Date: Sat, 2 Feb 2019 01:26:48 +0000 (UTC) From: Joseph Mingrone <jrm@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r491910 - head/security/vuxml Message-ID: <201902020126.x121Qm6J033256@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: jrm Date: Sat Feb 2 01:26:48 2019 New Revision: 491910 URL: https://svnweb.freebsd.org/changeset/ports/491910 Log: security/vuxml: Document Gitea < 1.7.1 vulnerabilities PR: 235399 Submitted by: stb@lassitu.de (www/gitea maintainer) Modified: head/security/vuxml/vuln.xml Modified: head/security/vuxml/vuln.xml ============================================================================== --- head/security/vuxml/vuln.xml Sat Feb 2 01:26:39 2019 (r491909) +++ head/security/vuxml/vuln.xml Sat Feb 2 01:26:48 2019 (r491910) @@ -58,6 +58,33 @@ Notes: * Do not forget port variants (linux-f10-libxml2, libxml2, etc.) --> <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1"> + <vuln vid="41c1cd6f-2645-11e9-b5f1-080027fee39c"> + <topic>gitea -- multiple vulnerabilities</topic> + <affects> + <package> + <name>gitea</name> + <range><lt>1.7.1</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>Gitea Team reports:</p> + <blockquote cite="https://github.com/go-gitea/gitea/releases/tag/v1.7.0"> + <p>Disable redirect for i18n</p> + <p>Only allow local login if password is non-empty</p> + <p>Fix go-get URL generation</p> + </blockquote> + </body> + </description> + <references> + <url>https://github.com/go-gitea/gitea/releases/tag/v1.7.1</url> + </references> + <dates> + <discovery>2019-01-31</discovery> + <entry>2019-02-01</entry> + </dates> + </vuln> + <vuln vid="22b90fe6-258e-11e9-9c8d-6805ca0b3d42"> <topic>p5-Email-Address-List -- DDoS related vulnerability</topic> <affects>
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201902020126.x121Qm6J033256>