Date: Fri, 10 Aug 2018 23:15:46 +0000 From: bugzilla-noreply@freebsd.org To: ports-bugs@FreeBSD.org Subject: [Bug 230512] www/gitea: Update to 1.5.0 (Fixes security vulnerabilities) Message-ID: <bug-230512-7788-sDOyoQZ7SF@https.bugs.freebsd.org/bugzilla/> In-Reply-To: <bug-230512-7788@https.bugs.freebsd.org/bugzilla/> References: <bug-230512-7788@https.bugs.freebsd.org/bugzilla/>
next in thread | previous in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D230512 --- Comment #6 from Kubilay Kocak <koobs@FreeBSD.org> --- (In reply to stb from comment #5) One may just relay what the project provides. In this case there are 3 secu= rity fixes, each with pull request/issue descriptions: """ The Gitea project documents 3 fixed security issues: Check that repositories can only be migrated to own user or organizations (#4366) (#4370) Limit uploaded avatar image-size to 4096px x 3072px by default (#4353) Do not allow to reuse TOTP passcode (#3878) """ Add the pull-request/issue url's to <url></url> blocks If there are CVE references, add those as <cvename></cvename> blocks --=20 You are receiving this mail because: You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-230512-7788-sDOyoQZ7SF>