mirror of
https://codeberg.org/forgejo/forgejo.git
synced 2024-11-28 09:21:13 -05:00
[RELEASE] v1.21.7-0 release notes (cosmetic changes)
This commit is contained in:
parent
c2f4fcca5a
commit
4565f5fbc9
1 changed files with 8 additions and 4 deletions
|
@ -13,10 +13,7 @@ $ git clone https://codeberg.org/forgejo/forgejo/
|
|||
$ git -C forgejo log --oneline --no-merges v1.21.6-0..v1.21.7-0
|
||||
```
|
||||
|
||||
This stable release contains bug fixes and a **security fix**. It was built with Go v1.21.8 which [includes vulnerability fixes](https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg).
|
||||
|
||||
* [CVE-2023-45290](https://go.dev/issue/65383) which could lead to memory exhaustion when parsing a multipart form.
|
||||
* [CVE-2023-45289](https://go.dev/issue/65065) which could allow incorrect forwarding of sensitive headers and cookies on HTTP redirect.
|
||||
This stable release contains bug fixes and a **security fix**.
|
||||
|
||||
* Recommended Action
|
||||
|
||||
|
@ -26,6 +23,13 @@ This stable release contains bug fixes and a **security fix**. It was built with
|
|||
|
||||
The semantic version was updated to `6.0.7+0-gitea-1.21.7`
|
||||
|
||||
* Built with Go 1.21.8
|
||||
|
||||
It [includes vulnerability fixes](https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg).
|
||||
|
||||
* [CVE-2023-45290](https://go.dev/issue/65383) which could lead to memory exhaustion when parsing a multipart form.
|
||||
* [CVE-2023-45289](https://go.dev/issue/65065) which could allow incorrect forwarding of sensitive headers and cookies on HTTP redirect.
|
||||
|
||||
* Security fix
|
||||
|
||||
* The google.golang.org/protobuf module was bumped to version v1.33.0 to fix a bug in the google.golang.org/protobuf/encoding/protojson package which could cause the Unmarshal function to enter an infinite loop when handling some invalid inputs. [Read more in the announcement](https://groups.google.com/g/golang-announce/c/ArQ6CDgtEjY).
|
||||
|
|
Loading…
Reference in a new issue