Diffusion FreeBSD ports repository fa79df5d45ca

www/kanboard: update to 1.2.30
fa79df5d45ca
Actions

Tags

None

Referenced Files

None

Subscribers

None

Description

www/kanboard: update to 1.2.30

ChangeLog: https://github.com/kanboard/kanboard/releases/tag/v1.2.30

CVE-2023-33956: Parameter based Indirect Object Referencing leading to private file exposure
CVE-2023-33968: Missing access control allows user to move and duplicate tasks to any project in the software
CVE-2023-33969: Stored XSS in the Task External Link Functionality
CVE-2023-33970: Missing access control in internal task links feature
Avoid PHP warning caused by session_regenerate_id()
Avoid CSS issue when upgrading to v1.2.29 without flushing user sessions

Reported by: portscout
MFH: 2023Q2 (security release)
Security: CVE-2023-33956 CVE-2023-33968 CVE-2023-33969 CVE-2023-33970

(cherry picked from commit ad5f302a4937b0056b9f6744c11be67482da1fe5)

Details

Provenance

Authored on Jun 5 2023, 6:31 AM

Parents

R11:c852714ad502: emulators/virtualbox-ose-legacy: build fails on FreeBSD 12.4, 13.1 and 13.2…

Branches

Unknown

Tags

Unknown

Event Timeline

fernape committed R11:fa79df5d45ca: www/kanboard: update to 1.2.30 (authored by fernape).Jun 6 2023, 12:03 PM

Changes (2)

Path

Size

www/

kanboard/

R11:fa79df5d45ca

www/kanboard/Makefile

Loading...

www/kanboard/distinfo

Loading...