Bug 280241 - devel/gogs: Update to 0.13.0
Summary: devel/gogs: Update to 0.13.0
Status: New
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: --- Affects Some People
Assignee: freebsd-ports-bugs (Nobody)
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2024-07-12 17:36 UTC by Juraj Lutter
Modified: 2025-04-15 06:24 UTC (History)
1 user (show)

See Also:
bugzilla: maintainer-feedback? (dmgk)


Attachments
devel/gogs patch (10.65 KB, patch)
2024-07-12 17:36 UTC, Juraj Lutter
no flags Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Juraj Lutter freebsd_committer freebsd_triage 2024-07-12 17:36:17 UTC
Created attachment 251995 [details]
devel/gogs patch

Hi,

see the patch attached that updates devel/gogs to 0.13.0 and incorporates some CVE-addressing patches from Sonarsource.

Also see diff D45955
Comment 1 Henrich Hartzer 2024-11-07 17:03:21 UTC
Could someone take a look at this?

This is relevant about the CVEs: https://github.com/gogs/gogs/issues/7777https://github.com/gogs/gogs/issues/7777
Comment 2 Rene Ladan freebsd_committer freebsd_triage 2025-04-09 20:04:05 UTC
Maintanier reset.
Comment 3 commit-hook freebsd_committer freebsd_triage 2025-04-15 06:24:10 UTC
A commit in branch main references this bug:

URL: https://cgit.FreeBSD.org/ports/commit/?id=07dccc2562cb3da78c740bb73c045ed597900bb0

commit 07dccc2562cb3da78c740bb73c045ed597900bb0
Author:     Fernando Apesteguía <fernape@FreeBSD.org>
AuthorDate: 2025-04-14 08:25:14 +0000
Commit:     Fernando Apesteguía <fernape@FreeBSD.org>
CommitDate: 2025-04-15 06:23:02 +0000

    security/vuxml: add gogs vulnerabilities

     * CVE-2024-39930
     * CVE-2024-39931
     * CVE-2024-39932
     * CVE-2024-39933
     * CVE-2024-44625

    PR:     280241

 security/vuxml/vuln/2024.xml | 46 ++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 46 insertions(+)