[Git][security-tracker-team/security-tracker][master] Track fixes for gitlab via experimental

[Salvatore Bonaccorso]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
547ab258 by Salvatore Bonaccorso at 2019-08-11T18:55:30Z
Track fixes for gitlab via experimental

Still gitlab cannot be uploaded to unstable, so the tracking situation
is getting worse =).

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -26537,14 +26537,17 @@ CVE-2019-5471 [Persistent XSS via Email]
        NOTE: 
https://about.gitlab.com/2019/07/29/security-release-gitlab-12-dot-1-dot-2-released/
 CVE-2019-5470 [Information Disclosure Vulnerability Feedback]
        RESERVED
+       [experimental] - gitlab 11.11.7+dfsg-1
        - gitlab <unfixed> (bug #933785)
        NOTE: 
https://about.gitlab.com/2019/07/29/security-release-gitlab-12-dot-1-dot-2-released/
 CVE-2019-5469 [Arbitrary File Upload via Import Project Archive]
        RESERVED
+       [experimental] - gitlab 11.11.7+dfsg-1
        - gitlab <unfixed> (bug #933785)
        NOTE: 
https://about.gitlab.com/2019/07/29/security-release-gitlab-12-dot-1-dot-2-released/
 CVE-2019-5468 [User Revokation Bypass with Mattermost Integration]
        RESERVED
+       [experimental] - gitlab 11.11.7+dfsg-1
        - gitlab <unfixed> (bug #933785)
        NOTE: 
https://about.gitlab.com/2019/07/29/security-release-gitlab-12-dot-1-dot-2-released/
 CVE-2019-5467 [Persistent XSS Wiki Pages]
@@ -26554,26 +26557,32 @@ CVE-2019-5467 [Persistent XSS Wiki Pages]
        NOTE: 
https://about.gitlab.com/2019/07/29/security-release-gitlab-12-dot-1-dot-2-released/
 CVE-2019-5466 [IDOR Label Name Enumeration]
        RESERVED
+       [experimental] - gitlab 11.11.7+dfsg-1
        - gitlab <unfixed> (bug #933785)
        NOTE: 
https://about.gitlab.com/2019/07/29/security-release-gitlab-12-dot-1-dot-2-released/
 CVE-2019-5465 [Information Disclosure New Issue ID]
        RESERVED
+       [experimental] - gitlab 11.11.7+dfsg-1
        - gitlab <unfixed> (bug #933785)
        NOTE: 
https://about.gitlab.com/2019/07/29/security-release-gitlab-12-dot-1-dot-2-released/
 CVE-2019-5464 [SSRF Mitigation Bypass]
        RESERVED
+       [experimental] - gitlab 11.11.7+dfsg-1
        - gitlab <unfixed> (bug #933785)
        NOTE: 
https://about.gitlab.com/2019/07/29/security-release-gitlab-12-dot-1-dot-2-released/
 CVE-2019-5463 [Build Status Disclosure]
        RESERVED
+       [experimental] - gitlab 11.11.7+dfsg-1
        - gitlab <unfixed> (bug #933785)
        NOTE: 
https://about.gitlab.com/2019/07/29/security-release-gitlab-12-dot-1-dot-2-released/
 CVE-2019-5462 [Trigger Token Impersonation]
        RESERVED
+       [experimental] - gitlab 11.11.7+dfsg-1
        - gitlab <unfixed> (bug #933785)
        NOTE: 
https://about.gitlab.com/2019/07/29/security-release-gitlab-12-dot-1-dot-2-released/
 CVE-2019-5461 [GitHub Integration SSRF]
        RESERVED
+       [experimental] - gitlab 11.11.7+dfsg-1
        - gitlab <unfixed> (bug #933785)
        NOTE: 
https://about.gitlab.com/2019/07/29/security-release-gitlab-12-dot-1-dot-2-released/
 CVE-2019-5460 (Double Free in VLC versions &lt;= 3.0.6 leads to a crash. ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/547ab258f6880567cd8c66099f6b3261fca53507

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/547ab258f6880567cd8c66099f6b3261fca53507
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits