FreeBSD : gitea -- multiple vulnerabilities (b12a341a-0932-11ea-bf09-080027e0baa0)

high Nessus Plugin ID 131263

Language:

Synopsis

The remote FreeBSD host is missing a security-related update.

Description

The Gitea Team reports :

This release contains five security fixes, so we recommend updating :

- Fix issue with user.fullname

- Ignore mentions for users with no access

- Be more strict with git arguments

- Extract the username and password from the mirror url

- Reserve .well-known username

Solution

Update the affected package.

See Also

https://blog.gitea.io/2019/11/gitea-1.10.0-is-released/

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=241981

http://www.nessus.org/u?118d3f57

Plugin Details

Severity: High

ID: 131263

File Name: freebsd_pkg_b12a341a093211eabf09080027e0baa0.nasl

Version: 1.1

Type: local

Published: 11/25/2019

Updated: 11/25/2019

Supported Sensors: Nessus

Vulnerability Information

CPE: p-cpe:/a:freebsd:freebsd:gitea, cpe:/o:freebsd:freebsd

Required KB Items: Host/local_checks_enabled, Host/FreeBSD/release, Host/FreeBSD/pkg_info

Patch Publication Date: 11/22/2019

Vulnerability Publication Date: 11/17/2019