FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

gitea -- multiple vulnerabilities

Affected packages
gitea < 1.7.0

Details

VuXML ID 7f6146aa-2157-11e9-9ba0-4c72b94353b5
Discovery 2019-01-22
Entry 2019-01-26

Gitea Team reports:

Do not display the raw OpenID error in the UI

When redirecting clean the path to avoid redirecting to external site

Prevent DeleteFilePost doing arbitrary deletion

[source]

References

URL https://github.com/go-gitea/gitea/releases/tag/v1.7.0

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.