[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for gitlab issues

[Salvatore Bonaccorso]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
f8c9fb79 by Salvatore Bonaccorso at 2019-04-05T21:44:39Z
Add Debian bug reference for gitlab issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -641,7 +641,7 @@ CVE-2019-10641
 	RESERVED
 CVE-2019-10640 [DoS potential for regex in CI/CD refs]
 	RESERVED
-	- gitlab <unfixed>
+	- gitlab <unfixed> (bug #926482)
 	NOTE: https://about.gitlab.com/2019/04/01/security-release-gitlab-11-dot-9-dot-4-released/
 CVE-2019-10639
 	RESERVED
@@ -1743,11 +1743,11 @@ CVE-2019-10117 [Recurity assessment: open redirect]
 	NOTE: https://about.gitlab.com/2019/04/01/security-release-gitlab-11-dot-9-dot-4-released/
 CVE-2019-10116 [Related branches visible in issues for guests]
 	RESERVED
-	- gitlab <unfixed>
+	- gitlab <unfixed> (bug #926482)
 	NOTE: https://about.gitlab.com/2019/04/01/security-release-gitlab-11-dot-9-dot-4-released/
 CVE-2019-10115 [Guest users of private projects have access to releases]
 	RESERVED
-	- gitlab <unfixed>
+	- gitlab <unfixed> (bug #926482)
 	NOTE: https://about.gitlab.com/2019/04/01/security-release-gitlab-11-dot-9-dot-4-released/
 CVE-2019-10114 [Recurity assessment: information exposure through timing discrepancy]
 	RESERVED
@@ -1755,7 +1755,7 @@ CVE-2019-10114 [Recurity assessment: information exposure through timing discrep
 	NOTE: https://about.gitlab.com/2019/04/01/security-release-gitlab-11-dot-9-dot-4-released/
 CVE-2019-10113 [DoS potential on project languages page]
 	RESERVED
-	- gitlab <unfixed>
+	- gitlab <unfixed> (bug #926482)
 	NOTE: https://about.gitlab.com/2019/04/01/security-release-gitlab-11-dot-9-dot-4-released/
 CVE-2019-10112 [Recurity assessment: loginState HMAC issues]
 	RESERVED
@@ -1763,15 +1763,15 @@ CVE-2019-10112 [Recurity assessment: loginState HMAC issues]
 	NOTE: https://about.gitlab.com/2019/04/01/security-release-gitlab-11-dot-9-dot-4-released/
 CVE-2019-10111 [Persistent XSS at merge request resolve conflicts]
 	RESERVED
-	- gitlab <unfixed>
+	- gitlab <unfixed> (bug #926482)
 	NOTE: https://about.gitlab.com/2019/04/01/security-release-gitlab-11-dot-9-dot-4-released/
 CVE-2019-10110 [Improper authorization control "move issue"]
 	RESERVED
-	- gitlab <unfixed>
+	- gitlab <unfixed> (bug #926482)
 	NOTE: https://about.gitlab.com/2019/04/01/security-release-gitlab-11-dot-9-dot-4-released/
 CVE-2019-10109 [EXIF geolocation data not stripped from uploaded images]
 	RESERVED
-	- gitlab <unfixed>
+	- gitlab <unfixed> (bug #926482)
 	NOTE: https://about.gitlab.com/2019/04/01/security-release-gitlab-11-dot-9-dot-4-released/
 CVE-2019-10108 [IDOR labels of private projects/groups]
 	RESERVED
@@ -67885,7 +67885,7 @@ CVE-2018-5158 (The PDF viewer does not sufficiently sanitize PostScript calculat
 	{DSA-4199-1 DLA-1376-1}
 	- firefox 60.0-1
 	- firefox-esr 52.8.0esr-1
-	- gitlab <unfixed>
+	- gitlab <unfixed> (bug #926482)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-11/#CVE-2018-5158
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5158
 	NOTE: https://about.gitlab.com/2019/04/01/security-release-gitlab-11-dot-9-dot-4-released/



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/f8c9fb79283d8bccb6d9d5359ab575eff2172458

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/f8c9fb79283d8bccb6d9d5359ab575eff2172458
You're receiving this email because of your account on salsa.debian.org.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190405/0a881e2a/attachment.html>