Bug 282387

Summary: www/forgejo: Update 9.0.0 → 9.0.1 (fixes security vulnerabilities)
Product: Ports & Packages Reporter: Stefan Bethke <stb>
Component: Individual Port(s)Assignee: Vladimir Druzenko <vvd>
Status: Closed FIXED    
Severity: Affects Some People CC: marko.cupac, vvd
Priority: --- Flags: stb: maintainer-feedback+
vvd: merge-quarterly+
Version: Latest   
Hardware: Any   
OS: Any   
URL: https://codeberg.org/forgejo/forgejo/milestone/8544
Attachments:
Description Flags
update port to 9.0.1 including vuxml entry none

Description Stefan Bethke 2024-10-28 16:23:41 UTC 
Created attachment 254597 [details]
update port to 9.0.1 including vuxml entry

Release notes: https://codeberg.org/forgejo/forgejo/milestone/8544
Comment 1 commit-hook freebsd_committer freebsd_triage 2024-10-29 15:27:19 UTC 
A commit in branch main references this bug:

URL: https://cgit.FreeBSD.org/ports/commit/?id=43e383b8b4bd5d8325a83ac4daa1617b8fcae4e0

commit 43e383b8b4bd5d8325a83ac4daa1617b8fcae4e0
Author:     Stefan Bethke <stb@lassitu.de>
AuthorDate: 2024-10-29 15:24:02 +0000
Commit:     Vladimir Druzenko <vvd@FreeBSD.org>
CommitDate: 2024-10-29 15:24:02 +0000

    security/vuxml: add record for www/forgejo < 9.0.1 and www/forgejo7 < 7.0.10

    https://codeberg.org/forgejo/forgejo/milestone/8544
    https://codeberg.org/forgejo/forgejo/pulls/5719
    https://codeberg.org/forgejo/forgejo/pulls/5718

    PR:     282387

 security/vuxml/vuln/2024.xml | 44 ++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 44 insertions(+)
Comment 2 commit-hook freebsd_committer freebsd_triage 2024-10-29 15:27:20 UTC 
A commit in branch main references this bug:

URL: https://cgit.FreeBSD.org/ports/commit/?id=b56cd15e5b4777fcc02cc6b3e81e6f096c692f83

commit b56cd15e5b4777fcc02cc6b3e81e6f096c692f83
Author:     Stefan Bethke <stb@lassitu.de>
AuthorDate: 2024-10-29 15:20:59 +0000
Commit:     Vladimir Druzenko <vvd@FreeBSD.org>
CommitDate: 2024-10-29 15:20:59 +0000

    www/forgejo: Update 9.0.0 → 9.0.1 (fixes security vulnerabilities)

    Changelog:
    https://codeberg.org/forgejo/forgejo/milestone/8544

    PR:     282387
    MFH:    2024Q4

 www/forgejo/Makefile | 2 +-
 www/forgejo/distinfo | 6 +++---
 2 files changed, 4 insertions(+), 4 deletions(-)
Comment 3 commit-hook freebsd_committer freebsd_triage 2024-10-29 15:48:28 UTC 
A commit in branch 2024Q4 references this bug:

URL: https://cgit.FreeBSD.org/ports/commit/?id=32a516a2434fbb1fb2e87463cf95c045afc46f36

commit 32a516a2434fbb1fb2e87463cf95c045afc46f36
Author:     Stefan Bethke <stb@lassitu.de>
AuthorDate: 2024-10-29 15:20:59 +0000
Commit:     Vladimir Druzenko <vvd@FreeBSD.org>
CommitDate: 2024-10-29 15:47:56 +0000

    www/forgejo: Update 9.0.0 → 9.0.1 (fixes security vulnerabilities)

    Changelog:
    https://codeberg.org/forgejo/forgejo/milestone/8544

    PR:     282387
    MFH:    2024Q4
    (cherry picked from commit b56cd15e5b4777fcc02cc6b3e81e6f096c692f83)

 www/forgejo/Makefile | 2 +-
 www/forgejo/distinfo | 6 +++---
 2 files changed, 4 insertions(+), 4 deletions(-)
Comment 4 Vladimir Druzenko freebsd_committer freebsd_triage 2024-10-29 15:55:06 UTC 
Thanks.

Marko Cupać, www/forgejo7 need update too.
Comment 5 Marko Cupać 2024-10-29 18:10:56 UTC 
(In reply to Vladimir Druzenko from comment #4)

Hi,

I have patch ready but forgejo7 needs at least lang/go122 at 1.22.7, while version in ports is still at 1.22.6.

There's bug #281842 waiting to be committed. Any chance to speed it up?
Comment 6 Marko Cupać 2024-10-29 18:26:57 UTC 
I submitted patch to upgrade www/forgejo7 to 7.0.10 in bug #282408