git: 83ec241c5420 - main - security/vuxml: Add record for www/gitea: Fix bug when a token is given public only
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Wed, 09 Oct 2024 22:10:10 UTC
The branch main has been updated by vvd:
URL: https://cgit.FreeBSD.org/ports/commit/?id=83ec241c5420ce9ccf1195c0f8db95e87cd1f31b
commit 83ec241c5420ce9ccf1195c0f8db95e87cd1f31b
Author: Stefan Bethke <stb@lassitu.de>
AuthorDate: 2024-10-09 22:08:03 +0000
Commit: Vladimir Druzenko <vvd@FreeBSD.org>
CommitDate: 2024-10-09 22:08:03 +0000
security/vuxml: Add record for www/gitea: Fix bug when a token is given public only
PR: 281949
---
security/vuxml/vuln/2024.xml | 26 ++++++++++++++++++++++++++
1 file changed, 26 insertions(+)
diff --git a/security/vuxml/vuln/2024.xml b/security/vuxml/vuln/2024.xml
index 35d4997cca74..8251468be639 100644
--- a/security/vuxml/vuln/2024.xml
+++ b/security/vuxml/vuln/2024.xml
@@ -1,3 +1,28 @@
+ <vuln vid="79b1f4ee-860a-11ef-b2dc-cbccbf25b7ea">
+ <topic>gitea -- token missing access control for packages</topic>
+ <affects>
+ <package>
+ <name>gitea</name>
+ <range><lt>1.22.3</lt></range>
+ </package>
+ </affects>
+ <description>
+ <body xmlns="http://www.w3.org/1999/xhtml">
+ <h1>Problem Description:</h1>
+ <ul>
+ <li>Fix bug when a token is given public only</li>
+ </ul>
+ </body>
+ </description>
+ <references>
+ <url>https://github.com/go-gitea/gitea/pull/32204</url>
+ </references>
+ <dates>
+ <discovery>2024-10-06</discovery>
+ <entry>2024-10-09</entry>
+ </dates>
+ </vuln>
+
<vuln vid="8727b513-855b-11ef-9e50-6805ca2fa271">
<topic>powerdns-recursor -- denial of service</topic>
<affects>
@@ -24,6 +49,7 @@
<entry>2024-10-09</entry>
</dates>
</vuln>
+
<vuln vid="7217f6e8-3ff4-4387-845d-d1744bb7f95e">
<topic>chromium -- multiple security fixes</topic>
<affects>