[Git][security-tracker-team/security-tracker][master] Track gitlab/11.10.8 upload to experimental for easier merge fixing version...

[Salvatore Bonaccorso]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
391e82c8 by Salvatore Bonaccorso at 2019-07-07T08:41:56Z
Track gitlab/11.10.8 upload to experimental for easier merge fixing version once uploaded to unstable again

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -609,6 +609,7 @@ CVE-2019-13122
 	RESERVED
 CVE-2019-13121 [SSRF Vulnerability in Project GitHub Integration]
 	RESERVED
+	[experimental] - gitlab 11.10.8+dfsg-1
 	- gitlab <unfixed>
 	NOTE: https://about.gitlab.com/2019/07/03/security-release-gitlab-12-dot-0-dot-3-released/
 CVE-2019-13120
@@ -889,14 +890,17 @@ CVE-2019-13013
 	RESERVED
 CVE-2019-13011 [Merge Request Template Name Disclosure]
 	RESERVED
+	[experimental] - gitlab 11.10.8+dfsg-1
 	- gitlab <unfixed>
 	NOTE: https://about.gitlab.com/2019/07/03/security-release-gitlab-12-dot-0-dot-3-released/
 CVE-2019-13010 [Decoding Color Codes Caused Reseource Depletion]
 	RESERVED
+	[experimental] - gitlab 11.10.8+dfsg-1
 	- gitlab <unfixed>
 	NOTE: https://about.gitlab.com/2019/07/03/security-release-gitlab-12-dot-0-dot-3-released/
 CVE-2019-13009 [Broken Access Control for the Content of Personal Snippets]
 	RESERVED
+	[experimental] - gitlab 11.10.8+dfsg-1
 	- gitlab <unfixed>
 	NOTE: https://about.gitlab.com/2019/07/03/security-release-gitlab-12-dot-0-dot-3-released/
 CVE-2019-13008
@@ -907,11 +911,12 @@ CVE-2019-13007 [Enabling One of the Service Templates Could Cause Resource Deple
 	NOTE: https://about.gitlab.com/2019/07/03/security-release-gitlab-12-dot-0-dot-3-released/
 CVE-2019-13006 [Number of Merge Requests was Accessible]
 	RESERVED
+	[experimental] - gitlab 11.10.8+dfsg-1
 	- gitlab <unfixed>
 	NOTE: https://about.gitlab.com/2019/07/03/security-release-gitlab-12-dot-0-dot-3-released/
 CVE-2019-13005 [Authorization Issues in GraphQL]
 	RESERVED
-	[experimental] - gitlab <unfixed>
+	[experimental] - gitlab 11.10.8+dfsg-1
 	- gitlab <not-affected> (Only affects 11.10 and later)
 	NOTE: https://about.gitlab.com/2019/07/03/security-release-gitlab-12-dot-0-dot-3-released/
 CVE-2019-13004 [Error Caused by Encoded Characters in Comments]
@@ -920,16 +925,17 @@ CVE-2019-13004 [Error Caused by Encoded Characters in Comments]
 	NOTE: https://about.gitlab.com/2019/07/03/security-release-gitlab-12-dot-0-dot-3-released/
 CVE-2019-13003 [Resource Exhaustion Attack]
 	RESERVED
+	[experimental] - gitlab 11.10.8+dfsg-1
 	- gitlab <unfixed>
 	NOTE: https://about.gitlab.com/2019/07/03/security-release-gitlab-12-dot-0-dot-3-released/
 CVE-2019-13002 [Recent Pipeline Information Disclosed to Unauthorised Users]
 	RESERVED
-	[experimental] - gitlab <unfixed>
+	[experimental] - gitlab 11.10.8+dfsg-1
 	- gitlab <not-affected> (Only affects 11.10 and later)
 	NOTE: https://about.gitlab.com/2019/07/03/security-release-gitlab-12-dot-0-dot-3-released/
 CVE-2019-13001 [Ability to Write a Note to a Private Snippet]
 	RESERVED
-	[experimental] - gitlab <unfixed>
+	[experimental] - gitlab 11.10.8+dfsg-1
 	- gitlab <not-affected> (Only affects 11.9 and later)
 	NOTE: https://about.gitlab.com/2019/07/03/security-release-gitlab-12-dot-0-dot-3-released/
 CVE-2019-13000



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/391e82c8218f689b1e5eb194dc8298bca040a3df

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/391e82c8218f689b1e5eb194dc8298bca040a3df
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190707/bcb67f8c/attachment-0001.html>