[Git][security-tracker-team/security-tracker][master] Add tracking bug for gitlab issues unfixed in both experimental and unstable
Salvatore Bonaccorso
carnil at debian.org
Sat Aug 3 14:50:10 BST 2019
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
cf0a1a4f by Salvatore Bonaccorso at 2019-08-03T13:49:27Z
Add tracking bug for gitlab issues unfixed in both experimental and unstable
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -25475,15 +25475,15 @@ CVE-2019-5471 [Persistent XSS via Email]
NOTE: https://about.gitlab.com/2019/07/29/security-release-gitlab-12-dot-1-dot-2-released/
CVE-2019-5470 [Information Disclosure Vulnerability Feedback]
RESERVED
- - gitlab <unfixed>
+ - gitlab <unfixed> (bug #933785)
NOTE: https://about.gitlab.com/2019/07/29/security-release-gitlab-12-dot-1-dot-2-released/
CVE-2019-5469 [Arbitrary File Upload via Import Project Archive]
RESERVED
- - gitlab <unfixed>
+ - gitlab <unfixed> (bug #933785)
NOTE: https://about.gitlab.com/2019/07/29/security-release-gitlab-12-dot-1-dot-2-released/
CVE-2019-5468 [User Revokation Bypass with Mattermost Integration]
RESERVED
- - gitlab <unfixed>
+ - gitlab <unfixed> (bug #933785)
NOTE: https://about.gitlab.com/2019/07/29/security-release-gitlab-12-dot-1-dot-2-released/
CVE-2019-5467 [Persistent XSS Wiki Pages]
RESERVED
@@ -25492,27 +25492,27 @@ CVE-2019-5467 [Persistent XSS Wiki Pages]
NOTE: https://about.gitlab.com/2019/07/29/security-release-gitlab-12-dot-1-dot-2-released/
CVE-2019-5466 [IDOR Label Name Enumeration]
RESERVED
- - gitlab <unfixed>
+ - gitlab <unfixed> (bug #933785)
NOTE: https://about.gitlab.com/2019/07/29/security-release-gitlab-12-dot-1-dot-2-released/
CVE-2019-5465 [Information Disclosure New Issue ID]
RESERVED
- - gitlab <unfixed>
+ - gitlab <unfixed> (bug #933785)
NOTE: https://about.gitlab.com/2019/07/29/security-release-gitlab-12-dot-1-dot-2-released/
CVE-2019-5464 [SSRF Mitigation Bypass]
RESERVED
- - gitlab <unfixed>
+ - gitlab <unfixed> (bug #933785)
NOTE: https://about.gitlab.com/2019/07/29/security-release-gitlab-12-dot-1-dot-2-released/
CVE-2019-5463 [Build Status Disclosure]
RESERVED
- - gitlab <unfixed>
+ - gitlab <unfixed> (bug #933785)
NOTE: https://about.gitlab.com/2019/07/29/security-release-gitlab-12-dot-1-dot-2-released/
CVE-2019-5462 [Trigger Token Impersonation]
RESERVED
- - gitlab <unfixed>
+ - gitlab <unfixed> (bug #933785)
NOTE: https://about.gitlab.com/2019/07/29/security-release-gitlab-12-dot-1-dot-2-released/
CVE-2019-5461 [GitHub Integration SSRF]
RESERVED
- - gitlab <unfixed>
+ - gitlab <unfixed> (bug #933785)
NOTE: https://about.gitlab.com/2019/07/29/security-release-gitlab-12-dot-1-dot-2-released/
CVE-2019-5460 (Double Free in VLC versions <= 3.0.6 leads to a crash. ...)
TODO: check
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/cf0a1a4fbb309a29e6a0ce89699fb407785b40d1
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/cf0a1a4fbb309a29e6a0ce89699fb407785b40d1
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190803/9d0d145a/attachment-0001.html>
More information about the debian-security-tracker-commits
mailing list