FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

gitea -- multiple vulnerabilities

Affected packages
		gitea	<	1.10.3

Details

VuXML ID	a512a412-3a33-11ea-af63-0800274e5f20
Discovery	2019-11-22
Entry	2020-01-18

The Gitea Team reports:

Hide credentials when submitting migration

Never allow an empty password to validate

Prevent redirect to Host

Hide public repos owned by private orgs

[source]

References

FreeBSD PR	ports/243437
URL	https://github.com/go-gitea/gitea/releases/tag/v1.10.3