SUSE Package Hub - openSUSE-2025-443

Update Info

openSUSE-2025-443

Security update for gitea-tea

Type: security
Severity: moderate
Issued: 2025-11-27
Description:
This update for gitea-tea fixes the following issues:

- update to 0.11.1:
  * 61d4e57 Fix Pr Create crash (#823)
  * 4f33146 add test for matching logins (#820)
  * 08b8398 Update README.md (#819)

- CVE-2025-58190: golang.org/x/net/html: excessive memory consumption by `html.ParseFragment` when processing specially crafted input (boo#1251663)
- CVE-2025-47911: golang.org/x/net/html: various algorithms with quadratic complexity when parsing HTML documents (boo#1251471)

- update to 0.11.0:
  * Fix yaml output single quote (#814)
  * generate man page (#811)
  * feat: add validation for object-format flag in repo create
    command (#741)
  * Fix release version (#815)
  * update gitea sdk to v0.22 (#813)
  * don't fallback login directly (#806)
  * Check duplicated login name in interact mode when creating new
    login (#803)
  * Fix bug when output json with special chars (#801)
  * add debug mode and update readme (#805)
  * update go.mod to retract the wrong tag v1.3.3 (#802)
  * revert completion scripts removal (#808)
  * Remove pagination from context (#807)
  * Continue auth when failed to open browser (#794)
  * Fix bug (#793)
  * Fix tea login add with ssh public key bug (#789)
  * Add temporary authentication via environment variables (#639)
  * Fix attachment size (#787)
  * deploy image when tagging (#792)
  * Add Zip URL for release list (#788)
  * Use bubbletea instead of survey for interacting with TUI (#786)
  * capitalize a few items
  * rm out of date comparison file
  * README: Document logging in to gitea (#790)
  * remove autocomplete command (#782)
  * chore(deps): update ghcr.io/devcontainers/features/git-lfs
    docker tag to v1.2.5 (#773)
  * replace arch package url (#783)
  * fix: Reenable -p and --limit switches (#778)

- Update to 0.10.1+git.1757695903.cc20b52:
  - feat: add validation for object-format flag in repo create
    command (see gh#openSUSE/openSUSE-git#60)
  - Fix release version
  - update gitea sdk to v0.22
  - don't fallback login directly
  - Check duplicated login name in interact mode when creating
    new login
  - Fix bug when output json with special chars
  - add debug mode and update readme
  - update go.mod to retract the wrong tag v1.3.3
  - revert completion scripts removal
  - Remove pagination from context
  - Continue auth when failed to open browser
  - Fix bug
  - Fix tea login add with ssh public key bug
  - Add temporary authentication via environment variables
  - Fix attachment size
  - deploy image when tagging
  - Add Zip URL for release list
  - Use bubbletea instead of survey for interacting with TUI
  - capitalize a few items
  - rm out of date comparison file
  - README: Document logging in to gitea
  - remove autocomplete command
  - chore(deps): update ghcr.io/devcontainers/features/git-lfs
    docker tag to v1.2.5
  - replace arch package url
  - fix: Reenable `-p` and `--limit` switches
References

Packages

gitea-tea-0.11.1-bp156.14.1