Branch p8 update bulletin.

Package gitea updated to version 1.7.4-alt1 for branch p8 in task 225381.

Published: 2019-07-11
Modified: 2024-11-21

CVE-2019-1010314

Gitea 1.7.2, 1.7.3 is affected by: Cross Site Scripting (XSS). The impact is: execute JavaScript in victim's browser, when the vulnerable repo page is loaded. The component is: repository's description. The attack vector is: victim must navigate to public and affected repo page.

Severity: MEDIUM (6.1) Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

References:

https://github.com/go-gitea/gitea/releases
https://github.com/go-gitea/gitea/releases

Package rpm updated to version 4.0.4-alt101.M80P.5.2 for branch p8 in task 224974.

use one command definition for %make_build

Шебанг #!/usr/bin/env bash не распознается /usr/lib/rpm/shell.req

line 53: warning: here-document at line 51 delimited by end-of-file

Version: 2.1.0

Branch p8 update on 2019-03-27

ALT-BU-2019-3569-1

ALT-PU-2019-1522-1

Closed vulnerabilities

CVE-2019-1010314

ALT-PU-2019-1528-1

Closed bugs

Bug #34237

Bug #35376

Bug #35803