this is now the second time someone had to randomly mention in passing that I should upgrade my gitea, because there's a critical security issue you're just supposed to know about