <p>Return 404 instead of 403 if user can not access the repo</p>
	</blockquote>
	<blockquote cite="https://github.com/go-gitea/gitea/pull/20908">
	  <p>Support scoped access tokens</p>
	  <p>This PR adds the support for scopes of access tokens, mimicking
	    the design of GitHub OAuth scopes.</p>
	</blockquote>
      </body>
    </description>
    <references>
      <url>https://blog.gitea.io/2023/03/gitea-1.19.0-is-released/</url>
    </references>
    <dates>
      <discovery>2022-02-25</discovery>
      <entry>2023-03-20</entry>
    </dates>
  </vuln>

  <vuln vid="0d7d104c-c6fb-11ed-8a4b-080027f5fec9">
    <topic>curl -- multiple vulnerabilities</topic>
    <affects>

Lines 1-7 Link Here

(-)b/www/gitea/Makefile (-2 / +1 lines)
1	PORTNAME= gitea	1	PORTNAME= gitea
2	DISTVERSIONPREFIX= v	2	DISTVERSIONPREFIX= v
3	DISTVERSION= 1.18.5	3	DISTVERSION= 1.19.0
4	PORTREVISION= 1
5	CATEGORIES= www	4	CATEGORIES= www
6	MASTER_SITES= https://github.com/go-gitea/gitea/releases/download/${DISTVERSIONPREFIX}${DISTVERSION}/ \	5	MASTER_SITES= https://github.com/go-gitea/gitea/releases/download/${DISTVERSIONPREFIX}${DISTVERSION}/ \
7	https://dl.gitea.io/gitea/${DISTVERSION}/	6	https://dl.gitea.io/gitea/${DISTVERSION}/

Lines 1-3 Link Here

(-)b/www/gitea/distinfo (-3 / +3 lines)
1	TIMESTAMP = 1677235894	1	TIMESTAMP = 1679363070
2	SHA256 (gitea-src-1.18.5.tar.gz) = 3863e7e1f92761fce6b808ba08bf26fc8878b9136b6950e6a419b6d2a4f794a9	2	SHA256 (gitea-src-1.19.0.tar.gz) = f670f35d2198c58c37e3f1249a3e3855d18b56146c18bd9ee607f2a323d4a864
3	SIZE (gitea-src-1.18.5.tar.gz) = 55521804	3	SIZE (gitea-src-1.19.0.tar.gz) = 55075556

Return to bug 270377

Lines 1-3 Link Here

(-)b/security/vuxml/vuln/2023.xml (+30 lines)
		1	<vuln vid="cb2c143c-c78b-11ed-9fca-ad77f88e2433">
		2	<topic>gitea -- multiple issues</topic>
		3	<affects>
		4	<package>
		5	<name>gitea</name>
		6	<range><lt>1.19.0</lt></range>
		7	</package>
		8	</affects>
		9	<description>
		10	<body xmlns="http://www.w3.org/1999/xhtml">
		11	<p>The Gitea team reports:</p>
		12	<blockquote cite="https://github.com/go-gitea/gitea/pull/23155">
		13	<p>Return 404 instead of 403 if user can not access the repo</p>
		14	</blockquote>
		15	<blockquote cite="https://github.com/go-gitea/gitea/pull/20908">
		16	<p>Support scoped access tokens</p>
		17	<p>This PR adds the support for scopes of access tokens, mimicking
		18	the design of GitHub OAuth scopes.</p>
		19	</blockquote>
		20	</body>
		21	</description>
		22	<references>
		23	<url>https://blog.gitea.io/2023/03/gitea-1.19.0-is-released/</url>
		24	</references>
		25	<dates>
		26	<discovery>2022-02-25</discovery>
		27	<entry>2023-03-20</entry>
		28	</dates>
		29	</vuln>
		30
1	<vuln vid="0d7d104c-c6fb-11ed-8a4b-080027f5fec9">	31	<vuln vid="0d7d104c-c6fb-11ed-8a4b-080027f5fec9">
2	<topic>curl -- multiple vulnerabilities</topic>	32	<topic>curl -- multiple vulnerabilities</topic>
3	<affects>	33	<affects>