Changelog has: "Prevent anonymous container access if RequireSignInView is enabled (#28877) (#28882) Update go dependencies and fix go-git (#28893) (#28934)" The security impact of the second line isn't obvious to me. Please stabilize 1.21.5.
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=daa685f289d8d96c94a31fb8f6ab7be067dc76ec commit daa685f289d8d96c94a31fb8f6ab7be067dc76ec Author: Yixun Lan <dlan@gentoo.org> AuthorDate: 2024-02-20 02:51:08 +0000 Commit: Yixun Lan <dlan@gentoo.org> CommitDate: 2024-02-20 02:52:24 +0000 www-apps/gitea: drop vulnerable version 1.21.4 Bug: https://bugs.gentoo.org/925023 Signed-off-by: Yixun Lan <dlan@gentoo.org> www-apps/gitea/Manifest | 1 - www-apps/gitea/gitea-1.21.4.ebuild | 147 ------------------------------------- 2 files changed, 148 deletions(-)