Skip to content

Update crypto vendors#10385

Merged
techknowlogick merged 2 commits into
go-gitea:masterfrom
techknowlogick:update-crypto
Feb 20, 2020
Merged

Update crypto vendors#10385
techknowlogick merged 2 commits into
go-gitea:masterfrom
techknowlogick:update-crypto

Conversation

@techknowlogick
Copy link
Copy Markdown
Member

@techknowlogick techknowlogick commented Feb 20, 2020

as title

@techknowlogick techknowlogick added type/refactoring Existing code has been cleaned up. There should be no new functionality. backport/v1.11 labels Feb 20, 2020
@techknowlogick techknowlogick added this to the 1.12.0 milestone Feb 20, 2020
@GiteaBot GiteaBot added the lgtm/need 1 This PR needs approval from one additional maintainer to be merged. label Feb 20, 2020
@GiteaBot GiteaBot added lgtm/done This PR has enough approvals to get merged. There are no important open reservations anymore. and removed lgtm/need 1 This PR needs approval from one additional maintainer to be merged. labels Feb 20, 2020
sapk
sapk approved these changes Feb 20, 2020
View reviewed changes
Copy link
Copy Markdown
Member

@sapk sapk left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM but why ?

@techknowlogick
Copy link
Copy Markdown
Member Author

techknowlogick commented Feb 20, 2020

ping LG-TM

@techknowlogick techknowlogick merged commit 63a6e71 into go-gitea:master Feb 20, 2020
@techknowlogick techknowlogick deleted the update-crypto branch February 20, 2020 21:03
@kolaente
Copy link
Copy Markdown
Member

kolaente commented Feb 21, 2020

Does this need backporting?

@sapk
Copy link
Copy Markdown
Member

sapk commented Feb 21, 2020

@kolaente yes

@guillep2k guillep2k mentioned this pull request Feb 21, 2020
Merged
@guillep2k guillep2k added the backport/done All backports for this PR have been created label Feb 21, 2020
@acohn
Copy link
Copy Markdown

acohn commented Feb 27, 2020

Is this a fix for CVE-2020-9283 when using the builtin SSH server?

@sapk
Copy link
Copy Markdown
Member

sapk commented Feb 27, 2020

@acohn yes this has been discussed on discord channel and I think it would be disclosed when 1.11.2 is released.

@zeripath zeripath changed the title update crypto vendors Update crypto vendors Mar 6, 2020
@zeripath zeripath added the topic/security Something leaks user information or is otherwise vulnerable. Should be fixed! label Mar 6, 2020
@go-gitea go-gitea locked and limited conversation to collaborators Nov 24, 2020
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Reviewers

4 more reviewers

@zeripath zeripath zeripath approved these changes

@sapk sapk sapk approved these changes

@kolaente kolaente kolaente approved these changes

@jolheiser jolheiser jolheiser approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

backport/done All backports for this PR have been created lgtm/done This PR has enough approvals to get merged. There are no important open reservations anymore. topic/security Something leaks user information or is otherwise vulnerable. Should be fixed! type/refactoring Existing code has been cleaned up. There should be no new functionality.

Projects

None yet

Milestone

1.12.0

Development

Successfully merging this pull request may close these issues.

8 participants

@techknowlogick @kolaente @sapk @acohn @zeripath @jolheiser @guillep2k @GiteaBot