[Git][security-tracker-team/security-tracker][master] Add tracking of gitlab fixes via experimental for later merge

Salvatore Bonaccorso carnil at debian.org
Fri Nov 29 09:06:24 GMT 2019 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
b9152676 by Salvatore Bonaccorso at 2019-11-29T09:05:49Z
Add tracking of gitlab fixes via experimental for later merge

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -464,6 +464,7 @@ CVE-2019-19261 [DNS Rebind SSRF in various chat notifications]
 	NOTE: https://about.gitlab.com/blog/2019/11/27/security-release-gitlab-12-5-1-released/
 CVE-2019-19260 [Former project members able to access repository information]
 	RESERVED
+	[experimental] - gitlab 12.2.9-5
 	- gitlab <unfixed>
 	- gitlab-workhorse 8.8.1+debian-3
 	[experimental] - gitaly 1.65.2+dfsg-1
@@ -479,6 +480,7 @@ CVE-2019-19258 [Branches and Commits exposed to Guest members via integration]
 	NOTE: https://about.gitlab.com/blog/2019/11/27/security-release-gitlab-12-5-1-released/
 CVE-2019-19257 [Exposure of related branch names]
 	RESERVED
+	[experimental] - gitlab 12.2.9-5
 	- gitlab <unfixed>
 	NOTE: https://about.gitlab.com/blog/2019/11/27/security-release-gitlab-12-5-1-released/
 CVE-2019-19256 [Disclosure of vulnerability status in dependency list]
@@ -491,6 +493,7 @@ CVE-2019-19255 [Todos created for former project members]
 	NOTE: https://about.gitlab.com/blog/2019/11/27/security-release-gitlab-12-5-1-released/
 CVE-2019-19254 [Disclosure of commit count in Cycle Analytics]
 	RESERVED
+	[experimental] - gitlab 12.2.9-5
 	- gitlab <unfixed>
 	NOTE: https://about.gitlab.com/blog/2019/11/27/security-release-gitlab-12-5-1-released/
 CVE-2019-19253



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/b915267675b5c450b25ff230be33cde7bab04460

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/b915267675b5c450b25ff230be33cde7bab04460
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20191129/af758ee1/attachment.html>

More information about the debian-security-tracker-commits mailing list