Skip to main content

Gitea 1.22.6 is released

· 2 min read
lunny
lunny
Gitea maintainer
1.22.6Release

We are excited to announce the release of Gitea version 1.22.6.

This is an urgent update because the security bug fixes in version 1.22.5 released yesterday, which only addressed the Golang crypto library upgrade, are not sufficient. We strongly recommend all users upgrade to the latest version as soon as possible to ensure full protection.

To deliver this release, we have successfully merged 4 pull requests.

As mentioned, the security fixes in 1.22.5 is not enough. More context: Patching PublicKeyCallback for CVE-2024-45337 https://github.com/gliderlabs/ssh/issues/242 .

A special thanks to @wxiaoguang for their prompt efforts in addressing these issues and ensuring the security of Gitea users.

How to Update

Download our pre-built binaries from the Gitea downloads page — make sure to select the version compatible with your platform. For a step-by-step guide on installation or upgrades, check out our installation documentation

Special Thanks

We would also like to thank all of our supporters on Open Collective who are helping to sustain us financially.

Looking for a seamless, hassle-free solution to manage your Git repositories? Discover Gitea Cloud — A fully-managed, scalable platform designed to streamline your development workflow.

Changelog

1.22.6 - 2024-12-12

  • SECURITY
    • Fix misuse of PublicKeyCallback(#32810)
  • BUGFIXES
  • TESTING
    • Avoid MacOS keychain dialog in integration tests (#32813) (#32816)

Contributors

An icon showing wave propagation

Join our community

Gitea is open source. Star our GitHub repo, and join our community on Discord!

Go to GitHub  >Join Discord  >
An icon showing a paper plane

Subscribe to our newsletter

Stay up to date with all things Gitea