Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits: 3cc295e6 by Moritz Muehlenhoff at 2018-05-30T10:06:37+02:00 new gitlab issues - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== --- a/data/CVE/list +++ b/data/CVE/list @@ -1,3 +1,30 @@ +CVE-2018-XXXX [gitlab: Removing public deploy keys regression] + - gitlab <unfixed> + [stretch] - gitlab <not-affected> (Introduced in 10.1.6) + NOTE: https://about.gitlab.com/2018/05/29/security-release-gitlab-10-dot-8-dot-2-released/ +CVE-2018-XXXX [gitlab: Users can update their password without entering current password] + - gitlab <unfixed> + NOTE: https://about.gitlab.com/2018/05/29/security-release-gitlab-10-dot-8-dot-2-released/ +CVE-2018-XXXX [gitlab: Persistent XSS - Selecting users as allowed merge request approvers] + - gitlab <unfixed> + [stretch] - gitlab <not-affected> (Introduced in 9.1) + NOTE: https://about.gitlab.com/2018/05/29/security-release-gitlab-10-dot-8-dot-2-released/ +CVE-2018-XXXX [gitlab: Persistent XSS - Multiple locations of user selection drop downs] + - gitlab <unfixed> + [stretch] - gitlab <not-affected> (Introduced in 9.1) + NOTE: https://about.gitlab.com/2018/05/29/security-release-gitlab-10-dot-8-dot-2-released/ +CVE-2018-XXXX [gitlab: include directive in .gitlab-ci.yml allows SSRF requests] + - gitlab <unfixed> + [stretch] - gitlab <not-affected> (Introduced in 10.5) + NOTE: https://about.gitlab.com/2018/05/29/security-release-gitlab-10-dot-8-dot-2-released/ +CVE-2018-XXXX [gitlab: Permissions issue in Merge Requests Create Service] + - gitlab <unfixed> + [stretch] - gitlab <not-affected> (Introduced in 10.6) + NOTE: https://about.gitlab.com/2018/05/29/security-release-gitlab-10-dot-8-dot-2-released/ +CVE-2018-XXXX [gitlab: Arbitrary assignment of project fields using Import project] + - gitlab <unfixed> + [stretch] - gitlab <not-affected> (Introduced in 10.4) + NOTE: https://about.gitlab.com/2018/05/29/security-release-gitlab-10-dot-8-dot-2-released/ CVE-2018-11540 RESERVED CVE-2018-11539 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/3cc295e6ca4068b15163fac80ff57406c773c386 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/3cc295e6ca4068b15163fac80ff57406c773c386 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list [email protected] https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
