forgejo/release-notes-published/7.0.9.md

10 lines
1.3 KiB
Markdown
Raw Permalink Normal View History

<!--start release-notes-assistant-->
<!--URL:https://codeberg.org/forgejo/forgejo-->
- Security
- [PR](https://codeberg.org/forgejo/forgejo/pulls/5244) ([backported](https://codeberg.org/forgejo/forgejo/pulls/5246)): <!--number 5246 --><!--line 0 --><!--description cmVwbGFjZSB2LWh0bWwgd2l0aCB2LXRleHQgaW4gYnJhbmNoIHNlYXJjaCBpbnB1dGJveCBmb3IgWFNTIHByb3RlY3Rpb24=-->replace v-html with v-text in branch search inputbox for XSS protection<!--description-->
- [PR](https://codeberg.org/forgejo/forgejo/pulls/5201): <!--number 5201 --><!--line 0 --><!--description VXBkYXRlIGRlcGVuZGVuY3kgd2VicGFjayB0byB2NS45NC4wIFtTRUNVUklUWV0gKHY3LjAvZm9yZ2Vqbyk=-->Upgrade [webpack to v5.94.0](https://github.com/webpack/webpack/releases/tag/v5.94.0) as a precaution to mitigate [CVE-2024-43788](https://github.com/advisories/GHSA-4vvj-4cpr-p986), although we were not yet able to confirm that this can be exploited in Forgejo.<!--description-->
- Localization
- [PR](https://codeberg.org/forgejo/forgejo/pulls/5070) ([backported](https://codeberg.org/forgejo/forgejo/pulls/5181)): <!--number 5181 --><!--line 0 --><!--description aTE4bjogdXBkYXRlIG9mIHRyYW5zbGF0aW9ucyBmcm9tIENvZGViZXJnIFRyYW5zbGF0ZQ==-->i18n: update of translations from Codeberg Translate<!--description-->
<!--end release-notes-assistant-->