1
0
mirror of https://git.FreeBSD.org/ports.git synced 2024-11-18 00:10:04 +00:00

www/forgejo: update to 7.0.4 (fixes security vulnerabilities)

CVE-2024-24789: the archive/zip package's handling of certain types of invalid
zip files differs from the behavior of most zip implementations. This
misalignment could be exploited to create an zip file with contents that vary
depending on the implementation reading the file.

PR:		279781
Reported by:	stb@lassitu.de (maintainer)
MFH:		2024Q2
Security:	CVE-2024-24789
This commit is contained in:
Stefan Bethke 2024-06-17 19:16:10 +02:00 committed by Fernando Apesteguía
parent f751fbfe59
commit be43fb2830
2 changed files with 4 additions and 5 deletions

View File

@ -1,7 +1,6 @@
PORTNAME= forgejo
DISTVERSIONPREFIX= v
DISTVERSION= 7.0.3
PORTREVISION= 1
DISTVERSION= 7.0.4
CATEGORIES= www
MASTER_SITES= https://codeberg.org/forgejo/forgejo/releases/download/${DISTVERSIONPREFIX}${DISTVERSION}/
DISTNAME= forgejo-src-${DISTVERSION}

View File

@ -1,3 +1,3 @@
TIMESTAMP = 1716464783
SHA256 (forgejo-src-7.0.3.tar.gz) = c9e85222eb27508e74a284cb125df7c6d7cfc31f52c62f1e305d2aeb1bdb7abc
SIZE (forgejo-src-7.0.3.tar.gz) = 54895104
TIMESTAMP = 1718527772
SHA256 (forgejo-src-7.0.4.tar.gz) = 881e55d92a4145238a8e7a39dd5c64d547c7629361005ded0393f33ec9e6bba4
SIZE (forgejo-src-7.0.4.tar.gz) = 54935871