diff options
| author | Stefan Bethke <stb@lassitu.de> | 2024-06-17 19:16:10 +0200 |
|---|---|---|
| committer | Fernando ApesteguĂa <fernape@FreeBSD.org> | 2024-06-19 08:42:50 +0200 |
| commit | d18807bcfba5dd79b8d8fdce2c6baf9f962fa69f (patch) | |
| tree | 109260f617adb7b8c08e8de1dfeacdd8a3e6ec76 | |
| parent | 8e227742d596fc80c700f4a0ee80726e987da0ad (diff) | |
| download | freebsd-ports-d18807bcfba5dd79b8d8fdce2c6baf9f962fa69f.zip | |
www/forgejo: update to 7.0.4 (fixes security vulnerabilities)
CVE-2024-24789: the archive/zip package's handling of certain types of invalid
zip files differs from the behavior of most zip implementations. This
misalignment could be exploited to create an zip file with contents that vary
depending on the implementation reading the file.
PR: 279781
Reported by: stb@lassitu.de (maintainer)
MFH: 2024Q2
Security: CVE-2024-24789
(cherry picked from commit be43fb2830c94e23e0d9aa49ef9b982b0ab31e2c)
| -rw-r--r-- | www/forgejo/Makefile | 3 | ||||
| -rw-r--r-- | www/forgejo/distinfo | 6 |
2 files changed, 4 insertions, 5 deletions
diff --git a/www/forgejo/Makefile b/www/forgejo/Makefile index 5ce85017635c..67963a09227c 100644 --- a/www/forgejo/Makefile +++ b/www/forgejo/Makefile @@ -1,7 +1,6 @@ PORTNAME= forgejo DISTVERSIONPREFIX= v -DISTVERSION= 1.21.10-0 -PORTREVISION= 3 +DISTVERSION= 7.0.4 CATEGORIES= www MASTER_SITES= https://codeberg.org/forgejo/forgejo/releases/download/${DISTVERSIONPREFIX}${DISTVERSION}/ DISTNAME= forgejo-src-${DISTVERSION} diff --git a/www/forgejo/distinfo b/www/forgejo/distinfo index 35e0c2d393a7..e60439031aae 100644 --- a/www/forgejo/distinfo +++ b/www/forgejo/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1712360403 -SHA256 (forgejo-src-1.21.10-0.tar.gz) = 0cc21835404e40355cf7125b479efebb1fecf2cc17d018d4d54521d75943caf5 -SIZE (forgejo-src-1.21.10-0.tar.gz) = 58820868 +TIMESTAMP = 1718527772 +SHA256 (forgejo-src-7.0.4.tar.gz) = 881e55d92a4145238a8e7a39dd5c64d547c7629361005ded0393f33ec9e6bba4 +SIZE (forgejo-src-7.0.4.tar.gz) = 54935871 |