[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add new gitlab issues

Salvatore Bonaccorso carnil at debian.org
Thu Apr 5 05:44:50 BST 2018


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
38c37202 by Salvatore Bonaccorso at 2018-04-05T06:44:32+02:00
Add new gitlab issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -1,3 +1,12 @@
+CVE-2018-XXXX [Persistent XSS in filename of merge request]
+	- gitlab <unfixed> (bug #894869)
+	NOTE: https://about.gitlab.com/2018/04/04/security-release-gitlab-10-dot-6-dot-3-released/
+CVE-2018-XXXX [Persistent XSS in milestones data-milestone-id]
+	- gitlab <unfixed> (bug #894868)
+	NOTE: https://about.gitlab.com/2018/04/04/security-release-gitlab-10-dot-6-dot-3-released/
+CVE-2018-XXXX [Confidential issue comments in Slack, Mattermost, and webhook integrations]
+	- gitlab <unfixed> (bug #894867)
+	NOTE: https://about.gitlab.com/2018/04/04/security-release-gitlab-10-dot-6-dot-3-released/
 CVE-2018-9285 (Main_Analysis_Content.asp in /apply.cgi on ASUS RT-AC66U, RT-AC68U, ...)
 	NOT-FOR-US: ASUS
 CVE-2018-9284 (authentication.cgi on D-Link DIR-868L devices with Singapore StarHub ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/38c372028bfbed9aad5772afc92d28ef2ac46e0f

---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/38c372028bfbed9aad5772afc92d28ef2ac46e0f
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/secure-testing-commits/attachments/20180405/1c97aaf9/attachment.html>


More information about the debian-security-tracker-commits mailing list