Ana Guerrero
c2e37c8d7f
- Update to version 13.0.3:
* fix dependency repo perms in Create/RemoveIssueDependency
* draft releases could be read before being published
* misconfigured security checks on tag delete web form
* incorrect logic in "Update PR" did not enforce head branch protection rules
correctly
* issue owner can delete another user's comment's edit history on same issue
* tag protection rules can be bypassed during tag delete operation
* fix: support git clone when /tmp has noexec
* fix: get new session from enginegroup instead of masterengine
* fix: endless redirection loop between /user/settings/change_password and
/user/settings/security
* fix(alt): handle package names with dots in ALT repository
* fix: pull request review comment position
* fix: less restrictive matrix room_id pattern
* fix: add required headers to Pagure migration
* fix: prevent orgs from being added as members of orgs
* fix(api): set all hook event types
* fix: don't show ConEmu OSC escape sequences
* fix: set tag message on tag addition
* fix: construct project links in timeline better
- remove patches fix-CVE-2025-47911.patch and fix-CVE-2025-58190.patch,
fixed upstream (forwarded request 1321396 from rrahl0)
OBS-URL: https://build.opensuse.org/request/show/1321397
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/forgejo?expand=0&rev=39
SUSE Specific Notes --------------------- By default the package does not allow writing to `/etc/forgejo/conf/app.ini`. This is not a problem during normal runtime. But during the initial setup forgejo wants to write to this file. We can temporarily allow it with: ``` chown -R forgejo: /etc/forgejo/conf/ ``` If apparmor is enabled as well, we need to temporarily allow writing there as well. You can check this with: ``` ps aufxZ | grep '^forgejo' forgejo (enforce) ... ``` If it is running in apparmor use this to allow the temporary permissions: ``` echo "/etc/forgejo/conf/app.ini rwlk," >> /etc/apparmor.d/local/forgejo apparmor_parser -r /etc/apparmor.d/forgejo ``` Once the initial installation is done you can use this to restore the permissions: ``` rpm --setugids --setperms forgejo ``` And remove the line from the `/etc/apparmor.d/local/forgejo` file again and reload the profile with ``` apparmor_parser -r /etc/apparmor.d/forgejo ```