Skip site navigation (1)Skip section navigation (2) 
Date:      Wed, 19 Jun 2024 06:37:29 GMT
From:      Fernando =?utf-8?Q?Apestegu=C3=ADa?= <fernape@FreeBSD.org>
To:        ports-committers@FreeBSD.org, dev-commits-ports-all@FreeBSD.org, dev-commits-ports-main@FreeBSD.org
Subject:   git: be43fb2830c9 - main - www/forgejo: update to 7.0.4 (fixes security vulnerabilities)
Message-ID:  <202406190637.45J6bTCQ076953@gitrepo.freebsd.org>
next in thread | raw e-mail | index | archive | help 
The branch main has been updated by fernape:

URL: https://cgit.FreeBSD.org/ports/commit/?id=be43fb2830c94e23e0d9aa49ef9b982b0ab31e2c

commit be43fb2830c94e23e0d9aa49ef9b982b0ab31e2c
Author:     Stefan Bethke <stb@lassitu.de>
AuthorDate: 2024-06-17 17:16:10 +0000
Commit:     Fernando ApesteguĂ­a <fernape@FreeBSD.org>
CommitDate: 2024-06-19 06:37:17 +0000

    www/forgejo: update to 7.0.4 (fixes security vulnerabilities)
    
    CVE-2024-24789: the archive/zip package's handling of certain types of invalid
    zip files differs from the behavior of most zip implementations. This
    misalignment could be exploited to create an zip file with contents that vary
    depending on the implementation reading the file.
    
    PR:             279781
    Reported by:    stb@lassitu.de (maintainer)
    MFH:            2024Q2
    Security:       CVE-2024-24789
---
 www/forgejo/Makefile | 3 +--
 www/forgejo/distinfo | 6 +++---
 2 files changed, 4 insertions(+), 5 deletions(-)

diff --git a/www/forgejo/Makefile b/www/forgejo/Makefile
index fb6728294317..1f2696736529 100644
--- a/www/forgejo/Makefile
+++ b/www/forgejo/Makefile
@@ -1,7 +1,6 @@
 PORTNAME=	forgejo
 DISTVERSIONPREFIX=	v
-DISTVERSION=	7.0.3
-PORTREVISION=	1
+DISTVERSION=	7.0.4
 CATEGORIES=	www
 MASTER_SITES=	https://codeberg.org/forgejo/forgejo/releases/download/${DISTVERSIONPREFIX}${DISTVERSION}/
 DISTNAME=	forgejo-src-${DISTVERSION}
diff --git a/www/forgejo/distinfo b/www/forgejo/distinfo
index 18205d8b2c4b..e60439031aae 100644
--- a/www/forgejo/distinfo
+++ b/www/forgejo/distinfo
@@ -1,3 +1,3 @@
-TIMESTAMP = 1716464783
-SHA256 (forgejo-src-7.0.3.tar.gz) = c9e85222eb27508e74a284cb125df7c6d7cfc31f52c62f1e305d2aeb1bdb7abc
-SIZE (forgejo-src-7.0.3.tar.gz) = 54895104
+TIMESTAMP = 1718527772
+SHA256 (forgejo-src-7.0.4.tar.gz) = 881e55d92a4145238a8e7a39dd5c64d547c7629361005ded0393f33ec9e6bba4
+SIZE (forgejo-src-7.0.4.tar.gz) = 54935871

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202406190637.45J6bTCQ076953>