Please update to version 0.1.1. There is known vulnerabilities (e.g: SQL injection) for the version currently on the tree. See https://nvd.nist.gov/vuln/detail/CVE-2022-3751 and https://nvd.nist.gov/vuln/detail/CVE-2023-3188 Reproducible: Always
@Maintainer: please update your maintainer e-mail in metadata.xml to one recognized by bugzilla.
If I haven't gotten around to bumping the major changes for 0.1.0 yet, it will realistically never happen, especially since I no longer run it myself. I have removed myself as maintainer. If someone else wants to step up, go ahead, otherwise I can remove the package entirely for having open security bugs. @ceamac: please update https://wiki.gentoo.org/wiki/Project:GURU/Information_for_Contributors to say that the e-mail address used for GURU must be the same as for Bugzilla.
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/proj/guru.git/commit/?id=22ea2a0db80811ac992d7c410bf796ab297ac2db commit 22ea2a0db80811ac992d7c410bf796ab297ac2db Author: David Roman <davidroman96@gmail.com> AuthorDate: 2023-10-19 10:38:01 +0000 Commit: David Roman <davidroman96@gmail.com> CommitDate: 2023-10-19 10:38:01 +0000 profiles: mask media-video/owncast Bug: https://bugs.gentoo.org/915891 Signed-off-by: David Roman <davidroman96@gmail.com> profiles/package.mask | 5 +++++ 1 file changed, 5 insertions(+)
The bug has been closed via the following commit(s): https://gitweb.gentoo.org/repo/proj/guru.git/commit/?id=04d0498c76f47ac706ae7d33b85b7b289ad0a1a7 commit 04d0498c76f47ac706ae7d33b85b7b289ad0a1a7 Author: Julien Roy <julien@jroy.ca> AuthorDate: 2024-04-02 22:52:59 +0000 Commit: Julien Roy <julien@jroy.ca> CommitDate: 2024-04-02 22:52:59 +0000 media-video/owncast: treeclean Closes: https://bugs.gentoo.org/915891 Closes: https://bugs.gentoo.org/860180 Signed-off-by: Julien Roy <julien@jroy.ca> media-video/owncast/Manifest | 6 -- ...0.0.12-1758-remove-websocket-origin-check.patch | 22 ------- media-video/owncast/files/owncast.initd | 33 ----------- media-video/owncast/metadata.xml | 8 --- media-video/owncast/owncast-0.0.12.ebuild | 67 ---------------------- media-video/owncast/owncast-0.0.13.ebuild | 67 ---------------------- 6 files changed, 203 deletions(-)