Bug 254930 - www/gitea: Update to 1.13.7 (fixes security vulnerabilities)
Summary: www/gitea: Update to 1.13.7 (fixes security vulnerabilities)
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: --- Affects Many People
Assignee: Adam Weinberger
URL:
Keywords: needs-qa, security
Depends on:
Blocks:
 
Reported: 2021-04-09 21:50 UTC by stb
Modified: 2021-04-10 02:09 UTC (History)
1 user (show)

See Also:
koobs: merge-quarterly+


Attachments
Entry for gitea 1.13.7 (1.23 KB, patch)
2021-04-09 21:53 UTC, stb
no flags Details | Diff
Update gite port to 1.13.7 (895 bytes, patch)
2021-04-09 21:54 UTC, stb
stb: maintainer-approval+
Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description stb 2021-04-09 21:50:10 UTC
Release 1.13.7 fixes two security issues, and five bugs.

Release notes:

https://blog.gitea.io/2021/04/gitea-1.13.7-is-released/
Comment 1 stb 2021-04-09 21:52:06 UTC
$ make validate
/bin/sh /usr/home/vagrant/vuxml/files/tidy.sh "/usr/home/vagrant/vuxml/files/tidy.xsl" "/usr/home/vagrant/vuxml/vuln-flat.xml" > "/usr/home/vagrant/vuxml/vuln.xml.tidy"
>>> Validating...
/usr/local/bin/xmllint --valid --noout /usr/home/vagrant/vuxml/vuln-flat.xml
>>> Successful.
Checking if tidy differs...
... seems okay
Checking for space/tab...
... seems okay
/usr/local/bin/python3.7 /usr/home/vagrant/vuxml/files/extra-validation.py /usr/home/vagrant/vuxml/vuln-flat.xml
Warning: description too long (6137 chars, 5000 is warning threshold): f00b65d8-7ccb-11eb-b3be-e09467587c17)
Comment 2 stb 2021-04-09 21:53:10 UTC
Created attachment 223960 [details]
Entry for gitea 1.13.7
Comment 3 stb 2021-04-09 21:54:36 UTC
Created attachment 223961 [details]
Update gite port to 1.13.7
Comment 4 commit-hook freebsd_committer 2021-04-09 22:10:21 UTC
A commit in branch main references this bug:

URL: https://cgit.FreeBSD.org/ports/commit/?id=b3cd19559e13396d1f4da829fb2f2f6a8cd043eb

commit b3cd19559e13396d1f4da829fb2f2f6a8cd043eb
Author:     Adam Weinberger <adamw@FreeBSD.org>
AuthorDate: 2021-04-09 22:08:57 +0000
Commit:     Adam Weinberger <adamw@FreeBSD.org>
CommitDate: 2021-04-09 22:08:57 +0000

    security/vuxml: Add entry for gitea < 1.13.7

    PR:     254930
    Submitted by:   Stefan Bethke

 security/vuxml/vuln.xml | 29 +++++++++++++++++++++++++++++
 1 file changed, 29 insertions(+)
Comment 5 commit-hook freebsd_committer 2021-04-09 22:10:22 UTC
A commit in branch main references this bug:

URL: https://cgit.FreeBSD.org/ports/commit/?id=1b3c61ca16dede523580c3919427e7c09e5c6660

commit 1b3c61ca16dede523580c3919427e7c09e5c6660
Author:     Adam Weinberger <adamw@FreeBSD.org>
AuthorDate: 2021-04-09 22:06:40 +0000
Commit:     Adam Weinberger <adamw@FreeBSD.org>
CommitDate: 2021-04-09 22:06:40 +0000

    www/gitea: Update to 1.13.7

    PR:     254930
    Submitted by:   maintainer

 www/gitea/Makefile | 2 +-
 www/gitea/distinfo | 6 +++---
 2 files changed, 4 insertions(+), 4 deletions(-)
Comment 6 commit-hook freebsd_committer 2021-04-09 22:12:23 UTC
A commit in branch 2021Q2 references this bug:

URL: https://cgit.FreeBSD.org/ports/commit/?id=78ba3b7c50e7f26ba87866cb611ea81d0fee7989

commit 78ba3b7c50e7f26ba87866cb611ea81d0fee7989
Author:     Adam Weinberger <adamw@FreeBSD.org>
AuthorDate: 2021-04-09 22:06:40 +0000
Commit:     Adam Weinberger <adamw@FreeBSD.org>
CommitDate: 2021-04-09 22:11:51 +0000

    www/gitea: Update to 1.13.7

    PR:     254930
    Submitted by:   maintainer

 www/gitea/Makefile | 2 +-
 www/gitea/distinfo | 6 +++---
 2 files changed, 4 insertions(+), 4 deletions(-)
Comment 7 Adam Weinberger freebsd_committer 2021-04-09 22:15:07 UTC
This is committed and merged to quarterly.