Source: gitlab Version: 10.6.2+dfsg-1 Severity: grave Tags: security upstream Justification: user security hole Control: clone -1 -2 -3 Control: retitle -1 gitlab: Confidential issue comments in Slack, Mattermost, and webhook integrations Control: retitle -2 gitlab: Persistent XSS in milestones data-milestone-id Control: retitle -3 gitlab: Persistent XSS in filename of merge request Control: found -1 8.13.11+dfsg1-8 Control: found -3 8.13.11+dfsg1-8
Hi New gitlab release fixing three issues. Will fill three bugs for it since no CVEs are assigned (yet) to clearly identify the issues (cloning this bug report to three bugs). See: https://about.gitlab.com/2018/04/04/security-release-gitlab-10-dot-6-dot-3-released/ Regards, Salvatore
