[Bug 273379] www/gitea: Update to 1.20.3 (fixes security vulnerabilities)

In reply to: bugzilla-noreply_a_freebsd.org: "[Bug 273379] www/gitea: Update to 1.20.3 (fixes security vulnerabilities)"
Go to: [ bottom of page ] [ top of archives ] [ this month ]

From: <bugzilla-noreply_at_freebsd.org>
Date: Sun, 27 Aug 2023 08:46:20 UTC

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=273379

Graham Perrin ◐ <grahamperrin@gmail.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |grahamperrin@gmail.com,
                   |                            |ports-secteam@FreeBSD.org
              Flags|                            |merge-quarterly?

--- Comment #1 from Graham Perrin ◐ <grahamperrin@gmail.com> ---
<https://github.com/go-gitea/gitea/pull/25097#issue-1743460192> (opening post): 

> … not really a security issue, …

<https://github.com/go-gitea/gitea/pull/25097#issuecomment-1579149601>: 

> I would argue that this _is_ in fact a security issue? …

Any arguments asid, <https://blog.gitea.com/release-of-1.20.3/#changelog> does
authoritatively place 25097 (and 26350) under the heading of SECURITY, so, I
reckon: 

* Bugzilla keyword security

* affects many people

* maximise the priority, to normal.

-- 
You are receiving this mail because:
You are the assignee for the bug.