Mirrors/gitea
0
0
Fork 0
mirror of https://github.com/go-gitea/gitea.git synced 2026-06-12 05:04:04 +02:00
Code Issues Activity
gitea/modules
History
metsw24-max 7134c1f845
fix: bound debian ParseControlFile to a single control stanza (#38044) 
**Packages-index stanza injection via Debian control file**

A `.deb` whose `control` file appends extra paragraphs after a blank
line was still accepted, and `ParseControlFile` stored the whole
multi-stanza blob in `p.Control`. That blob is re-emitted verbatim into
the generated `Packages` index, so the embedded blank line splits it
into separate stanzas and an uploader can smuggle a package entry with
an attacker-chosen `Filename` into the shared index. A binary control
file only holds one stanza, so parsing now stops at the blank line that
terminates it; well-formed packages are unaffected and the new subtest
covers the trailing-stanza case.

---------

Signed-off-by: wxiaoguang <wxiaoguang@gmail.com>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2026-06-09 20:27:57 -07:00
..
actions
feat(actions)!: improve support for reusable workflows (#37478)
2026-05-30 08:31:14 +02:00
analyze
Fix incorrect vendored detections (#36508)
2026-02-01 10:35:51 +00:00
assetfs
chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873)
2026-05-26 15:49:31 -07:00
auth
test: speed up two tests (#37905)
2026-05-31 03:33:13 +00:00
avatar
chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873)
2026-05-26 15:49:31 -07:00
badge
chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873)
2026-05-26 15:49:31 -07:00
base
chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873)
2026-05-26 15:49:31 -07:00
cache
chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873)
2026-05-26 15:49:31 -07:00
cachegroup
Cache GPG keys, emails and users when list commits (#34086)
2025-04-09 16:34:38 +00:00
charset
chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873)
2026-05-26 15:49:31 -07:00
commitstatus
Update Combine method to treat warnings as failures and adjust tests (#37048)
2026-03-31 17:22:18 +00:00
consts
feat(ssh): auto generate additional ssh keys (#33974)
2026-06-08 18:18:58 +00:00
container
Refactor sidebar assignee&milestone&project selectors (#32465)
2024-11-11 04:07:54 +08:00
csv
chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873)
2026-05-26 15:49:31 -07:00
dump
chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873)
2026-05-26 15:49:31 -07:00
emoji
chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873)
2026-05-26 15:49:31 -07:00
eventsource
chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873)
2026-05-26 15:49:31 -07:00
fileicon
chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873)
2026-05-26 15:49:31 -07:00
generate
feat(ssh): auto generate additional ssh keys (#33974)
2026-06-08 18:18:58 +00:00
git
feat: Add avatar stacks (#37594)
2026-06-08 17:16:22 +00:00
gitrepo
chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873)
2026-05-26 15:49:31 -07:00
glob
chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873)
2026-05-26 15:49:31 -07:00
globallock
chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873)
2026-05-26 15:49:31 -07:00
graceful
chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873)
2026-05-26 15:49:31 -07:00
gtprof
chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873)
2026-05-26 15:49:31 -07:00
hcaptcha
chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873)
2026-05-26 15:49:31 -07:00
highlight
chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873)
2026-05-26 15:49:31 -07:00
hostmatcher
Remove dead code identified by deadcode tool (#37271)
2026-04-20 07:52:48 +00:00
htmlutil
chore: introduce HTMLBuilder (#37688)
2026-05-13 17:06:53 +00:00
httpcache
fix: remove "no-transfrom" from the cache-control header (#37985)
2026-06-04 00:12:02 +08:00
httplib
fix: remove "no-transfrom" from the cache-control header (#37985)
2026-06-04 00:12:02 +08:00
indexer
chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873)
2026-05-26 15:49:31 -07:00
issue/template
enhance: Migrate remaining gopkg.in/yaml.v3 usages to go.yaml.in/yaml/v4 (#37866)
2026-05-29 01:12:11 +00:00
json
Fix corrupted JSON caused by goccy library (#37214)
2026-04-14 14:00:20 +00:00
label
enhance: Migrate remaining gopkg.in/yaml.v3 usages to go.yaml.in/yaml/v4 (#37866)
2026-05-29 01:12:11 +00:00
lfs
chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873)
2026-05-26 15:49:31 -07:00
lfstransfer
chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873)
2026-05-26 15:49:31 -07:00
log
chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873)
2026-05-26 15:49:31 -07:00
markup
enhance: allow MathML core elements (#38034)
2026-06-08 17:58:41 +00:00
mcaptcha
chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873)
2026-05-26 15:49:31 -07:00
metrics
chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873)
2026-05-26 15:49:31 -07:00
migration
enhance: Migrate remaining gopkg.in/yaml.v3 usages to go.yaml.in/yaml/v4 (#37866)
2026-05-29 01:12:11 +00:00
nosql
chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873)
2026-05-26 15:49:31 -07:00
optional
enhance: Migrate remaining gopkg.in/yaml.v3 usages to go.yaml.in/yaml/v4 (#37866)
2026-05-29 01:12:11 +00:00
options
chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873)
2026-05-26 15:49:31 -07:00
packages
fix: bound debian ParseControlFile to a single control stanza (#38044)
2026-06-09 20:27:57 -07:00
paginator
feat(ui): add "follow rename" to file commit history list (#34994)
2026-06-03 17:40:38 +00:00
pprof
chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873)
2026-05-26 15:49:31 -07:00
private
chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873)
2026-05-26 15:49:31 -07:00
process
chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873)
2026-05-26 15:49:31 -07:00
proxy
chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873)
2026-05-26 15:49:31 -07:00
proxyprotocol
chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873)
2026-05-26 15:49:31 -07:00
public
fix(frontend): resolve Vite assets by manifest source path (#37836)
2026-05-28 06:14:52 +00:00
queue
chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873)
2026-05-26 15:49:31 -07:00
recaptcha
chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873)
2026-05-26 15:49:31 -07:00
references
chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873)
2026-05-26 15:49:31 -07:00
regexplru
chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873)
2026-05-26 15:49:31 -07:00
repository
feat: Add avatar stacks (#37594)
2026-06-08 17:16:22 +00:00
reqctx
chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873)
2026-05-26 15:49:31 -07:00
secret
Upgrade golangci-lint to v1.64.5 (#33654)
2025-02-21 00:05:40 +08:00
session
chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873)
2026-05-26 15:49:31 -07:00
setting
feat(ssh): auto generate additional ssh keys (#33974)
2026-06-08 18:18:58 +00:00
sitemap
ssh
feat(ssh): auto generate additional ssh keys (#33974)
2026-06-08 18:18:58 +00:00
storage
chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873)
2026-05-26 15:49:31 -07:00
structs
feat(api): Add assignees APIs (#37330)
2026-06-09 06:12:09 +00:00
svg
chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873)
2026-05-26 15:49:31 -07:00
system
chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873)
2026-05-26 15:49:31 -07:00
tailmsg
Support performance trace (#32973)
2025-01-21 18:57:07 +00:00
tempdir
chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873)
2026-05-26 15:49:31 -07:00
templates
feat: Add avatar stacks (#37594)
2026-06-08 17:16:22 +00:00
test
chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873)
2026-05-26 15:49:31 -07:00
testlogger
chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873)
2026-05-26 15:49:31 -07:00
timeutil
chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873)
2026-05-26 15:49:31 -07:00
translation
chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873)
2026-05-26 15:49:31 -07:00
turnstile
chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873)
2026-05-26 15:49:31 -07:00
typesniffer
Feature non-zipped actions artifacts (action v7) (#36786)
2026-03-26 00:37:48 +08:00
updatechecker
chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873)
2026-05-26 15:49:31 -07:00
uri
user
Refactor older tests to use testify (#33140)
2025-01-09 09:21:47 +08:00
util
chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873)
2026-05-26 15:49:31 -07:00
validation
chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873)
2026-05-26 15:49:31 -07:00
web
chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873)
2026-05-26 15:49:31 -07:00
webhook
actions: report commit status for pull_request_review events (#36589)
2026-02-20 16:12:22 +00:00
zstd
chore(deps): upgrade zstd seekable package (#37988)
2026-06-04 13:38:56 +00:00