Created attachment 251995 [details] devel/gogs patch Hi, see the patch attached that updates devel/gogs to 0.13.0 and incorporates some CVE-addressing patches from Sonarsource. Also see diff D45955
Could someone take a look at this? This is relevant about the CVEs: https://github.com/gogs/gogs/issues/7777https://github.com/gogs/gogs/issues/7777
Maintanier reset.
A commit in branch main references this bug: URL: https://cgit.FreeBSD.org/ports/commit/?id=07dccc2562cb3da78c740bb73c045ed597900bb0 commit 07dccc2562cb3da78c740bb73c045ed597900bb0 Author: Fernando Apesteguía <fernape@FreeBSD.org> AuthorDate: 2025-04-14 08:25:14 +0000 Commit: Fernando Apesteguía <fernape@FreeBSD.org> CommitDate: 2025-04-15 06:23:02 +0000 security/vuxml: add gogs vulnerabilities * CVE-2024-39930 * CVE-2024-39931 * CVE-2024-39932 * CVE-2024-39933 * CVE-2024-44625 PR: 280241 security/vuxml/vuln/2024.xml | 46 ++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 46 insertions(+)