[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for gitlab issues

Salvatore Bonaccorso carnil at debian.org
Tue Jun 4 21:23:41 BST 2019 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
532e2c35 by Salvatore Bonaccorso at 2019-06-04T20:23:04Z
Add Debian bug reference for gitlab issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -599,27 +599,27 @@ CVE-2019-12447 (An issue was discovered in GNOME gvfs 1.29.4 through 1.41.2. dae
 	NOTE: https://gitlab.gnome.org/GNOME/gvfs/commit/3895e09d784ebec0fbc4614d5c37068736120e1d
 CVE-2019-12446 [Repository Password Disclosed on Import Error Page]
 	RESERVED
-	- gitlab <unfixed>
+	- gitlab <unfixed> (bug #930004)
 	NOTE: https://about.gitlab.com/2019/06/03/security-release-gitlab-11-dot-11-dot-1-released/
 CVE-2019-12445 [Stored Cross-Site Scripting on Notes]
 	RESERVED
-	- gitlab <unfixed>
+	- gitlab <unfixed> (bug #930004)
 	NOTE: https://about.gitlab.com/2019/06/03/security-release-gitlab-11-dot-11-dot-1-released/
 CVE-2019-12444 [Stored Cross-Site Scripting on Wiki Pages]
 	RESERVED
-	- gitlab <unfixed>
+	- gitlab <unfixed> (bug #930004)
 	NOTE: https://about.gitlab.com/2019/06/03/security-release-gitlab-11-dot-11-dot-1-released/
 CVE-2019-12443 [Server-Side Request Forgery Through DNS Rebinding]
 	RESERVED
-	- gitlab <unfixed>
+	- gitlab <unfixed> (bug #930004)
 	NOTE: https://about.gitlab.com/2019/06/03/security-release-gitlab-11-dot-11-dot-1-released/
 CVE-2019-12442 [Stored Cross-Site Scripting Vulnerability on Child Epics]
 	RESERVED
-	- gitlab <unfixed>
+	- gitlab <unfixed> (bug #930004)
 	NOTE: https://about.gitlab.com/2019/06/03/security-release-gitlab-11-dot-11-dot-1-released/
 CVE-2019-12441 [Protected Branches Restriction Rules Bypass]
 	RESERVED
-	- gitlab <unfixed>
+	- gitlab <unfixed> (bug #930004)
 	NOTE: https://about.gitlab.com/2019/06/03/security-release-gitlab-11-dot-11-dot-1-released/
 CVE-2019-12440 (The Sitecore Rocks plugin before 2.1.149 for Sitecore allows an unauth ...)
 	TODO: check
@@ -633,19 +633,19 @@ CVE-2019-12435
 	RESERVED
 CVE-2019-12434 [Private Project Discovery via Comment Links]
 	RESERVED
-	- gitlab <unfixed>
+	- gitlab <unfixed> (bug #930004)
 	NOTE: https://about.gitlab.com/2019/06/03/security-release-gitlab-11-dot-11-dot-1-released/
 CVE-2019-12433 [Internal Projects Allowed to Be Created on in Private Groups]
 	RESERVED
-	- gitlab <unfixed>
+	- gitlab <unfixed> (bug #930004)
 	NOTE: https://about.gitlab.com/2019/06/03/security-release-gitlab-11-dot-11-dot-1-released/
 CVE-2019-12432 [Confidential Issue Titles Revealed to Restricted Users on Unsubscribe]
 	RESERVED
-	- gitlab <unfixed>
+	- gitlab <unfixed> (bug #930004)
 	NOTE: https://about.gitlab.com/2019/06/03/security-release-gitlab-11-dot-11-dot-1-released/
 CVE-2019-12431 [Disclosure of Milestone Metadata through the Search API]
 	RESERVED
-	- gitlab <unfixed>
+	- gitlab <unfixed> (bug #930004)
 	NOTE: https://about.gitlab.com/2019/06/03/security-release-gitlab-11-dot-11-dot-1-released/
 CVE-2019-12430 [Remote Command Execution Vulnerability on Repository Download Feature]
 	RESERVED
@@ -657,7 +657,7 @@ CVE-2019-12429 [Metadata of Confidential Issues Disclosed to Restricted Users]
 	NOTE: https://about.gitlab.com/2019/06/03/security-release-gitlab-11-dot-11-dot-1-released/
 CVE-2019-12428 [Mandatory External Authentication Provider Sign-In Restrictions Bypass]
 	RESERVED
-	- gitlab <unfixed>
+	- gitlab <unfixed> (bug #930004)
 	NOTE: https://about.gitlab.com/2019/06/03/security-release-gitlab-11-dot-11-dot-1-released/
 CVE-2019-12427
 	RESERVED



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/532e2c358427041797fc3b42b3bb7a41d8b0f47a

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/532e2c358427041797fc3b42b3bb7a41d8b0f47a
You're receiving this email because of your account on salsa.debian.org.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190604/4a28d332/attachment-0001.html>

More information about the debian-security-tracker-commits mailing list