[Git][security-tracker-team/security-tracker][master] Add CVE-2019-7549/gitlab

Salvatore Bonaccorso carnil at debian.org
Thu May 30 09:10:13 BST 2019



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
0504b02e by Salvatore Bonaccorso at 2019-05-30T08:09:36Z
Add CVE-2019-7549/gitlab

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -12798,7 +12798,8 @@ CVE-2019-7551 (Cantemo Portal before 3.2.13, 3.3.x before 3.3.8, and 3.4.x befor
 CVE-2019-7550 (In JForum 2.1.8, an unauthenticated, remote attacker can enumerate whe ...)
 	NOT-FOR-US: JForum
 CVE-2019-7549 (An issue was discovered in GitLab Community and Enterprise Edition 10. ...)
-	TODO: check
+	- gitlab 11.5.10+dfsg-1 (bug #921059)
+	NOTE: https://about.gitlab.com/2019/01/31/security-release-gitlab-11-dot-7-dot-3-released/
 CVE-2019-7548 (SQLAlchemy 1.2.17 has SQL Injection when the group_by parameter can be ...)
 	{DLA-1718-1}
 	[experimental] - sqlalchemy 1.3.0~b3+ds1-1



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/0504b02e6def999c2c35617b2c0314543d802b97

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/0504b02e6def999c2c35617b2c0314543d802b97
You're receiving this email because of your account on salsa.debian.org.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190530/29f71dd7/attachment-0001.html>


More information about the debian-security-tracker-commits mailing list