[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add new gitlab issues
Salvatore Bonaccorso
carnil at debian.org
Thu Apr 5 05:44:50 BST 2018
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
38c37202 by Salvatore Bonaccorso at 2018-04-05T06:44:32+02:00
Add new gitlab issues
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -1,3 +1,12 @@
+CVE-2018-XXXX [Persistent XSS in filename of merge request]
+ - gitlab <unfixed> (bug #894869)
+ NOTE: https://about.gitlab.com/2018/04/04/security-release-gitlab-10-dot-6-dot-3-released/
+CVE-2018-XXXX [Persistent XSS in milestones data-milestone-id]
+ - gitlab <unfixed> (bug #894868)
+ NOTE: https://about.gitlab.com/2018/04/04/security-release-gitlab-10-dot-6-dot-3-released/
+CVE-2018-XXXX [Confidential issue comments in Slack, Mattermost, and webhook integrations]
+ - gitlab <unfixed> (bug #894867)
+ NOTE: https://about.gitlab.com/2018/04/04/security-release-gitlab-10-dot-6-dot-3-released/
CVE-2018-9285 (Main_Analysis_Content.asp in /apply.cgi on ASUS RT-AC66U, RT-AC68U, ...)
NOT-FOR-US: ASUS
CVE-2018-9284 (authentication.cgi on D-Link DIR-868L devices with Singapore StarHub ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/38c372028bfbed9aad5772afc92d28ef2ac46e0f
---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/38c372028bfbed9aad5772afc92d28ef2ac46e0f
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/secure-testing-commits/attachments/20180405/1c97aaf9/attachment.html>
More information about the debian-security-tracker-commits
mailing list