Bug 246892

Summary: www/gitea: Update to 1.11.6 (fixes security vulnerabilities)
Product: Ports & Packages Reporter: Stefan Bethke <stb>
Component: Individual Port(s)Assignee: Adam Weinberger <adamw>
Status: Closed FIXED    
Severity: Affects Many People CC: adamw, ports-secteam
Priority: Normal Keywords: needs-qa, security
Version: LatestFlags: koobs: merge-quarterly?
Hardware: Any   
OS: Any   
URL: https://github.com/go-gitea/gitea/releases/tag/v1.11.6
Attachments:
Description Flags
patch to update gite aport to 1.11.6
none
vuxml entry for the two security vulnerabilities none

Description Stefan Bethke 2020-05-31 09:19:54 UTC 
Update Gitea to 1.11.6

This release fixes two security issues and 14 bugs.

Release notes: https://github.com/go-gitea/gitea/releases/tag/v1.11.6

And despite /some/ work being done on the invalid Go template syntax for the Wiki pages, the main bug has not been fixed and merged, so the patch still is required.
Comment 1 Stefan Bethke 2020-05-31 09:21:13 UTC 
Created attachment 215095 [details]
patch to update gite aport to 1.11.6
Comment 2 Stefan Bethke 2020-05-31 09:28:01 UTC 
Created attachment 215096 [details]
vuxml entry for the two security vulnerabilities
Comment 3 Kubilay Kocak freebsd_committer freebsd_triage 2020-05-31 09:30:15 UTC 
Thank you for your report and patches

^Triage: Please set the maintainer-approval attachment flag (to +) on patches for ports you maintain to signify approval

Attachment -> Details -> maintainer-approval [+]
Comment 4 commit-hook freebsd_committer freebsd_triage 2020-05-31 10:52:06 UTC 
A commit references this bug:

Author: adamw
Date: Sun May 31 10:51:55 UTC 2020
New revision: 537149
URL: https://svnweb.freebsd.org/changeset/ports/537149

Log:
  gitea: Update to 1.11.6

  Update Gitea to 1.11.6

  This release fixes two security issues and 14 bugs.

  Release notes: https://github.com/go-gitea/gitea/releases/tag/v1.11.6

  And despite /some/ work being done on the invalid Go template syntax for the
  Wiki pages, the main bug has not been fixed and merged, so the patch still is
  required.

  PR:		246892
  Submitted by:	maintainer
  MFH:		2020Q2
  Relnotes:	https://github.com/go-gitea/gitea/releases/tag/v1.11.6
  Security:	yes, see Relnotes

Changes:
  head/www/gitea/Makefile
  head/www/gitea/distinfo
Comment 5 commit-hook freebsd_committer freebsd_triage 2020-05-31 10:54:07 UTC 
A commit references this bug:

Author: adamw
Date: Sun May 31 10:53:13 UTC 2020
New revision: 537150
URL: https://svnweb.freebsd.org/changeset/ports/537150

Log:
  VuXML: Add entry for gitea < 1.11.6

  PR:		246892
  Submitted by:	maintainer

Changes:
  head/security/vuxml/vuln.xml
Comment 6 commit-hook freebsd_committer freebsd_triage 2020-05-31 10:59:11 UTC 
A commit references this bug:

Author: adamw
Date: Sun May 31 10:58:30 UTC 2020
New revision: 537152
URL: https://svnweb.freebsd.org/changeset/ports/537152

Log:
  MFH: r534858 r537149

  gitea: Update to 1.11.5

  This release fixes 22 bugs, and includes two enhancements.

  Release notes: https://github.com/go-gitea/gitea/releases/tag/v1.11.5

  PR:		246353
  Submitted by:	maintainer

  gitea: Update to 1.11.6

  Update Gitea to 1.11.6

  This release fixes two security issues and 14 bugs.

  Release notes: https://github.com/go-gitea/gitea/releases/tag/v1.11.6

  And despite /some/ work being done on the invalid Go template syntax for the
  Wiki pages, the main bug has not been fixed and merged, so the patch still is
  required.

  PR:		246892
  Submitted by:	maintainer
  Relnotes:	https://github.com/go-gitea/gitea/releases/tag/v1.11.6
  Security:	yes, see Relnotes

  Approved by:	portmgr (with hat)

Changes:
_U  branches/2020Q2/
  branches/2020Q2/www/gitea/Makefile
  branches/2020Q2/www/gitea/distinfo
Comment 7 Adam Weinberger freebsd_committer freebsd_triage 2020-05-31 11:00:16 UTC 
Committed. We both missed resetting PORTREVISION, oops.